Mail archive
alpine-devel

[alpine-devel] Hardened kernels 4.9.65-r0 are actually 4.9.59

From: Jack Schmidt <alpine_at_mowsey.org>
Date: Sat, 25 Nov 2017 16:08:26 -0500

I noticed the recently released (virt)hardened kernels (4.9.65) appear to have been patched back to 4.9.59.

The hardened-3.1-4.9.65-201704252333-alpine.patch appears to mostly revert the source back 4.9.59 (I spot checked 5 or 6 changes in 4.9.64--4.9.65, and all were reverted).

diff --git a/Makefile b/Makefile
index 87a641515e9c..a545aa72ca4f 100644
--- a/Makefile
+++ b/Makefile
_at_@ -1,6 +1,6 @@
VERSION = 4
PATCHLEVEL = 9
-SUBLEVEL = 65
+SUBLEVEL = 59
EXTRAVERSION =
NAME = Roaring Lionus

The distributed apks have the wrong modules directory:

http://dl-cdn.alpinelinux.org/alpine/edge/main/x86_64/linux-hardened-4.9.65-r0.apk
http://dl-cdn.alpinelinux.org/alpine/edge/main/x86_64/linux-virthardened-4.9.65-r0.apk

$ apk info -W /lib/modules/4.9.59-0-*hardened/modules.builtin
/lib/modules/4.9.59-0-hardened/modules.builtin is owned by linux-hardened-4.9.65-r0
/lib/modules/4.9.59-0-virthardened/modules.builtin is owned by linux-virthardened-4.9.65-r0

Looking in the module, it seems like they really are 4.9.59 modules:

$ strings /lib/modules/4.9.59-0-virthardened/kernel/kernel/configs.ko | grep vermagic
vermagic=4.9.59-0-virthardened SMP mod_unload modversions KERNEXEC_BTS RAP REFCOUNT GRSEC
__UNIQUE_ID_vermagic12

Similarly, the kernel reports as 4.9.59, and does not appear to have 4.9.65 bugfixes.


Unrelated, but maybe important for 3.7 RC matters: a few of the mirrors are a bit stale. This can also be helpful if someone needs to downgrade a kernel (mirror.aarnet.edu.au for example still has the 4.9.63-r0 kernels)

mirror -- last updated
dl-3 -- Nov 15th
dl-5 -- Oct 30th
mirror.rise.ph -- Oct 31st
mirror.aarnet.edu.au -- Nov 22nd



---
Unsubscribe:  alpine-devel+unsubscribe_at_lists.alpinelinux.org
Help:         alpine-devel+help_at_lists.alpinelinux.org
---
Received on Sat Nov 25 2017 - 16:08:26 GMT