On Thu, Mar 4, 2021 at 3:20 PM Kees Cook <keescook@xxxxxxxxxxxx> wrote:
>
> This seems fine to me, but I want to make sure Josh has somewhere to
> actually go with this. Josh, does this get you any closer? It sounds
> like the plugins need to move to another location for packaged kernels?
Well, it might be worth extending the stuff that gets installed with
/lib/modules/<kernel-version>/ with enough information and
infrastruvcture to then build any external modules.
Yeah, yeah, there's the /boot/config-<kernelversion> thing too, but
honestly, that probably shouldn't have been in /boot to begin with.
That, and the plugins - and possibly any hashes needed for randstruct
etc - might be good to squirrell away in a
/lib/modules/<kernelversion>/build/ subdirectory?
I dunno. I obviously don't build external modules to begin with, much
less with distro kernels...
Linus
