Build Linux Kernel 5.1.2

Chase Rivera
Chase Rivera

Some of you have probably noticed a security bulletin floating around. Basically you can send specially crafted packets to TCP port and gain remote code execution on Linux versions prior to 5.0.8

Compiling Linux 5.1.2. Easy enough.
[code]
wget lnkd.in/grP8_4M
unxz -v linux-5.1.2.tar.xz
wget lnkd.in/gN3Zmi5
gpg --verify linux-5.1.2.tar.sign
gpg --recv-keys 79BE3E4300411886
gpg --verify linux-5.1.2.tar.sign
tar xvf linux-5.1.2.tar
cd linux-5.1.2
cp -v /boot/config-$(uname -r) .config
apt-get install build-essential libncurses-dev bison flex libssl-dev libelf-dev
make menuconfig
#if you need to make changes do so otherwise just exit.
make

Attached: linuxpepe.png (105.14 KB, 883x1024)

Other urls found in this thread:

fsfla.org/ikiwiki/selibre/linux-libre/
linux-libre.fsfla.org/pub/linux-libre/freesh/
github.com/pimlie/ubuntu-mainline-kernel.sh
github.com/teejee2008/ukuu

Austin Turner
Austin Turner

Reported for CP.

Owen Parker
Owen Parker

apt-get install
install gentoo

Jack Mitchell
Jack Mitchell

Gentoo doesn't have this problem, didn't even have rds module compiled.

Jaxon Flores
Jaxon Flores

You don't need to recompile the entire kernel to fix an issue with a single module, dumbass.

Lucas Cooper
Lucas Cooper

make thread about security
uses the blobbed version of linux
Good intentions but we can do better.
fsfla.org/ikiwiki/selibre/linux-libre/
linux-libre.fsfla.org/pub/linux-libre/freesh/

Jackson Miller
Jackson Miller

race condition leading to a use-after-free
C/C++ strikes again!

Joshua Nguyen
Joshua Nguyen

Or, for Ubuntu and derivatives
This github.com/pimlie/ubuntu-mainline-kernel.sh
Or this github.com/teejee2008/ukuu

Julian Allen
Julian Allen

That's a logical problem that will affect all languages. It is not a problem that's unique to C or C++.

Mason Martinez
Mason Martinez

Debian/Ubuntu users make up the majority of Linux users. I'd saying doing this in portage but Gentoo doesn't have this module compiled by default.

This!

I had to look this. I've never just swapped out modules and I don't know that much about Linux kernel. Hence I'm building one. What better excuse could one have? Technically what your are saying is true. People are saying it might run or might have compatibility issues between new module and older kernel. Also technically major Linux distros probably already have this patched so running update through whichever package manager you have will get it done.

Has anyone benefited from this post or is everyone on tech an advanced user?

Oh don't forget.

make modules_install
make install

You actually did it didn't you faggotnigger. Don't you have better shit to do than report the Linux cp command as CP. Faggotniggers everywhere.

Colton Sanders
Colton Sanders

just hack me then if its so easy. i have old kernels and a win2000 machine thats connected to the internet and has some open ports too and the program that listens on that port runs as admin.

Attached: 1536725739761.jpg (7.95 KB, 400x400)

Dylan Phillips
Dylan Phillips

race condition and use after free
logical problem
Cnile spotted

Jack Rodriguez
Jack Rodriguez

You're right that this is a C/C++ problem. Weenies will once again find some way to blame the protocol and not the weenie "programmers" and piece of shit "language" it was written in, just like they blamed the finger protocol for the Morris worm caused by a buffer overflow because some weenie used gets() for network software.

There are languages that are completely immune to use-after-free bugs, and not just the ones with GC. There are also languages that prevent race conditions. This idea that computer networking is inherently dangerous is bullshit. It's not the packets that are the problem, it's shitty C code.

Date: Mon, 7 Jan 91 23:09:32 EST
Subject: What you once thought was a brain-dead misimplementation is now the protocol definition!
or, Unix Historical Revisionism At Work Again,
or, IETF-approved RFC1196

This whole thing is pretty sad, or pathetic, or depressing
or something.

Firstly, there's the rewriting of a protocol to conform
to a ubiquitous misimplementation -- the unix story over and
over.

Then there's the growing Balkanisation (or
Multics-ification) of the net -- I remember laughing out
loud when I found that MIT-MULTICS refused finger service on
security grounds.

Then, or course, there's the pathetic implementational
warnings about how one should be very very careful in
implementing this sensitive and dangerous protocol -- as if
this perilous protocol somehow innately offered a direct way
to shove fingers up unix' sockets. Or something.

Camden Thompson
Camden Thompson

based

Ayden Cruz
Ayden Cruz

[Laughs in Gentoo]

Attached: 2019-05-16T14-04-36.png (6.48 KB, 529x22)

Jackson Flores
Jackson Flores

You're the best poster on Zig Forums, don't let newfags tell you otherwise.

Attached: 1483182577323.png (68.38 KB, 529x466)

James Watson
James Watson

it's trying to encourage itself
This is pathetic

Evan White
Evan White

based

based

unbased and gay

Asher Jenkins
Asher Jenkins

He's getting lazy these days. His posts grow less detailed and he's begun flat-out lying about basic stuff like static linking because no matter what he says, some faggot is going to call him based. Compared to his old posts and genuinely fascinating shit like the Multicians website, you're being fed slop and praising it because your chef wasn't always this lazy.
If you're actually interested in non-Unixy hardware and operating systems, there's a shitton of great websites out there and Youtube videos of eldery dudes demonstrating their old OSes in virtual machines. Why don't you check out those instead of waiting for some angry Zig Forums boomer to dripfeed you trivia?

Attached: moron.png (52.25 KB, 248x209)

Benjamin Ramirez
Benjamin Ramirez

implying I sit on Zig Forums all day refreshing nonstop to see him post

Dylan Sanchez
Dylan Sanchez

based

unbased

based

unbased

unbased

Thomas Adams
Thomas Adams

lol all he did was point out unix braindamage and then act like lisp machines were the best thing ever. I'm nearly convinced he's the zoomer cnile poster and rust shill too.

At least captcha prevents low quality posts. Right? lmfao imagine Zig Forums ends up as the most cucked board. hahaha

Wyatt Cooper
Wyatt Cooper

Nah m8. I'm the Cnile poster and the Rust shill. I'm also the LARPer poster. I'm not zoomer though, LOL.
unbased btw

Daniel Torres
Daniel Torres

only good mods could prevent that but they are very likely phoneposters too so its not going to happen

Jacob Hughes
Jacob Hughes

why would you download it from some random indian botnet site instead of kernel.org?

Wyatt Wright
Wyatt Wright

gpg --verify linux-5.1.2.tar.sign

Jackson Hall
Jackson Hall

everybody i don't like is the same person
get that checked, lad

Jack Adams
Jack Adams

Because it's not 1990 anymore.

Ayden Cooper
Ayden Cooper

Attached: 1990sadfrog.jpg (22.72 KB, 500x379)

David Russell
David Russell

How do I make vanilla kernel work with lvm?
I never could pass this part, distros are using some initrd hackery for that.
Is there a simplier way?
Slackware had worked without initrd just fine, is it still possible?

Can I build a kernel without TCP/IP or networking support (i.e without loop interface) for being truly offline?
How can I disable all drivers and modules which is not needed by my system?
Which scheduler should I choose?

William Smith
William Smith

I can't help you with LVM. You can easily disable the networking stack in the kernel configuration though if you want Unix sockets you may need to reenable some parts. Start with a minimal kernel (maybe something like Gentoo as a base) and go through the options; maybe try a live medium and check what modules are being used to quickly check what your hardware needs. The scheduler isn't really that important, but there is one that gives more priority to programs that are taking user input. Don't quite remember the name however.

Brody Wright
Brody Wright

update your 10 year old jpeg before you die of old age, user

Parker Walker
Parker Walker

You must really trust your firewall br0. I can think about about 80 ways to get turtle> on Windows 2000 and that is just remote exploits that are publicly available. I mean why? You know any script kiddie with metasploit can own that machine with x86 meterpreter reverse hop http/https payload right? Why would you challenge motherfuckers to hack your Windows 2000 box?

Honeypot>

It's because programming classes don't teach security and there a culture of defensive coding practices. I think the last time I read through a C++ book Security was Chapter 13 and I'm pretty sure they don't cover that in normal programming courses. I don't think security and hacking related subjects get taught until 400 level classes and higher. Me never went to college but I love code. I read Chapter 13. It's a good idea to read Bjarne Stroustrup's books on the version of C++ you intent to use. I think by C++ 17 most of this shit is fixed is fixed but people are still coding for C++03 or 11 because they have just been doing it forever.

Also a problem is faggot ass supervisors wanting devs to use legacy libraries that have known security issues. Devs "Ok, but don't say I didn't warn you."

But you are right C/C++ has issues and you actually have to think about defensive coding practices while coding. Nobody does. Fewer people actually pentest their shit or outside consultants or even a bug bounty program because people care about how easy it is for the end user. It's why MSSQL came configured insecurely. It's so there are less tech support calls. Microsoft even, "Fuck security" I mean was Window ever kinda secure before Windows 10. Can still get Turtle> on 10 though.

I did get it from kernel.org. Those links are not what I posted. Don't use that shit.

exactly

Attached: countryfeels.png (90.3 KB, 642x581)
Attached: pwn2000.png (117.97 KB, 1134x634)
Attached: pwn2000a.png (118.42 KB, 1123x637)

Liam Carter
Liam Carter

Yes this is directly related to some stuff that I am working on right now -- I am trying to do some things with ubuntu 18.04 with PCI-E performance and some features that were added recently (Back in 4.20 iirc).

Luke Lee
Luke Lee

There are languages
like what?
inb4 ada

Attached: 1469035408232s.jpg (2.25 KB, 125x125)

Nathaniel Nelson
Nathaniel Nelson

Rust

Jordan Carter
Jordan Carter

I don't think Ada is completely immune, but it eliminates the vast majority of use cases for pointers in C by not being garbage.

Colton James
Colton James

kernel updates every few days
kernel is clearly getting worse with time
muh security
lol fine how come my gpu doesn't work properly now? How come my audiocard didn't work for 6 months? oh yeah kernel updates due to unix braindamage

Adrian Sanders
Adrian Sanders

unix braindamage
BASED
How come my audiocard didn't work for 6 months?
Install PulseAudio

Ayden Thompson
Ayden Thompson

There are languages that are completely immune to use-after-free bugs
If you're going to say Ada, then you're wrong.
The Ariane V Cluster rocket disaster was caused by faulty Ada code. Ada has proven to constantly fail at branch conditions and about as brain damaged as C.

Samuel Rivera
Samuel Rivera

No user the kernel dropped support for the hardware. They probably fucked up something, (((by accident))), for the gpu since I should be a good nigger a buy a new computer every 5 years to fucking use xterm.

Cooper Watson
Cooper Watson

The Cluster explosion wasn't caused by a use after free you LARPer.

Benjamin Hernandez
Benjamin Hernandez

blaming the Ariane V clusterfuck on Ada
No, that was just the rocket designers being retarded. tl;dr they reused code designed for an older and slower rocket which made assumptions about its maximum inertia, assumed anything higher was a sign of hardware failure, and disabled security features to increase performance. They skimped on basic tests to save money and, surprise surprise, the performance hacks didn't scale up to a faster rocket and led to both redundant computers shutting down mid-flight.

The software for the Inertial Reference System (IRS) on the Ariane 5 was identical to the
software used successfully on the Ariane 4 rocket. Basically, the developers took an "Off
The Shelf" part (the IRS) that consisted of hardware and software, the design of which was
used successfully on the Ariane 4 project, and bolted it onto the Ariane 5 rocket
completely untested. The Ariane 5 rocket had a substantially different flight profile than the
Ariane 4 was capable of. When the rocket started its flight, it moved at angles that were
substantially larger than the Ariane 4 flight path would generate. The inertial data exceeded
the range limits of the Ariane 4 software.

The system was designed with a dual-redundant computer (two processor boards that are
identical, running identical software.) One part of the software in question was performing
calculations on the inertial data and needed to do so repeatedly in a very small amount of
time. The original designers needed to speed up the software so they performed an
analysis of the incoming data and concluded that within the Ariane 4 flight profile, numbers
outside of a certain range would never occur. If such numbers *did* occur, it would be most
likely that a sensor had failed and was generating wildly out of range data. Hence, it was
safe to remove any error-handling code and instead design in Failure Detection and
Accommodation (FDA) logic.

The logic went something like this: "If a number comes in over a certain size, it will trigger
a hardware overflow condition. The hardware will trap to an Interrupt Service Routine (ISR)
for handling of that condition. The ISR presumes that if it was reached, then there must be
a hardware fault. In the event of a hardware fault, the software will shut down the computer
and transfer to the 'spare' ccomputer - which is why we have a 'spare' in the first place."
All of this makes sense because the flight path of the Ariane 4 would never generate
numbers large enough to cause an overflow - unless the hardware was broke. The whole
analysis and design was in place, tested and flew successfully for the Ariane 4 rocket.

Now comes the bad part: The design team for the Ariane 5 looked at the IRS for the Ariane
4 and figured that they had a reliable piece of hardware that would work fine for the Ariane 5
and they could save money by reusing an existing design. That's what they did. Only they
started to make unwarranted assumptions - that the unit would work on the Ariane 5 flight
trajectory and that it didn't need to be tested in any way against the flight path expected.
(Thus saving more money.) Had they run even the most rudimentary tests of the unit
against the expected flight path of the Ariane 5, they would have triggered the condition
and detected that they had a problem. They never did.

When the rocket flew for the first time, both dual-redundant computers detected the
overflow condition. Both presumed that the cause was a hardware failure. Both shut down in
an attempt to leave the other side in control. They did *exactly* what they were designed to
do and in that sense behaved flawlessly.

The fact that the computers in question were programmed in Ada had absolutely nothing to
do with the reasons for the crash. It had no more to do with the crash than the fact that both
computers were using a Mil-Std-1750a microprocessor - a computer that has been used
reliably in numerous space applications. The original software designers were not to blame
either. They designed their software logic for the problem at hand and had to work within the
CPU time limitations they were given. Their FDA logic was *perfect* for the Arriane 4 rocket.

The fault lay with the designers of the Ariane 5 and their failure to test their assumptions. It
would be analogous to taking a tire that was designed to work on a Corvette and "reusing"
it in the design of a Freightliner truck. It works *fine* when the only weight it has to support is
a Corvette sports car. What would it likely do trying to support the weight of a Freightliner
truck?

Caleb Jones
Caleb Jones

not cdn.kernel.org

Attached: principal-skinner-pathetic.png (273.19 KB, 680x419)

Carter Garcia
Carter Garcia

based

gpg --verify linux-5.1.2.tar.sign

Angel Nelson
Angel Nelson

install pulseaudio
Why would you wish this on anyone?

Disable AdBlock to view this page

Disable AdBlock to view this page

Confirm your age

This website may contain content of an adult nature. If you are under the age of 18, if such content offends you or if it is illegal to view such content in your community, please EXIT.

Enter Exit

About Privacy

We use cookies to personalize content and ads, to provide social media features and to analyze our traffic. We also share information about your use of our site with our advertising and analytics partners.

Accept Exit