Build Linux Kernel 5.1.2

Some of you have probably noticed a security bulletin floating around. Basically you can send specially crafted packets to TCP port and gain remote code execution on Linux versions prior to 5.0.8

Compiling Linux 5.1.2. Easy enough.
[code]
wget lnkd.in/grP8_4M
unxz -v linux-5.1.2.tar.xz
wget lnkd.in/gN3Zmi5
gpg --verify linux-5.1.2.tar.sign
gpg --recv-keys 79BE3E4300411886
gpg --verify linux-5.1.2.tar.sign
tar xvf linux-5.1.2.tar
cd linux-5.1.2
cp -v /boot/config-$(uname -r) .config
apt-get install build-essential libncurses-dev bison flex libssl-dev libelf-dev
make menuconfig
#if you need to make changes do so otherwise just exit.
make

Attached: linuxpepe.png (883x1024, 105.14K)

Other urls found in this thread:

fsfla.org/ikiwiki/selibre/linux-libre/
linux-libre.fsfla.org/pub/linux-libre/freesh/
github.com/pimlie/ubuntu-mainline-kernel.sh
github.com/teejee2008/ukuu
twitter.com/SFWRedditVideos

Reported for CP.

install gentoo

Gentoo doesn't have this problem, didn't even have rds module compiled.

You don't need to recompile the entire kernel to fix an issue with a single module, dumbass.

Good intentions but we can do better.
fsfla.org/ikiwiki/selibre/linux-libre/
linux-libre.fsfla.org/pub/linux-libre/freesh/

C/C++ strikes again!

Or, for Ubuntu and derivatives
This github.com/pimlie/ubuntu-mainline-kernel.sh
Or this github.com/teejee2008/ukuu

That's a logical problem that will affect all languages. It is not a problem that's unique to C or C++.

Debian/Ubuntu users make up the majority of Linux users. I'd saying doing this in portage but Gentoo doesn't have this module compiled by default.


This!

I had to look this. I've never just swapped out modules and I don't know that much about Linux kernel. Hence I'm building one. What better excuse could one have? Technically what your are saying is true. People are saying it might run or might have compatibility issues between new module and older kernel. Also technically major Linux distros probably already have this patched so running update through whichever package manager you have will get it done.

Has anyone benefited from this post or is everyone on tech an advanced user?

Oh don't forget.
make modules_installmake install

You actually did it didn't you faggotnigger. Don't you have better shit to do than report the Linux cp command as CP. Faggotniggers everywhere.

just hack me then if its so easy. i have old kernels and a win2000 machine thats connected to the internet and has some open ports too and the program that listens on that port runs as admin.

Attached: 1536725739761.jpg (400x400, 7.95K)

Cnile spotted

You're right that this is a C/C++ problem. Weenies will once again find some way to blame the protocol and not the weenie "programmers" and piece of shit "language" it was written in, just like they blamed the finger protocol for the Morris worm caused by a buffer overflow because some weenie used gets() for network software.


There are languages that are completely immune to use-after-free bugs, and not just the ones with GC. There are also languages that prevent race conditions. This idea that computer networking is inherently dangerous is bullshit. It's not the packets that are the problem, it's shitty C code.

Date: Mon, 7 Jan 91 23:09:32 ESTSubject: What you once thought was a brain-dead misimplementation is now the protocol definition! or, Unix Historical Revisionism At Work Again, or, IETF-approved RFC1196 This whole thing is pretty sad, or pathetic, or depressingor something. Firstly, there's the rewriting of a protocol to conformto a ubiquitous misimplementation -- the unix story over andover. Then there's the growing Balkanisation (orMultics-ification) of the net -- I remember laughing outloud when I found that MIT-MULTICS refused finger service onsecurity grounds. Then, or course, there's the pathetic implementationalwarnings about how one should be very very careful inimplementing this sensitive and dangerous protocol -- as ifthis perilous protocol somehow innately offered a direct wayto shove fingers up unix' sockets. Or something.

based

[Laughs in Gentoo]

Attached: 2019-05-16T14_04_36.png (529x22, 6.48K)

You're the best poster on Zig Forums, don't let newfags tell you otherwise.

Attached: 1483182577323.png (529x466, 68.38K)

This is pathetic

based


based


unbased and gay

He's getting lazy these days. His posts grow less detailed and he's begun flat-out lying about basic stuff like static linking because no matter what he says, some faggot is going to call him based. Compared to his old posts and genuinely fascinating shit like the Multicians website, you're being fed slop and praising it because your chef wasn't always this lazy.
If you're actually interested in non-Unixy hardware and operating systems, there's a shitton of great websites out there and Youtube videos of eldery dudes demonstrating their old OSes in virtual machines. Why don't you check out those instead of waiting for some angry Zig Forums boomer to dripfeed you trivia?

Attached: moron.png (248x209, 52.25K)

...

based


unbased


based


unbased


unbased

lol all he did was point out unix braindamage and then act like lisp machines were the best thing ever. I'm nearly convinced he's the zoomer cnile poster and rust shill too.

At least captcha prevents low quality posts. Right? lmfao imagine Zig Forums ends up as the most cucked board. hahaha

Nah m8. I'm the Cnile poster and the Rust shill. I'm also the LARPer poster. I'm not zoomer though, LOL.
unbased btw

only good mods could prevent that but they are very likely phoneposters too so its not going to happen

why would you download it from some random indian botnet site instead of kernel.org?

...

get that checked, lad

Because it's not 1990 anymore.

Attached: 1990sadfrog.jpg (500x379, 22.72K)

How do I make vanilla kernel work with lvm?
I never could pass this part, distros are using some initrd hackery for that.
Is there a simplier way?
Slackware had worked without initrd just fine, is it still possible?

Can I build a kernel without TCP/IP or networking support (i.e without loop interface) for being truly offline?
How can I disable all drivers and modules which is not needed by my system?
Which scheduler should I choose?

I can't help you with LVM. You can easily disable the networking stack in the kernel configuration though if you want Unix sockets you may need to reenable some parts. Start with a minimal kernel (maybe something like Gentoo as a base) and go through the options; maybe try a live medium and check what modules are being used to quickly check what your hardware needs. The scheduler isn't really that important, but there is one that gives more priority to programs that are taking user input. Don't quite remember the name however.

update your 10 year old jpeg before you die of old age, user

You must really trust your firewall br0. I can think about about 80 ways to get turtle> on Windows 2000 and that is just remote exploits that are publicly available. I mean why? You know any script kiddie with metasploit can own that machine with x86 meterpreter reverse hop http/https payload right? Why would you challenge motherfuckers to hack your Windows 2000 box?

Honeypot>


It's because programming classes don't teach security and there a culture of defensive coding practices. I think the last time I read through a C++ book Security was Chapter 13 and I'm pretty sure they don't cover that in normal programming courses. I don't think security and hacking related subjects get taught until 400 level classes and higher. Me never went to college but I love code. I read Chapter 13. It's a good idea to read Bjarne Stroustrup's books on the version of C++ you intent to use. I think by C++ 17 most of this shit is fixed is fixed but people are still coding for C++03 or 11 because they have just been doing it forever.

Also a problem is faggot ass supervisors wanting devs to use legacy libraries that have known security issues. Devs "Ok, but don't say I didn't warn you."

But you are right C/C++ has issues and you actually have to think about defensive coding practices while coding. Nobody does. Fewer people actually pentest their shit or outside consultants or even a bug bounty program because people care about how easy it is for the end user. It's why MSSQL came configured insecurely. It's so there are less tech support calls. Microsoft even, "Fuck security" I mean was Window ever kinda secure before Windows 10. Can still get Turtle> on 10 though.


I did get it from kernel.org. Those links are not what I posted. Don't use that shit.


exactly

Attached: pwn2000a.png (642x581 117.97 KB, 90.3K)

Yes this is directly related to some stuff that I am working on right now -- I am trying to do some things with ubuntu 18.04 with PCI-E performance and some features that were added recently (Back in 4.20 iirc).

like what?

Attached: 1469035408232s.jpg (125x125, 2.25K)

Rust

I don't think Ada is completely immune, but it eliminates the vast majority of use cases for pointers in C by not being garbage.

lol fine how come my gpu doesn't work properly now? How come my audiocard didn't work for 6 months? oh yeah kernel updates due to unix braindamage

BASED
Install PulseAudio

If you're going to say Ada, then you're wrong.
The Ariane V Cluster rocket disaster was caused by faulty Ada code. Ada has proven to constantly fail at branch conditions and about as brain damaged as C.

No user the kernel dropped support for the hardware. They probably fucked up something, (((by accident))), for the gpu since I should be a good nigger a buy a new computer every 5 years to fucking use xterm.

The Cluster explosion wasn't caused by a use after free you LARPer.

No, that was just the rocket designers being retarded. tl;dr they reused code designed for an older and slower rocket which made assumptions about its maximum inertia, assumed anything higher was a sign of hardware failure, and disabled security features to increase performance. They skimped on basic tests to save money and, surprise surprise, the performance hacks didn't scale up to a faster rocket and led to both redundant computers shutting down mid-flight.
The software for the Inertial Reference System (IRS) on the Ariane 5 was identical to thesoftware used successfully on the Ariane 4 rocket. Basically, the developers took an "OffThe Shelf" part (the IRS) that consisted of hardware and software, the design of which wasused successfully on the Ariane 4 project, and bolted it onto the Ariane 5 rocketcompletely untested. The Ariane 5 rocket had a substantially different flight profile than theAriane 4 was capable of. When the rocket started its flight, it moved at angles that weresubstantially larger than the Ariane 4 flight path would generate. The inertial data exceededthe range limits of the Ariane 4 software.The system was designed with a dual-redundant computer (two processor boards that areidentical, running identical software.) One part of the software in question was performingcalculations on the inertial data and needed to do so repeatedly in a very small amount oftime. The original designers needed to speed up the software so they performed ananalysis of the incoming data and concluded that within the Ariane 4 flight profile, numbersoutside of a certain range would never occur. If such numbers *did* occur, it would be mostlikely that a sensor had failed and was generating wildly out of range data. Hence, it wassafe to remove any error-handling code and instead design in Failure Detection andAccommodation (FDA) logic.The logic went something like this: "If a number comes in over a certain size, it will triggera hardware overflow condition. The hardware will trap to an Interrupt Service Routine (ISR)for handling of that condition. The ISR presumes that if it was reached, then there must bea hardware fault. In the event of a hardware fault, the software will shut down the computerand transfer to the 'spare' ccomputer - which is why we have a 'spare' in the first place."All of this makes sense because the flight path of the Ariane 4 would never generatenumbers large enough to cause an overflow - unless the hardware was broke. The wholeanalysis and design was in place, tested and flew successfully for the Ariane 4 rocket.Now comes the bad part: The design team for the Ariane 5 looked at the IRS for the Ariane4 and figured that they had a reliable piece of hardware that would work fine for the Ariane 5and they could save money by reusing an existing design. That's what they did. Only theystarted to make unwarranted assumptions - that the unit would work on the Ariane 5 flighttrajectory and that it didn't need to be tested in any way against the flight path expected.(Thus saving more money.) Had they run even the most rudimentary tests of the unitagainst the expected flight path of the Ariane 5, they would have triggered the conditionand detected that they had a problem. They never did.When the rocket flew for the first time, both dual-redundant computers detected theoverflow condition. Both presumed that the cause was a hardware failure. Both shut down inan attempt to leave the other side in control. They did *exactly* what they were designed todo and in that sense behaved flawlessly.The fact that the computers in question were programmed in Ada had absolutely nothing todo with the reasons for the crash. It had no more to do with the crash than the fact that bothcomputers were using a Mil-Std-1750a microprocessor - a computer that has been usedreliably in numerous space applications. The original software designers were not to blameeither. They designed their software logic for the problem at hand and had to work within theCPU time limitations they were given. Their FDA logic was *perfect* for the Arriane 4 rocket.The fault lay with the designers of the Ariane 5 and their failure to test their assumptions. Itwould be analogous to taking a tire that was designed to work on a Corvette and "reusing"it in the design of a Freightliner truck. It works *fine* when the only weight it has to support isa Corvette sports car. What would it likely do trying to support the weight of a Freightlinertruck?

Attached: principal_skinner_pathetic.png (680x419, 273.19K)

based

Why would you wish this on anyone?