Announcement

Collapse
No announcement yet.

GNU Linux-libre 6.11 Makes Adaptations For Rust, Warns Of Hidden Binary Bits In v6.11

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #21
    Originally posted by intelfx View Post

    What you describe already exists and is called linux-firmware.git. This article is about something else though, much less practically justifiable.
    But it is practically justifiable: I don't see why I would want impossible-to-peer-review executable code (binary bits) in the OS kernel for device drivers I am never going to need in a VM/EC2 instance/container setting.

    Comment


    • #22
      Originally posted by kurkosdr View Post
      But it is practically justifiable: I don't see why I would want impossible-to-peer-review executable code (binary bits) in the OS kernel for device drivers I am never going to need in a VM/EC2 instance/container setting.
      So do a custom kernel config and strip the ones you don't need out of it. That's exactly what I do.

      Comment


      • #23
        Originally posted by WileEPyote View Post
        So do a custom kernel config and strip the ones you don't need out of it. That's exactly what I do.
        I want all the impossible-to-peer-review executable code (binary bits) out, and the Linux-libre guys have already done the work for me.

        Comment


        • #24
          Originally posted by kurkosdr View Post
          I want all the impossible-to-peer-review executable code (binary bits) out, and the Linux-libre guys have already done the work for me.
          More power to you.

          I want all the features and performance of my hardware. If it take bins, so be it.

          Comment


          • #25
            Originally posted by WileEPyote View Post

            More power to you.

            I want all the features and performance of my hardware. If it take bins, so be it.
            Sure, my point is why so many people accept the security risk of binary blobs in environments it isn't needed (EC2 instances/VMs/containers), but that's inertia, I guess.

            Comment


            • #26
              Originally posted by kurkosdr View Post

              Sure, my point is why so many people accept the security risk of binary blobs in environments it isn't needed (EC2 instances/VMs/containers), but that's inertia, I guess.
              In those situations, I would likely either compile a kernel specifically for that need, just use this kernel, or maybe even do a custom config of this kernel.. I tend to run almost everything bare metal though.

              I'm not saying there aren't use cases for it Just saying that if I want my hardware to work to it's full potential, I have to have the blobs. If there was a way around that that did everything the bin does, I would definitely use it.

              Comment

              Working...
              X