Kernel Implosion - support needed

Please help, docs unclear - mind imploded - split from Major UX Pain Points - #19 by Quser59

Anybody else clear on the Kernel Documentation?

Above just isn’t that clear to me.

I have read snippets from github and the mailing lists of a more abstract overview of custom kernels, but it seemed conflicting, and the docs and github just refer you to mailing list users who’ve tried to hack custom kernels, instead of providing proper documentation references.

I don’t want to go off-topic, maybe this isn’t UX related as such, but given the lack of documentation and differing advice across different qubes channels, I’m no longer clear.
1) Are there security implications to custom kernels? (i.e. is there a super duper modification in dom0 that can only work with fedora kernel and I would have to manually migrate this to my custom kernel?)
2) (really what I’m lacking, which would answer the question) - What is Qubes actually doing to the kernel? What modifications are being made? What does it need to function (respective parts - xen, qubes packages/interfaces)?

Really 2), answers 1). I’ve read that some custom modifications are made to dom0 kernel which make it difficult to change dom0 distro (but apparently new&upcoming qubes APIs make this less of an issue?). I understand the abstracts of kernels, and I understand the abstracts of Qubes. What I do not understand is what Qubes needs in a Kernel (in dom0, and in a VM), for xen, interVM comms - to work with various qubes packages, etc.

If I understood this, I could then go an build a custom kernel. Idk about anyone else, but I find forraging for custom kernel building docs easier than understanding what Qubes needs kernel wise, and what the implications are.

I find your post unclear. :slight_smile:

There’s a difference between dom0 kernels and vm-kernels provided by
dom0.
Some of your comments relate to the dom0 kernel, but the documentation
you refer to relates to vm-kernels.

There are always implications in changing the default install.
But you have the advantage that if you break a qube you can always reset
the kernel at will, or move back to using the Qubes provided kernel.

The Qubes specific config can be found in linux-kernel, and it reads as
if you have already found that on GitHub.
What modifications do you want to make, and why?
You can always get the config in the qube, and use that as a starting point
for your changes, but I’m guessing you already know this?