Switching to vanilla kernel - pros and cons?


  1. What exactly does openSUSE patch in the kernel and why?
  2. What would be the pros and cons of switching to vanilla kernel?

I was told to not run a vanilla kernel during the Mandrake/Mandriva days, but I did anyway, and never had any problems. You can always try.

Thanks for sharing experience but which of the 2 questions does that answer? :slight_smile:

There’s a lot the SUSE devs ( since the Leap kernel comes from SUSE’s share code base ) fix, patch. Bugs, security stuff, drivers and so on.

Running the vanilla kernel means you won’t get these. I don’t expect any issues, but one of the cons is that you’re on your own in case something does occur.

I wouldn’t see any pros.

Why aren’t those beneficial fixes propagated back to the vanilla code base?

I wouldn’t see any pros.

One of the pros I have been thinking about - the vanilla kernel has many more eyes on it compared to SUSE’s base (unless SUSE’s fixes are merged into vanilla), i.e. better community control.

Another thing: I don’t know if that is the case but some FOSS activists who talk about the so called libre-kernel (without binary blobs) would probably argue that SUSE may have included such blobs in the process of patching the kernel. I don’t know if vanilla (or SUSE’s) kernel has any such blobs, just wondering what the case might be.

I’ve only run a vanilla kernel when there was a reason to do so.

Many years ago, there were changes in how autofs was being re-implemented in the kernel(At the time all sorts of User Mode functionality was being moved into kernel space), and I needed to see if the new implementation was going to make a difference for what I was trying to do. At the time, the vanilla kernel gave me some insight that affected my planning and implementation.

I don’t know that I’d run a vanilla kernel without a reason, I personally would prefer to trust the work that goes into the openSUSE kernel which I feel is an additional combination of reliability, testing, patching and optimizing over what is the vanilla kernel.

I’d suspect that if you just want to take risks for no particular reason, running a vanilla kernel without a specific reason to do so can be done.
After all, what’s life without taking unnecessary risks? :slight_smile:


My understanding (hope I’m not incorrect) is that the openSUSE/SUSE kernel is based on the vanilla kernel, so the vanilla kernel might be a little bit ahead of the openSUSE/SUSE kernel, and does not have the modifications you’d see in the openSUSE/SUSE kernel.

When your openSUSE boots up, watch the stdout, you’ll see a number of kernel modifications which I assume are some of the openSUSE/SUSE kernel modifications.


The problem with that is that you don’t know what “risks” you are taking in either situation, unless you have personally inspected all patches and compared the results from them (which I doubt is humanly possible for a single person). So you are introducing trust for the sake of favoring one of two things without a factual basis, perhaps only based on preference or other indirect clues.

Yet the larger community of vanilla kernel is a fact.

So I wonder what makes you think you are “safer” with one risk than the other?


I don’t know how deep you are willing to go, but openSUSE source is, as the name implies, OPEN and can be inspected at https://build.opensuse.org/package/show/openSUSE:Leap:15.0/kernel-default

SUSE patches are here:

In my view there are no “secret” blobs, in fact some distro hoppers complain that openSUSE have too little proprietary stuff included in the distribution.
And the openSUSE kernel has those many community eyes on it plus some from SUSE / openSUSE community that insure that the packaged config, defaults etc. work well with libs and tools packaged with a specific release.

If that’s an issue for you, then you should add the kernel repo



and install the latest vanilla kernel from there.

As far as I know, most of the SUSE modifications of the kernel are backpatching security updates. That is, they take security changes from the latest kernel, and insert them into the current kernel. If you go with the vanilla kernel, then you lose those security fixes unless you are using the very latest vanilla kernel.

My understanding (again, I hope I’m correct) is that the openSUSE/SUSE kernel is supposed to be based on a vanilla release, so you’re building on a kernel with all vanilla contributions. If my understanding is true, then unless there is a mistake you can assume that the openSUSE/SUSE kernel is not less secure or optimized than vanilla.


Thanks. As I mentioned earlier it is not about want but about physical possibility. Inspecting thousands (perhaps even millions) of lines of code on a regular basis is a community scale effort.

In my view there are no “secret” blobs,

How do you know? I am not saying there are but have you checked?

in fact some distro hoppers complain that openSUSE have too little proprietary stuff included in the distribution.

Makes no sense. Why don’t they simply stick with proprietary OS?

Thanks for the info. So if I understand correctly SUSE takes from newer vanilla and patches an older vanilla. What would be the benefit of this compared to simply using vanilla and updating to it? Also where do you get this info?

As you mention security again - I think that in regards to it assumptions without verification could be dangerous. Perhaps if anyone who has looked into it can provide more facts. Of course I hope you are correct too and we can speculate and build logical mental structures but that would be nothing more than our imagination.

This is indeed the case. Quoting from the kernel-default.spec file:

Source0: http://www.kernel.org/pub/linux/kernel/v4.x/linux-%srcversion.tar.xz

I’m not going to argue any further. My personal experience is that if you file or help testing a few bugs that end up in the kernel area:

  • you interact with a handful of competent kernel specialists (not many distros out here can have such people readily available);
  • see those same people being among the key contributors to the vanilla kernel upstream;
  • you may be requested to install and test the vanilla kernel to understand if the problem comes from upstream or from one of the (open)SUSE patches (in fact the only instances in which I used the vanilla kernel);
  • see that bugfixes and patches of general interest are indeed submitted upstream, but weeks after they are available to openSUSE they may or may not be accepted since they might or might not be compatible with other distros using the upstream code.

That is enough for me to use an openSUSE kernel on an openSUSE OS, since in that OS context it is more, not less, than the upstream vanilla kernel.
But as usual Linux offers choice, so I’m not going to convince anybody to do the same. You could also use Linux From Scratch if you only trust upstream code.

WRT backporting practices, AFAIK the main reason is preserving the kernel ABI to ensure stability of basic code for some 3 yrs across minor releases (say 42.1 through 42.3); switching kernel version from, say, 4.x to 4.y cannot guarantee that and might break your custom code or tool chain. But since I’m no kernel developer I might be mistaken here.

Thanks for the additional info OrsoBruno.
I wasn’t looking for an argument but for facts.

LFS is something I am going to look into some day - not because of distrust to openSUSE but rather because it looks very interesting. I have also been curious about Gentoo recently. But of course all that needs a lot of time and I am very spoiled by Yast right now :slight_smile:

As for patches/development process - can you recommend any official log/rss feed which one can follow the development changes of both openSUSE and vanilla kernel? I mean - not the super detailed commits like “fix spelling in comment” or “change variable names to more readable” but the essential stuff (hopefully in a human language). Do you know about that?

You mean like these?

For openSUSE kernel info, start here…

[QUOTE=deano_ferrari;2874615]You mean like these?

Yes, thanks!

[QUOTE=deano_ferrari;2874616]For openSUSE kernel info, start here…
I am trying to find rss/atom feed for openSUSE’s kernel git but I can’t find any?