| 508 | | Executing "make help" in your kernel build directory will provide a complete list of available targets with explanations. This list will also include available defconfigs. |
| | 508 | Executing "make help" in your kernel build directory will provide a complete list of available targets with explanations. This list will also include available defconfigs. |
| | 509 | |
| | 510 | = Linux Kernel Security Updates / CVE |
| | 511 | |
| | 512 | Security fixes are constantly being made for Linux. These are referred to as Common Vulnerabilities and Exposures (CVE). There are many CVEs that do not apply to Gateworks use cases. There are some that do. |
| | 513 | |
| | 514 | Given the mass amount of CVE's, Gateworks does not constantly update to include each and every one. Patches for CVE's are usually included in minor kernel release versions. |
| | 515 | |
| | 516 | It is up to Gateworks customers to apply whichever patches they need when they need them. |
| | 517 | |
| | 518 | The best way to do this is to update to the latest Linux Kernel release (assuming it has the CVE fix) and then applying the Gateworks patches on top. |
| | 519 | |
| | 520 | Gateworks provides patches on top of Linux LTS kernels for its product families and partiicipates in kernel development by submitting these via the kernel patch submission process. While Gateworks does not rebase its patches on top of each and every new stable kernel release (as these can release on a weekly basis) it is generally very easy to rebase the Gateworks patches on top of the latest LTS stable kernels. For example for the Venice SBCs: |
| | 521 | {{{ |
| | 522 | git clone https://github.com/Gateworks/linux-venice.git |
| | 523 | cd linux-venice |
| | 524 | git checkout v6.18-5.venice |
| | 525 | git remote add stable git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git |
| | 526 | git remote update |
| | 527 | git checkout -b v6.18.y-venice |
| | 528 | git rebase -i remotes/stable/linux-6.18.y |
| | 529 | }}} |