On 04/08/2017 06:42 PM, WillyPillow wrote: > > I posted something similar in the coldkernel thread a few months ago.. > The fastest way is actually just to apt install busybox ;) > > --WillyPillow
Man, how did I miss that?? Well, the only thing left is getting it to run under dom0, I guess. I actually tried a couple of months ago, merging both the gresecurity patches, and the patches that Qubes uses, but it kernel panicked on boot and I didn't investigate any further than that and instead just choose to run Kernel 4.10 on my machines. It might be worth revisiting, I suppose. But I wonder if all those Xen patches really needed? I mean, some of them are for XSAs that are pretty old, and while most of them still patch in, I'd assume that the later kernel versions would have already included them or similar mitigations?? Or if not, why haven't they been ported to upstream by now? I mean, these coldkernels run fine in VMs without the Qubes patches so I'm a little confused on what they do and whether or not they're really necessary. I've just been applying them to my dom0 4.10 kernels out of habit, but it gets tricky when trying to apply them *after* applying the grsecurity patches since after that, each Xen/Qubes kernel patch pretty much has to be applied manually since a lot of the files get changed because of grsecurity. -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/occ3ju%24gja%241%40blaine.gmane.org. For more options, visit https://groups.google.com/d/optout.
