kernel config invalid
Hello, while compiling new kernel on some different arch and i got invalid parameters in Debian .config file.These should actually take 'y' not 'm' .config:2286:warning: symbol value 'm' invalid for MTD_NAND_ECC_SW_HAMMING.config:2436:warning: symbol value 'm' invalid for PVPANIC.config:7711:warning: symbol value 'm' invalid for ASHMEM.config:8543:warning: symbol value 'm' invalid for ANDROID_BINDER_IPC.config:9266:warning: symbol value 'm' invalid for CRYPTO_ARCH_HAVE_LIB_BLAKE2S.config:9267:warning: symbol value 'm' invalid for CRYPTO_LIB_BLAKE2S_GENERIC Please change them for the next kernel. Regards
Re: Debian kernel contributions
25.04.2018, 00:21, "Romain Perier" <romain.per...@gmail.com>: > Hello, Hello Romain, you are welcome to the Debian country, are you reading help debian? this could be the first step: https://www.debian.org/intro/help I think you should check out the fixed security issue and debugging bugs and be a member of a Alioth group. https://bugs.debian.org/ Regards Ozgur > My name is Romain, I am an upstream linux contributor and I would like > to contribute on downstream projects like Debian. In my free time, I > love hacking (and beer too! but that's another business :p) . I would > want to focus on kernel development and perhaps a bit of kernel > packaging too. > > I have discussed with Vincent Bernat on IRC, he redirected me to this > ML. I am also on IRC (with the nick "rpr"), I am only connected to > #debian-kernel for now. > > I would glad to help, what would you recommend ? > > Thanks, > Romain
Re: Intel Vulnerability
05.01.2018, 10:56, "maximilian attems" <m...@stro.at>: > Dear Ozgur, Hello Max, > On Fri, Jan 05, 2018 at 10:29:56AM +0300, Ozgur wrote: >> thanks for reply and I'm using the stable version (Debian stretch). I >> updated last night and I don't seen any new kernel patch yet. > > Please use a user list for your support, this mailing list is for development > purpose. > > thank you, okay, thank you. > -- > maks Regards, Ozgur
Re: Intel Vulnerability
05.01.2018, 10:16, "Yves-Alexis Perez" <cor...@debian.org>: > On Fri, 2018-01-05 at 10:07 +0300, Ozgur wrote: >> I talked yesterday Debian kernel team and was a work on Debian kernel for >> the latest stable, I think all users add to "x86_64_BUG_CPU_INSECURE" >> parameter .config file and add "= y" added and recompiled. > > Hi Ozgur, Hello Alexis, thanks for reply and I'm using the stable version (Debian stretch). I updated last night and I don't seen any new kernel patch yet. sources.list: deb http://security.debian.org/debian-security stretch/updates main contrib non-free deb-src http://security.debian.org/debian-security stretch/updates main contrib non-free deb http://deb.debian.org/debian/ stretch-updates main contrib non-free deb-src http://deb.debian.org/debian/ stretch-updates main contrib non-free deb http://deb.debian.org/debian/ stretch main contrib non-free deb-src http://deb.debian.org/debian/ stretch main contrib non-free $ uname -ar Linux laptop.debian.local 4.9.0-5-amd64 #1 SMP Debian 4.9.65-3+deb9u2 (2018-01-04) x86_64 GNU/Linux Regards Ozgur > that's completely irrelevant. For Meltdown fix on Stretch/amd64, please > upgrade to the just published linux-image-4.9.0-5-amd64 version > 4.9.65-3+deb9u2. > > Regards, > -- > Yves-Alexis
Re: Intel Vulnerability
05.01.2018, 00:23, "Yves-Alexis Perez" <cor...@debian.org>: > On Thu, 2018-01-04 at 20:51 +, joe.gha...@dell.com wrote: >> Does anyone have any information about plans for releasing patches for the >> Intel vulnerability issues for Debian Jessie and/or Stretch? Any information >> would be really appreciated. > > Hi Joe, > > we are currently in the process of releasing updates addressing CVE-2017-5754 > (meltdown) for Stretch. Hello, I talked yesterday Debian kernel team and was a work on Debian kernel for the latest stable, I think all users add to "x86_64_BUG_CPU_INSECURE" parameter .config file and add "= y" added and recompiled. Regards Ozgur > Jessie will follow later, as well as fixes for Spectre if/when they are > available. > > Regards, > -- > Yves-Alexis
Re: missed package 4.10.0-rc6
Hello Yavuz, the package here is only kept in the experimental repository. So kernel team will be deleted when the all dependencies are completely removed. There is already a warning message in the experimental repos: Warning: This package is from the experimental distribution. That means it is likely unstable or buggy, and it may even cause data loss. Please be sure to consult the changelog and other possible documentation before using it. Regards Ozgur 29.11.2017, 14:01, "Yavuz Selim Komur" <ko...@bilkent.edu.tr>: > I think, you forgotten remove this package from repo. > > because no header, build and related packages are available. > > On Wed, 2017-11-29 at 13:23 +0300, Ozgur wrote: >> Hello Yavuz, >> >> what do you want? >> >> Regards >> >> Ozgur >> >> 29.11.2017, 13:21, "Yavuz Selim Komur" <ko...@bilkent.edu.tr>: >> > https://packages.debian.org/search?keywords=linux-image-4.10.0-rc6- >> > amd6 >> > 4
Re: missed package 4.10.0-rc6
Hello Yavuz, what do you want? Regards Ozgur 29.11.2017, 13:21, "Yavuz Selim Komur" <ko...@bilkent.edu.tr>: > https://packages.debian.org/search?keywords=linux-image-4.10.0-rc6-amd6 > 4
Bug#872004: UNWANTED MAIL
Hello, please visit a below url address and confirm your e-mail address and unsubscribe. https://lists.debian.org/debian-kernel/ Regards Ozgur 14.09.2017, 06:45, "dmcerl...@virginbroadband.com.au" <dmcerl...@virginbroadband.com.au>: > REMOVE ME FROM ALL MAILING LISTS!!!
Re: Backport facebook IPv6 routing table PMTU exception patch
21.12.2016, 23:59, "Rumen Telbizov" <telbi...@gmail.com>:Hello, The original patch has been put together against 4.1/4.2 kernel and as such will probably need to be modified to work on 3.16. While I could try adapt it and patch my kernel, this would mean that going forward I'll need to maintain this and keep patching and rebuilding after every change from Debian. Not ideal. Moreover, no other Debian jessie 3.16 user would benefit from the fix. Again, even today users could run the 4.7 from backports and benefit from the patch but how many do that? I would assume that most users will run the default 3.16 which leaves them exposed to this DoS scenario. In short, if Debian maintains the patch all jessie IPv6 users running default kernel will benefit from this going forward. Thank you for your feedback and consideration. Regards,Rumen Telbizov Dear Telbizov; you are very right and please don't understand me wrong, I'm not a Debian maintainer :) but I just explain my idea. I think, maintainer's will be taken into your consideration. Thanks for information, Regards ~Ozgur
Re: Backport facebook IPv6 routing table PMTU exception patch
Hello, As you have mentioned this patchset has already been reported for the linux-kernel.For now, you can patch to kernel and run udpflood and test to systems. The bug only module -not kernel-, I think, you can use the kernel module and fix it. http://www.spinics.net/lists/netdev/msg301225.html Thanks for report. Regards, ~Ozgur 21.12.2016, 23:14, "Rumen Telbizov" <telbi...@gmail.com>:Dear Debian kernel maintainers,This might be a long shot but I decided to ask here anyway. If nothing else I hope to bring more awareness.The current kernel in Debian Jessie (3.16) is prone to a resource-exhaustion attack against its IPv6 routing table. In short, every time a packet from a new IPv6 peer is received an entry is created in the IPv6 routing table. This serves as a cache (although it's in the same table) so that MTU and other parameters are stored on a per-peer basis. This creates the potential for an attacker to quickly fill up the table by sending packets from different source addresses. The effect is that as the table gets full the garbage collector starts running back-to-back using 100% system CPU causing the system to degrade rapidly.The above is my understanding anyway and might be partially incorrect.Facebook has contributed a patch which skips the creation of a new entry if the MTU is the same as the default route (which is almost always the case), thus keeping the table small. Unfortunately that patch has been introduced sometime after 4.1-4.2 kernels and is not present in the default Debian Jessie kernel. It does seem to be fixed in the 4.7 from backports. Due to the severity of this, I was wondering if you could consider backporting that patch for the 3.16 kernel as well?Additional details regarding the patch are available at: https://code.facebook.com/posts/1123882380960538/linux-ipv6-improvement-routing-cache-on-demand/ Regards,--Rumen TelbizovUnix Systems Administrator
IPQ Module
Hello all; I tested 3.2.0-4 kernel on Debian 7.0 Wheezy operating system. Debian Wheezy being used 3.2.0-4 kernel. # uname -ar Linux snort.test.lan 3.2.0-4-amd64 #1 SMP Debian 3.2.41-2+deb7u2 x86_64 GNU/Linux kernel version I understand; the new kernel version no used ip_queue module, right? I run Snort IPQ mode and error: -- ipq DAQ configured to inline. ERROR: Can't initialize DAQ ipq (-1) - ipq_daq_initialize: ipq_create_handle error Unable to create netlink socket Fatal Error, Quitting.. -- I tested NFQ mode Snort his way to work and worked. I think; new kernel not use IPQ module. # modprobe ip_queue ERROR: could not insert 'ip_queue': Device or resource busy # insmod ip_queue Error: could not load module ip_queue: No such file or directory # insmod /lib/modules/3.2.0-4-amd64/kernel/net/ipv4/netfilter/ip_queue.ko Error: could not insert module /lib/modules/3.2.0-4-amd64/kernel/net/ipv4/netfilter/ip_queue.ko: Device or resource busy and syslog message: Jun 8 02:21:54 snort kernel: [ 3382.028421] ip_queue: failed to register queue handler Jun 8 02:27:35 snort kernel: [ 3722.151772] ip_queue: failed to register queue handler Jun 8 02:27:52 snort kernel: [ 3739.115550] ip_queue: failed to register queue handler I want to share this information with you. Best Regards Ozgur Karatas
Re: Good bye
Hi Daniel, thank you for support and help.. I wish you luck.. hopes everything is delicious.. Good luck! Regards Ozgur Karatas -- To UNSUBSCRIBE, email to debian-kernel-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org