grsecurity forums

kernel 3.18 has been designated as the newest LTS (Long-Term Support) kernel. Will grsecurity provide patches for 3.18, as it does for the other LTS 3.14 ?

I don't see the patches for 3.18 anymore on https://grsecurity.net/download.php

How can I download grsecurity for 3.18 kernel ?

we moved off from 3.18 already and it also means it won't be supported for a longer term (we make such decisions in about every 2-3 years). as for older patches, see viewtopic.php?f=3&t=2980 in general, but there're collections on github and other places. i personally keep the last PaX patch for each kernel version online but that doesn't mean i encourage their use or provide support for them.

could you please post a link to the last 3.18 patch ?

So, does it mean, there will only ever be one LTS grsecurity (i.e. currently 3.14)

This is quite inconvenient as new laptops require newer kernels (mine needs >= 3.16) and I would like to settle with a stable LTS kernel + grsecurity.

Is there anything that would change your decision to abandon 3.18 ?

I was unable to find anywhere a patch for 3.18.9 (I only found the Twitter announcement from march 7).
I found a link for previous patch 3.18.8, but that does not seem to work anymore: https://grsecurity.net/test/grsecurity- ... 1843.patch

thanks for the link "Regarding availability of old patches for old kernels", but in this case 3.18 is not old, unsupported kernel but maintained long term kernel.

Just a hypothetical question:
If enough people were interested, or some kind of "bounty" were started, would it be possible to maintain 3.18 ? I am not a programmer, but if there is any way to help, I would be happy to.

ThomasKeller wrote:could you please post a link to the last 3.18 patch ?

try here: https://github.com/slashbeast/grsecurit ... aster/test .

So, does it mean, there will only ever be one LTS grsecurity (i.e. currently 3.14)

we've had two for most of the time, 2.6.32 and 3.2, then 3.2 and 3.14, though this will change when 3.2 gets dropped and we'll get a little breathing room with having to maintain only one (3.14) until we choose our next long term supported kernel.

thanks for the link "Regarding availability of old patches for old kernels", but in this case 3.18 is not old, unsupported kernel but maintained long term kernel.

3.18 is unsupported by *us* regardless of upstream support. the same holds for all the other kernel versions such as 3.4, 3.10, etc.

Just a hypothetical question:
If enough people were interested, or some kind of "bounty" were started, would it be possible to maintain 3.18 ? I am not a programmer, but if there is any way to help, I would be happy to.

we have limited time to work on this so we can't commit to supporting all the kernels that people would like us to maintain. throwing money at it won't change this unless it's enough to hire someone to work on this full-time.

Hello,

now that the distribution model has changed, will you reconsider the possibility of providing stable patches for 3.18 to paying subscribers ?

kernel 3.2 is 4 years old, and for all practical purposes obsolete and irrelevant
3.14 is OK, but missing some nice features
3.18 is now LTS
I would be happy to pay for 3.18 patches

Everyone has their own X version they'd like to see a stable version for. Our next stable version definitely will not be 3.18 though, but rather whatever 4.x is chosen at the time.

-Brad