What is the deal with packagekit? ARM kernels/Hardware config passing? (piefed.world)

submitted 1 day ago by j4k3@piefed.world to c/linux@lemmy.ml

1 comments fedilink hide all child comments

I'm playing with a pinetab2. Apparently it may have some kind of thing to patch the kernel and I think it is using packagekit, but am not certain.

The device ships with an obscure Arch ARM64 distro on the built in EMMC. I'm exploring other distros and playing with Fedora Workstation now. Maybe I'm mistaken here, but I think some part of the old kernel is transferred or patching or something. I'm not positive. Stuff like the buggy built in WiFi module are not present, but I think the peripheral hardware and display memory map may be passed. That or packagekit may be an ARM64 kernel thing?

I'm more curious about the broader security/privacy implications, and what kinds of mechanisms are built into the kernel within this kind of application. I thought that the kernel was always built independently and that it defaults to never trusting unregistered code execution. How exactly that intersects with peripheral devices that may have their own memory is something I do not understand yet. Like the WiFi module on this device is a dual core µc slightly more advanced than an ESP32 with its own persistent memory.

Is this embedded onboard kernel modding/patching a thing?
How does one explore or monitor it?
How is trust established with a modem that can execute code in its own compute hardware with persistent memory?

These are just some things I am exploring if anyone feels like chatting casually about them. I'm not interested in tech support like nonsense or attitudes. This is just intended as high level, abstract overview like curiosity between hackers at various levels.

top 1 comments

sorted by: hot top controversial new old

[-] CameronDev@programming.dev 5 points 1 day ago

Packagekit (at least last I heard of it) was just a higher level package manager (wrapping around dnf/apt/etc), not anything specific to kernel patching. Maybe that has changed?

You can live patch a kernel, each distro has their own way of doing things, usually, you get a kernel module that is loaded that fixes the bug live, and there is a real fixed module to go with it that gets loaded next boot. The kernel patch module is just a hack to avoid rebooting. Ubuntu has some doco on their system LivePatch which is worth a read. I am not sure that kernel module signing is super commonly used, but there may be some distros that ship with it enabled. If it is enabled, then loading an unsigned kernel module should be impossible.

As for trust a modem, thats a tricky one. Firmware level hacks have been theorised for a long time, but there is very few examples of actual exploits. Its mostly security through obscurity.

this post was submitted on 16 Dec 2025

6 points (100.0% liked)

Linux

57274 readers

728 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
No misinformation
No NSFW content
No hate speech, bigotry, etc

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 6 years ago

MODERATORS

AgreeableLandscape@lemmy.ml

nooter692@lemmy.ml

MarcellusDrum@lemmy.ml

cypherpunks@lemmy.ml

cyclohexane@lemmy.ml

d3Xt3r@lemmy.nz