Let's say that i found the codebase for a specific Kernel module.
I would like to perform software checks, i.e., from a security standpoint of said module.
Q1:
Should i compile the module from scratch and insert it in an existing Kernel, i.e., the latest Ubuntu for example,
or
should i use the distribution's packaged version?
Q2:
Furthermore, should I compile a standalone Kernel as well as the Module together, and add any Debugging Flags?
Q3:
What kind of Debugging Flags should i include?
Are these specific to the module or are there any options that i should include in the kernel itself? The kernel configuration file that i know of can be found under: /boot/config/${uname -r}/ and that one is the clone of /usr/lib/modules/${uname -r}/build/.config
Q4:
To my understanding, I can obtain information regarding Kernel Module output by issuing something like:
journalctl --since "1 hour ago" | grep "kernel"
or
by checking the following files:
/var/log/kern
/var/log/syslog
/var/log/messages
/var/log/daemon.log
Is there any other source of information I should consider?
What do you think I should do? How should I approach this?
Aucun commentaire:
Enregistrer un commentaire