Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Mon 19 Feb 2018, 20:17
All times are UTC - 4
 Forum index » House Training » Users ( For the regulars )
How does one update the kernel on FatDog64 721?
Moderators: Flash, Ian, JohnMurga
Post new topic   Reply to topic View previous topic :: View next topic
Page 1 of 1 [5 Posts]  
Author Message
TTFOSS

Joined: 04 Feb 2018
Posts: 2

PostPosted: Sun 04 Feb 2018, 10:51    Post subject:  How does one update the kernel on FatDog64 721?
Subject description: Looking for a soultion to upgrade kernel
 

First of all Fatdog64 721 is the cleanest Puppy-inspired release I have seen since 2008.
It's so easy to create a new user and then surf as that user.


Something to bring to the attention of FatDog64 users and the developers.

RE spectre flaws - According to

linuxtoday.com/developer/linux-4.15-released.html

lkml.iu.edu/hypermail/linux/kernel/1801.3/02794.html


Quote:
"to actually get the biggest fix for the indirect branch mitigations, you need not just the kernel updates, you need to have a compiler with support for the "retpoline" indirect branch model."



The package
distro.ibiblio.org/fatdog/packages/720/gcc-full-4.8.3-x86_64-1.txz
was last updated 2016-8-24.

There is no way that the required retpoline modifications could have been added to that package back in 2016.

So the kernel code may have been updated but if the compiler has not been then you will not be getting the fixes you think should be there.

At least one other distro (AntiX) has the same problem.

Testing Fatdog64 721 with the script
https://github.com/speed47/spectre-meltdown-checker
reveals that only the meltdown flaw has been taken care of.


Question for the developers: Is there a straightforward way to update the kernel on a regular basis, preferably without compiling a new kernel each time?

It is doubtful that the FatDog developers have the time for a weekly rolling distro like Slitaz
mirror1.slitaz.org/iso/rolling/
So what options do concerned users have?

Once details of the recently discovered skyfall and solace flaws have been released then the kernels will have to be updated again.

2018 might be a tough year for kernel modifications. People might have to update the kernel on a weekly basis to protect themselves.


How was the FatDog64 721 kernel prepared? From source or from another distribution?

Now a few distributions like slackware, ubuntu, antiX and maybe others release binary packages on a regular basis.
Are any of these distros compatible with FatDog64 721 as far as the kernel/firmware is concerned?
Were any special modifications made to the FatDog kernel?

Can you provide some general instructions on how someone might incorporate one of these updated kernels into FatDog64?

I would be happy to test such a process/procedure and then expand any provided documentation which I would make available to all (provided I could get it to work). [I can document unpacking/modification/repacking the iso, initrd and sfs files]

Such a procedure might be very useful before the next release of FatDog64 and might also reduce the time developers have to spend on interim releases.


I do not wish to reopen discussions on whether spectre/meltdown flaws are any real concern.
Let's just note that some people are more concerned than others.


Thanks
Back to top
View user's profile Send private message 
drunkjedi


Joined: 24 May 2015
Posts: 708

PostPosted: Sun 04 Feb 2018, 15:04    Post subject:  

Hi, first of all this section of forum is for posting detailed howtos.

@Flash could you please move this to appropriate section?

@OP maybe following thread be of any use to you...
http://www.murga-linux.com/puppy/viewtopic.php?t=97273
Back to top
View user's profile Send private message 
kirk

Joined: 11 Nov 2005
Posts: 1518
Location: florida

PostPosted: Sun 04 Feb 2018, 15:32    Post subject:  

Quote:
distro.ibiblio.org/fatdog/packages/720/gcc-full-4.8.3-x86_64-1.txz
was last updated 2016-8-24.


That will not be updated until Fatdog64-800, work has started on that but it will be quite a while. When we replace gcc/libc everything is recompiled with it.

Quote:
Question for the developers: Is there a straightforward way to update the kernel on a regular basis, preferably without compiling a new kernel each time?


If we post an updated kernel at http://distro.ibiblio.org/fatdog/kernels/ then you can install it using the directions at http://distro.ibiblio.org/fatdog/web/faqs/kernel.html But we don't post updates that often.

Quote:
2018 might be a tough year for kernel modifications. People might have to update the kernel on a weekly basis to protect themselves.


Not for most users. If you have multiple untrusted users on your computer then yes, but for a single user home system, not so much. To exploit a kernel vulnerability an attacker first has to be able to execute arbitrary code on your system. For a "normal" Fatdog64 user there's basically two ways to achieve this:

1) Trick you into installing a program that has some malicious code. In this case you're pretty much done before you start.

2) Javascript in a web browser. This is the real place for the "normal" single user system user to be concerned about. The latest Firefox and Google-Chrome has mitigations for spectre. If you want to be very cautious, create a new user and only use that user for things like banking etc. Also, only have one tab/browser open at a time. There's also javascript blocking addons you can install.


Quote:
How was the FatDog64 721 kernel prepared? From source or from another distribution?


We build it. It's not based on any other distro. You can compile your own if you like. The config is in /proc/config.gz, and the only patches are AUFS. We also download git://git.kernel.org/pub/scm/linux/kernel/git/linville/wireless-regdb.git and replace <kernel source>/net/wireless/db.tx with that one.

Quote:
Can you provide some general instructions on how someone might incorporate one of these updated kernels into FatDog64?


No, it's very doubtful that their kernels would be compatible.
Back to top
View user's profile Send private message 
TTFOSS

Joined: 04 Feb 2018
Posts: 2

PostPosted: Mon 05 Feb 2018, 00:00    Post subject: Update the compiler for a new system  

@Kirk

Thank you for your detailed response. The information you provided will save me from heading down many dead-end paths.

So it might seem that if one wanted all of the new features of the most updated kernel fixes then one should focus on getting a new compilier & glibc (which would not be a trivial task)?

I will check for updates to the fatdog packages, esp for gcc.

Building a compiler from source code can be a tricky process [using the older version to build the latest version] . As a temporary short-term work around would I be able to copy (say) Slackware's binary version and use that [latest version of gcc] to start building other packages just to get an overall build process started?

Thanks again
Back to top
View user's profile Send private message 
kirk

Joined: 11 Nov 2005
Posts: 1518
Location: florida

PostPosted: Mon 05 Feb 2018, 20:12    Post subject:  

Quote:
So it might seem that if one wanted all of the new features of the most updated kernel fixes then one should focus on getting a new compilier & glibc (which would not be a trivial task)?


This will happen with Fatdog64-800. Updating gcc/libc is not a trivial thing to do. Many packages have to be rebuilt because the new libc/libstdc++ will cause breakage. Sometimes unexpected breakage, so we only update gcc when we do a full rebuild. Not to say it's not possible, just problematic. This situation is supposed to be better when upgrading from gcc 5.x or newer.
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 1 of 1 [5 Posts]  
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » House Training » Users ( For the regulars )
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0666s ][ Queries: 11 (0.0079s) ][ GZIP on ]