This page and repository are being updated, information is not accurate, links may be broken, etc...
Page with various kernel version releases information, to build kernel for debug check developing page. System documentation contains information about configuration flags, build and install process. Kernel code is hosted at git repository with various LTS versions per branch; stable-4.9, stable-4.19 and stable-5.4. Stable branch track Libre / GNU while versions with blobs have tags start name with "blob".
Git repository and port is being updated with this new version, links may fail.
Port linux-blob-5.4 tracks upstream releases with blobs / binaries.
- Arch x86_64 - 5.4
- Arch configuration from kernel 5.4 for x86_64 (port config-all-standard).
- Arch harden x86_64 - 5.4
- Arch kernel-hardened 5.4 from linux-hardened for x86_64 (config-x86_64).
- Crux x86_64 - 5.4
- Crux configuration available on installation media.
- Arch linux-lts54 port.
Port linux-blob-4.19 tracks upstream releases with blobs / binaries.
- Arch x86_64 - 4.19
- Arch kernel 4.19 for x86_64.
- Arch harden x86_64 - 4.19
- Arch kernel 4.19 from linux-hardened for x86_64.
- Arch linux-lts419 port.
- Hyperbola x86_64 - 4.9
- Hyperbola kernel 4.9 configuration for x86_64.
- Arch x86_64 - 4.9
- Arch kernel 4.9 for x86_64.
- Hyperbola i686 - 4.9
- Hyperbola kernel 4.9 configuration for i686.
There is various forks and minor revisions such as grsecurity patches, real time for beaglebone, etc.
- Clean upstream linux libre with gresecurity grsecurity-3.1-4.9.24-201704252333.patch) patch.
- Clean upstream linux libre with kernel and gcc cpu optimizations (for gcc v9.1+ kernel v4.13+) patch from graysky2.
- Clean upstream linux libre with dapper linux gresecurity patches without Meltdown and Spectre fixes since version 4.9.74.
- Upstream linux with binary / blobs with beagle board patches.
- Upstream linux with binary / blobs with real time patches.
- Arch linux-lts49 port
- General Setup
- Enable loadable module support
- Enable the block layer
- Processor type and features
- Power management and ACPI options
- Bus options (PCI etc.)
- Executable file formats / Emulations
- Networking support
- Device Drivers
- Firmware Drivers
- File systems
- Kernel hacking
- Security options
- Cryptographic API
- Library routines
Notes to be corrected on linux configure documentation.
Meltdown and Spectre;
Set net.core.bpf_jit_enable to 0.
Test current config;
# zgrep CONFIG_PAGE_TABLE_ISOLATION /proc/config.gz
Notes on how to checkup cpu vulnerabilities and update cpu firmware, intel calls firmware microcode. Generally this is handled by updating the bios, but is possible to update using kernel. Updating the firmware for MDS will also mean correction of MEI_ME intel-sa-00075 and intel-sa-00086.