~alpine/devel

[alpine-devel] Hardened kernels 4.9.65-r0 are actually 4.9.59

Jack Schmidt <busybox@mowsey.org>
Details
Message ID
<D7B4BDC7-C399-4633-B5AF-5644386D81F3@mowsey.org>
Sender timestamp
1511641139
DKIM signature
missing
Download raw message
Patch: +1 -1
I noticed the recently released (virt)hardened kernels (4.9.65) appear to have been patched back to 4.9.59.

The hardened-3.1-4.9.65-201704252333-alpine.patch appears to mostly revert the source back 4.9.59 (I spot checked 5 or 6 changes in 4.9.64--4.9.65, and all were reverted).

diff --git a/Makefile b/Makefile
index 87a641515e9c..a545aa72ca4f 100644
--- a/Makefile
+++ b/Makefile
@@ -1,6 +1,6 @@
VERSION = 4
PATCHLEVEL = 9
SUBLEVEL = 65
SUBLEVEL = 59
EXTRAVERSION =
NAME = Roaring Lionus

The distributed apks have the wrong modules directory:

http://dl-cdn.alpinelinux.org/alpine/edge/main/x86_64/linux-hardened-4.9.65-r0.apk
http://dl-cdn.alpinelinux.org/alpine/edge/main/x86_64/linux-virthardened-4.9.65-r0.apk

$ apk info -W /lib/modules/4.9.59-0-*hardened/modules.builtin
/lib/modules/4.9.59-0-hardened/modules.builtin is owned by linux-hardened-4.9.65-r0
/lib/modules/4.9.59-0-virthardened/modules.builtin is owned by linux-virthardened-4.9.65-r0

Looking in the module, it seems like they really are 4.9.59 modules:

$ strings /lib/modules/4.9.59-0-virthardened/kernel/kernel/configs.ko | grep vermagic
vermagic=4.9.59-0-virthardened SMP mod_unload modversions KERNEXEC_BTS RAP REFCOUNT GRSEC
__UNIQUE_ID_vermagic12

Similarly, the kernel reports as 4.9.59, and does not appear to have 4.9.65 bugfixes.


Unrelated, but maybe important for 3.7 RC matters: a few of the mirrors are a bit stale. This can also be helpful if someone needs to downgrade a kernel (mirror.aarnet.edu.au for example still has the 4.9.63-r0 kernels)

mirror -- last updated
dl-3  -- Nov 15th
dl-5  -- Oct 30th
mirror.rise.ph -- Oct 31st
mirror.aarnet.edu.au -- Nov 22nd

---
Unsubscribe:  alpine-devel+unsubscribe@lists.alpinelinux.org
Help:         alpine-devel+help@lists.alpinelinux.org
---
Reply to thread Export thread (mbox)