[CentOS] Kernel live patching on CentOS Stream 9

Fri Jan 14 15:19:48 UTC 2022
Gionatan Danti <g.danti at assyoma.it>

Il 2022-01-14 15:30 Johnny Hughes ha scritto:
> No .. none of the CentOS Kernels were EVER binary compatible with any
> RHEL kernel.
> CentOS Linux has always been (now also including CentOS Stream 8 and
> 9) a completely separate 'closed' build system.
> We use the SAME source code to build things, modified to remove
> branding.  But CentOS has NEVER been (nor is any other rebuild
> distribution now) Binary Compatible.
> Want to see how .. just extract two rpms with the same name from two
> different distributions into separate directories and run a sha256sum
> on all the files in the different directories with find command.  Some
> files may be identical (most text files that are copied), others will
> not be.
> It is virtually impossible for all produced packages to be 'binary
> compatible' UNLESS they are built with exact the same files (not files
> BUILT fromt he same sources .. the exact same files) in the build root
> AND with exactly the same software doing the building.  Any group that
> claims 'binary compatibility' is either lying or they do not
> understand compiling and linking.
> CentOS never had that.  Neither does any rebuild.
> This is why the CentOS Project 'CHANGED' our term from binary
> compatible to 'Functionally Compatible' a long time ago.  (Using same
> source code, we produce DIFFERENT software .. that works the same way
> but has different SHASUM values.  Don't be fooled by key words like
> 'binary compatible' .. check it out for yourself.
> If you build kpatches to kernels, to make them work you need to build
> the kpatch for the specific kernel (CentOS would need to build against
> CentOS kernels, etc).  Also, there are the certificate signing issues
> and keys that you would need to take into account.  You need to have
> the CA Trust to be able to create signatures that the system will
> allow.
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> https://lists.centos.org/mailman/listinfo/centos

Thank you so much for the detailed explanation, very appreciated.

Danti Gionatan
Supporto Tecnico
Assyoma S.r.l. - www.assyoma.it
email: g.danti at assyoma.it - info at assyoma.it
GPG public key ID: FF5F32A8