Up to date kernel support for security reasons

Discussion in 'Kernels' started by mrsnakeoil, Dec 29, 2013.

  1. mrsnakeoil

    mrsnakeoil New Member

    Joined:
    Dec 29, 2013
    Messages:
    1
    Likes Received:
    0
    Good morning all,

    I'm working on a small project to provide small devices that can be used for
    the following:
    - thin client for rdp and vnc over ssh.
    - local ubuntu LTS OS (probably trusty)
    - secure: must track latest (ubuntu) kernel to include all security fixes, include iptables

    I have a UDOO quad on order (love the SATA port!) and the first two items are
    easy to deliver. Running an up-to-date kernel I think it is not possible judging by the posts on the forum.

    The workflow I'm looking for is as follows:
    - ubuntu issue a kernel specific USN (e.g. http://www.ubuntu.com/usn/usn-1998-1/)
    - apt-get update && apt-get dist-upgrade -y && reboot
    - device is no longer vulnerable

    However I don't think this is possible, at least currently.

    Could I kindly ask anyone with some good experience to comment?

    Am I right in my conclusion? And might the situation change when trusty ships? Are their any low cost arm boards that run a stock kernel from any commercial distribution or is this complication universal to arm?

    Kind regards,
    Adam.
     
  2. saidol

    saidol New Member

    Joined:
    Oct 3, 2013
    Messages:
    24
    Likes Received:
    0
    Hi Adam,

    > Are their any low cost arm boards that run a stock kernel from any commercial distribution or is this complication universal to arm?

    Arm kernel architecture has complications that does not exists in x86 world because of of complexity of peripheral connection and pinmux flexibility.
    Starting from version 3.4+ Linux kernel has introduced device tree configuration that is simplifying support and maintain different soc board/configuration with minimal effort and code duplication. So I believe in new year (2014) the situation will change.

    I heard fabio estevam is working to introduce udoo support on next release of Linaro kernel:
    http://comments.gmane.org/gmane.linux.p ... nel/269270
    Udoo team will support him in this work, so hope that support will be soon available.

    Bye
    Giuseppe
     
  3. chesterkuo

    chesterkuo New Member

    Joined:
    Jan 20, 2014
    Messages:
    1
    Likes Received:
    0

Share This Page