Any devices with 4.x kernels?

[n0x0n]

Hi crowd.

I find it quite a bit disturbing that we use a kernel that has been out since 2010, are there any wireless routers out there that use modern kernels (i.e. the LTS series 4.9, 4.4 or 4.14)?

Jan

 

[HardCat]

Hi crowd.

I find it quite a bit disturbing that we use a kernel that has been out since 2010, are there any wireless routers out there that use modern kernels (i.e. the LTS series 4.9, 4.4 or 4.14)?

Jan

ASUS RT-AC86U uses: 4.1.27

 

[RMerlin]

Broadcom's HND platform is based on 4.1. There are a few Qualcomm platforms based on various 3.x versions too AFAIK.

Ultimately, the kernel doesn't matter that much, since most of the real work is done by the proprietary components. Also, manufacturers often backport pieces from newer kernel versions.

 

[n0x0n]

Ultimately, the kernel doesn't matter that much, since most of the real work is done by the proprietary components. Also, manufacturers often backport pieces from newer kernel versions.

Well the kernel means quite a lot to me because I don't think that Asus, BCM oder even the maintainers here (which I consider to be the good ones) have enough time on their hands to manually backport all patches. ASUS had a problem with this in the past (Link)...

 

[ColinTaylor]

ASUS had a problem with this in the past (Link)...

That had absolutely nothing to do with the kernel version.

 

[n0x0n]

That had absolutely nothing to do with the kernel version.

Correct, but underlines the need for timely security updates, including kernel updates.

 

[ColinTaylor]

Correct, but underlines the need for timely security updates, including kernel updates.

Security updates, yes. Kernel updates, not necessarily.

 

[john9527]

Well the kernel means quite a lot to me

If this is a top criteria for you, you may want to look at a pfsense/opnsense box. They both keep their underlying FreeBSD kernels current.

 

[kvic]

I find it quite a bit disturbing that we use a kernel that has been out since 2010, are there any wireless routers out there that use modern kernels (i.e. the LTS series 4.9, 4.4 or 4.14)?

You get the "latest" kernel when you buy it. It never gets updated. Most users won't care either. You shall consider "professional" gears if you do..

For example, Edgerouter X that costs as little as $50 will get a 4.9.x kernel soon. The same kernel will go into their 5-year old models as well.

 

[RMerlin]

There hasn't been that many real security issues in the past few years targeting the Linux kernel. Backporting those two or three critical security fixes ain't that hard to do - I've done it myself.

I'd be far more concerned about the userspace components being out of date with, well, every single home-oriented router out there. These are far more likely to be exploitable.

Almost no device manufacturer out there keep up-to-date with kernel releases. First reason being the SDK is generally tied to a very specific kernel release. Updating that would require extensive revalidations. The software stack of a Broadcom or Qualcomm router is far more complex than that of a typical OpenWRT or pfsense system, due to the large amount of proprietary code. Router manufacturers can't just merge a new kernel version and call it a day- it doesn't work that way. Same situation with smartphones - check the kernel version of your typical Android phone. The vast majority of us out there are using phones with a 3.x kernel. Again, can't be updated due to the upstream device drivers.

 

[coxhaus]

You get the "latest" kernel when you buy it. It never gets updated. Most users won't care either. You shall consider "professional" gears if you do..

For example, Edgerouter X that costs as little as $50 will get a 4.9.x kernel soon. The same kernel will go into their 5-year old models as well.

I think this is a good thing. I wish more vendors did this.

 

[MatrixGeeker]

Hi crowd.

I find it quite a bit disturbing that we use a kernel that has been out since 2010, are there any wireless routers out there that use modern kernels (i.e. the LTS series 4.9, 4.4 or 4.14)?

Jan

I just bought a linksys Wrt1900ac and I'm running latest DDWRT with 4x kernel and its running smooth!

 

[sfx2000]

Latest/Greatest is not always the best - API's move around in the kernel, and one has to take everything in context - the kernel, the c library, the userland stuff that is bound.

OpenWRT tends to stay close to the tip on many items - but even they manage what they pull in.

Like @RMerlin mentions - one has to consider the whole package - good example is my little ChromeBook - it's current on CrOS, and the Kernel is still on 3.18 - one can rest assure though, that the important security patches have been pulled in...

 

[MatrixGeeker]

Latest/Greatest is not always the best - API's move around in the kernel, and one has to take everything in context - the kernel, the c library, the userland stuff that is bound.

OpenWRT tends to stay close to the tip on many items - but even they manage what they pull in.

Like @RMerlin mentions - one has to consider the whole package - good example is my little ChromeBook - it's current on CrOS, and the Kernel is still on 3.18 - one can rest assure though, that the important security patches have been pulled in...

I see. I have pi sense as my firewall as well

 

[kvic]

Latest/Greatest is not always the best - API's move around in the kernel, and one has to take everything in context - the kernel, the c library, the userland stuff that is bound.

I'm afraid I've to disagree with you here. It's fine if you're happy with old purchases. That's a different story.

If you're buying something new, definitely look for a kernel from 4.x, preferably 4.9.x as the minimum, and a vendor that will upgrade its kernel!

For a Linux based router, kernel is the essential part for performance and functionalities. User space is less critical. For one reason, we have excellent user space repository from e.g. Entware.

 

[sfx2000]

For a Linux based router, kernel is the essential part for performance and functionalities. User space is less critical. For one reason, we have excellent user space repository from e.g. Entware.

What I mean by userland is the vendor stuff - not entware/optware...

Many vendors do include value added apps as well as their own code in that space, along with what the chipset vendor tosses over the fence with their SDK/HDK's which are tightly coupled and tuned for the SoC used.

 

[RMerlin]

and a vendor that will upgrade its kernel!

Almost no vendor does, because they are limited to what is officially supported by the SDK used for the various SoC they use in their product, and also the risk of stuff breaking (even tho Linus has a very strong stance that kernel changes should never break userspace, but sometimes it happens - like the major locking changes around 2.6.38/2.6.39, or the netfilter structures that became opaque in a 3.x release - that one is what's breaking ipt_account in Asuswrt-Merlin BTW.)

Check the kernel used by your smartphone for instance (if you have an Android phone).

The kernel should be the least of your worries. Userspace is far more critical. Dnsmasq or OpenSSL for instance are far more sensitive targets to attack than the Linux kernel, which gets very few security issues these past few years. And the few that came up (like Dirtycow) are easily fixed through backports, rather than a complete kernel upgrade that carries the risk of breaking other things.

 

[kvic]

What I mean by userland is the vendor stuff - not entware/optware...

Many vendors do include value added apps as well as their own code in that space, along with what the chipset vendor tosses over the fence with their SDK/HDK's which are tightly coupled and tuned for the SoC used.

Less so for consumer wireless routers. The main user space components from SoC are helpers to drive their chip's functionality. The main equivalent from a router manufacturer like ASUS is perhaps the admin/config GUI.

These user space components require correct functionality, and less so on performance. Almost any other user space applications could be well served by Entware. That includes latest/greatest editors, openvpn, ipsec vpn, webserver, load balancers, DNS servers, DHCP servers/clients...just to name a few.

Entware (Optware..for that matter) is essentially OpenWRT minus the linux kernel. So as long as consumer routers have a solid kernel baseline. Their usefulness and life-span are greatly expanded and extended by these folks' effort.

 

[kvic]

Almost no vendor does, because they are limited to what is officially supported by the SDK used for the various SoC they use in their product

MediaTek offers SoC used in so-called non-premium routers by this forum. Their MT7621 SoC (e.g. used in ASUS AC58U if I recall correctly) has a SDK based on Linux kernel 4.9.x. After I learned that, I though it's only a matter of demand from end-users and router vendors.

Will ASUS upgrade its firmware for AC58U to the new SDK based on 4.9.x kernel? Apparently not. It doesn't make biz case for them. But Ubuqiti has chosen to upgrade for their Edegerouter X series products.

So I think the problem is two folds. Willingness from router vendors (and that partly driven by end-users). Willingness of SoC vendors to cover older chipsets in their newer SDK.

Personally I won't educate users that it's not essential to look for newer kernels, and not to ask kernel upgrade as part of firmware upgrades.

Take one step further. Asus strategy of multi-year firmware support is certainly better than other vendors. But after the first six months, their updates perhaps are mostly of fringe benefits.