On Sat, 2017-08-26 at 11:48 +0200, Thomas Goirand wrote: > Dear Kernel maintainers, > > As you may know, it's been years that Ubuntu is shipping a kernel > designed for the cloud. Such a kernel is simply a version of the kernel > that is stripped down for running on VMs. The point here is that VMs do > not need all the drivers that we typically build for the generic Debian > kernel (and if one still needs it, a fallback to the generic kernel is > always possible). This makes the kernel binary package a lot smaller, > and also potentially reduces the surface of attack in case of a security > problem. For example, we wouldn't need ax25, appletalk and such, which > are unfortunately automatically loaded in case matching packets are > received by the kernel, They aren't. Ben. > and which have been proven to be problematic in > terms of security maintenance. Most hardware drivers would also go away. > > Since it is only a mater of *removing* some modules, I don't think > adding a cloud / VM kernel flavor would be a lot of maintenance. Though > of course, as I wouldn't be the one doing it, it is not up to me to > judge the amount of work. > > Could we see this happening in Debian? Please let us know your thoughts. > > Cheers, > > Thomas Goirand (zigo) > -- Ben Hutchings One of the nice things about standards is that there are so many of them.
Attachment:
signature.asc
Description: This is a digitally signed message part