Special thanks to Benoît Monin for donating a MIT-licensed CSS theme to the kernel.org project to replace the one we hastily put together. Though the Pelican authors have since obtained a free-license commitment from the copyright owners of the CSS files shipping with Pelican, we wanted to have something that looked a bit less like the default theme anyway.
If anyone else wants to participate, full sources of the kernel.org website are available from the git repository.
If you have questions, comments or concerns about the F.A.Q. please contact us at webmaster@kernel.org.
Linux kernel is released under GNU GPL version 2 and is therefore Free Software as defined by the Free Software Foundation. You may read the entire copy of the license in the COPYING file distributed with each release of the Linux kernel.
There are a number of reasons there are multiple kernels marked as 'stable'. The stable series kernels stem from a conversation that happened in 2004, it has evolved into a number of kernels that are currently being maintained under the 'stable' moniker.
These kernels have patches that are backported to them, mainly in the form of driver updates and security fixes. Some of these trees have been declared to have longer life cycles than others.
Please check the Releases page for more info.
As kernels move from the "mainline" into the "stable" category, two things can happen:
If the kernel version you are using is marked "EOL," you should consider upgrading to the next major version as there will be no more bugfixes provided for the kernel version you are using.
Please check the Releases page for more info.
Yes, and you can find it at https://www.kernel.org/feeds/kdist.xml.
We also publish a .json file with the latest release information, which you can pull from here: https://www.kernel.org/releases.json.
All timestamps on kernel.org are in UTC (Coordinated Universal Time). If you live in the western hemisphere your local time lags behind UTC. Under Linux/Unix, type date -u to get the current time in UTC.
Kernel.org accounts are not given away very often, usually you need to be making some reasonable amount of contributions to the Linux kernel and have a good reason for wanting / needing an account. If you really feel that you should have an account please e-mail the following to keys@kernel.org:
The Kernel.org admin team will then review your request and let you know the decision.
Please note that The Linux Kernel Organization, Inc. reserves the right to refuse service to anyone, for any reason.
Probably not. Kernel.org deals with the Linux kernel, various distributions of the kernel and larger repositories of packages. We do not mirror individual projects, software, etc as we feel there are better places providing mirrors for those kinds of repositories. If you feel that kernel.org should mirror your project, please contact ftpadmin@kernel.org with the following information:
The Kernel.org admin team will then review your request and talk to you about it. As with any kind of account on kernel.org it's up to the discretion of the admin team.
We are using an access control system called gitolite, originally written and maintained by Sitaram Chamarty. We choose gitolite for a number of reasons:
As well at the time of deployment the code had undergone an external code review.
-rc kernel patches are generated from the base stable release.
For example: to create the 2.6.14-rc5 kernel, you must:
Yes, you want 2.6.13, not 2.6.14. Remember, that's an -rc kernel, as in, 2.6.14 doesn't exist yet. :)
Kernel version numbers of this form are distribution kernels, meaning they are modified kernels produced by distributions. Please contact the relevant distributor; or check out http://mirrors.kernel.org/.
See the Releases page for more info on distribution kernels.
Please see the Kernel Newbies website.
There is also a wealth of knowledge on many topics involving Linux at The Linux Documentation Project (http://www.tldp.org)
For finding or reporting bugs, look through the archives for the various Linux mailing lists, and if no specific list seems appropriate, try the browsing the Linux Kernel Mailing List.
The next kernel will be released when it is ready. There is no strict timeline for making releases, but if you really need an educated guess, visit the Linux kernel PHB Crystal Ball -- it tries to provide a ballpark guess based on previous kernel release schedule.
It is hard to predict with certainty, but you can either take a peek at linux-next or read the Linux Weather Forecast, where Jonathan Corbet provides a broad forecast of what will likely be included into the next mainline release.
The Linux Kernel Organization is a California Public Benefit Corporation established in 2002 to distribute the Linux kernel and other Open Source software to the public without charge. We are recognized by the IRS as a 501(c)3 private operating foundation.
The Linux Kernel Organization is managed by The Linux Foundation, which provides full technical, financial and staffing support for running and maintaining the kernel.org infrastructure.
Due to U.S. Exports Regulations, all cryptographic software on this site is subject to the following legal notice:
This site includes publicly available encryption source code which, together with object code resulting from the compiling of publicly available source code, may be exported from the United States under License Exception "TSU" pursuant to 15 C.F.R. Section 740.13(e).
This legal notice applies to cryptographic software only. Please see the Bureau of Industry and Security for more information about current U.S. regulations.
Our servers are located in Corvallis, Oregon, USA; Palo Alto and San Francisco, California, USA; Amsterdam, Netherlands; and Umeå, Sweden. Use in violation of any applicable laws is prohibited.
Linux is a Registered Trademark of Linus Torvalds. All trademarks are property of their respective owners.
There are several main categories into which kernel releases may fall:
Version | Maintainer | Projected EOL |
---|---|---|
3.4 | Greg Kroah-Hartman | Oct, 2014 |
3.2 | Ben Hutchings | 2016 |
3.0 | Greg Kroah-Hartman | Oct, 2013 |
2.6.34 | Paul Gortmaker | Mid-2013 |
2.6.32 | Willy Tarreau | Mid-2014 |
Many Linux distributions provide their own "longterm maintenance" kernels that may or may not be based on those maintained by kernel developers. These kernel releases are not hosted at kernel.org and kernel developers can provide no support for them.
It is easy to tell if you are running a distribution kernel. Unless you downloaded, compiled and installed your own version of kernel from kernel.org, you are running a distribution kernel. To find out the version of your kernel, run uname -r:
# uname -r 3.7.5-201.fc18.x86_64
If you see anything at all after the dash, you are running a distribution kernel. Please use the support channels offered by your distribution vendor to obtain kernel support.
Linux is a clone of the operating system Unix, written from scratch by Linus Torvalds with assistance from a loosely-knit team of hackers across the Net. It aims towards POSIX and Single UNIX Specification compliance.
It has all the features you would expect in a modern fully-fledged Unix, including true multitasking, virtual memory, shared libraries, demand loading, shared copy-on-write executables, proper memory management, and multistack networking including IPv4 and IPv6.
Although originally developed first for 32-bit x86-based PCs (386 or higher), today Linux also runs on a multitude of other processor architectures, in both 32- and 64-bit variants.
If you're new to Linux, you don't want to download the kernel, which is just a component in a working Linux system. Instead, you want what is called a distribution of Linux, which is a complete Linux system. There are numerous distributions available for download on the Internet as well as for purchase from various vendors; some are general-purpose, and some are optimized for specific uses. We currently have mirrors of several distributions available at http://mirrors.kernel.org/.
Note, however, that most distributions are very large (several gigabytes), so unless you have a fast Internet link you may want to save yourself some hassle and purchase a CD-ROM with a distribution; such CD-ROMs are available from a number of vendors.
The Linux kernel is discussed on the linux-kernel mailing list at vger.kernel.org. Please read the FAQ before subscribing.
Although there is no official archive site, unofficial archives of the list can be found at:
Email is the only reliable way of contacting Kernel.org administrators.
Please do not send general Linux questions or bug reports to these addresses. We do not have the resources to reply to them.
Please try the following sites for general Linux help:
Linux Foundation also offers training opportunities if you are interested in learning more about Linux, want to become a more proficient Linux systems administrator, or want to know more about how Linux can help your company succeed.
Please send any mail correspondence to the Linux Foundation:
The Linux Foundation660 York Street, Suite 102San Francisco, CA 94110Phone/Fax: +1 415 723 9709
We've implemented two oft-requested features today:
If you have any other feature suggestions, please send them to webmaster@kernel.org.
Due to a failure in one of the rsync scripts during the maintenance window, the mirrors of /pub hierarchy on www.kernel.org got erased. We are resyncing them now from the master storage, but in the meantime you will probably get an occasional "Forbidden". The entirety of the archive should be rsync'ed in a few hours.
We apologize profusely for the problem and will fix the script to make sure this doesn't happen again.
Contents of git.kernel.org are unaffected.
You are probably wondering what happened to the site's look. Unfortunately, we've been alerted that the default theme shipped by Pelican (which we largely adapted) has an unclear license. Until this is cleared up, we've put together a quick-and-dirty cleanroom CSS reimplementation that preserves the functional aspects of the site, but sacrifices a lot of the bells and whistles.
If you are a CSS designer and would like to donate your own cleanroom style, please let us know at webmaster@kernel.org.
Our apologies, and we promise to keep a keener eye on licensing details of various templates distributed with open-source products.
Welcome to the reworked kernel.org website. We have switched to using Pelican in order to statically render our site content, which simplifies mirroring and distribution. You can view the sources used to build this website in its own git repository.
Additionally, we have switched from using gitweb-caching to using cgit for browsing git repositories. There are rewrite rules in place to forward old gitweb URLs to the pages serviced by cgit, so there shouldn't be any broken links, hopefully. If you notice that something that used to work with gitweb no longer works for you with cgit, please drop us a note at webmaster@kernel.org.
Copyright 1997-2013 The Linux Kernel Organization, Inc.
Distributed software is copyrighted by their respective contributors and are distributed under their own individual licenses.
This site is provided as a public service by The Linux Kernel Organization Inc., a California 501(c)3 nonprofit corporation. Our servers are located in San Francisco, CA, USA; Palo Alto, CA, USA; Corvallis, OR, USA; Amsterdam, Netherlands; and Umeå, Sweden. Use in violation of any applicable laws is strictly prohibited.
Neither the Linux Kernel Organization nor any of its sponsors make any guarantees, explicit or implicit, about the contents of this site. Use at your own risk.
Linux is a Registered Trademark of Linus Torvalds. All trademarks are property of their respective owners.
All kernel releases are cryptographically signed using OpenPGP-compliant signatures. Everyone is strongly encouraged to verify the integrity of downloaded kernel releases by verifying the corresponding signatures.
Linux kernel releases and all other files distributed via kernel.org mirrors are no longer signed by one centrally issued key. You will need to rely on the PGP Web of Trust in order to verify the authenticity of downloaded archives.
Every kernel release comes with a cryptographic signature from the person making the release. This cryptographic signature allows anyone to verify whether the files have been modified or otherwise tampered with since the developer created and signed them. The signing and verification process uses public-key cryptography and it is next to impossible to forge a PGP signature without first gaining access to the developer's private key. If this does happen, the developers will revoke the compromised key and will re-sign all their previously signed releases with the new key.
To learn more about the way PGP works, please consult Wikipedia.
In order for this section to make sense, you should first familiarize yourself with the way PGP Web of Trust works. You can start by reading the Wikipedia article on the subject.
In a few words, PGP keys used by members of kernel.org are cross-signed by other members of kernel.org (and, frequently, by many other people). If you wanted to verify the validity of any key belonging to a member of kernel.org, you could review the list of signatures on their public key and then make a decision whether you trust that key or not. This article from the GnuPG manual is a good first step towards understanding how you can use PGP trust relationships to validate keys: Using trust to validate keys.
In order to become part of the kernel.org web of trust, you should locate kernel.org members in your geographical area, then verify and sign their keys. To locate members of kernel.org in your area, you can either use the Google Map created for this purpose, or send an email to the users@kernel.org mailing list, requesting key signing.
Once you have verified and signed a few keys, you can use the trust relationship established in the process to verify other keys used in the kernel.org web of trust.
All software released via kernel.org has corresponding PGP signatures. It should not be possible to upload any files to the kernel.org mirrors without providing a trusted PGP signature to go along with them.
To better illustrate the verification process, let's use Linux 3.1.5 release as a walk-through example. First, use "wget" or "curl -O" to download the release and the corresponding signature:
$ wget https://www.kernel.org/pub/linux/kernel/v3.0/linux-3.1.5.tar.xz $ wget https://www.kernel.org/pub/linux/kernel/v3.0/linux-3.1.5.tar.sign
You will notice that the signature is made against the uncompressed version of the archive. This is done so there is only one signature required for .gz, .bz2 and .xz compressed versions of the release. Start by uncompressing the archive, using unxz in our case:
$ unxz linux-3.1.5.tar.xz
Now verify the .tar archive against the signature:
$ gpg --verify linux-3.1.5.tar.sign
You can combine these steps into a one-liner:
$ xz -cd linux-3.1.5.tar.xz | gpg --verify linux-3.1.5.tar.sign -
The likely output will be:
gpg: Signature made Fri 09 Dec 2011 12:16:46 PM EST using RSA key ID 6092693E gpg: Can't check signature: public key not found
You will need to first download the public key from the PGP keyserver in order to verify the signature. Look at the first line of the output and note the "key ID" listed, which in our example is 6092693E. Now download this key from the key servers:
$ gpg --recv-keys 6092693E gpg: requesting key 6092693E from hkp server subkeys.pgp.net gpg: key 6092693E: public key "Greg Kroah-Hartman (Linux kernel stable release signing key) <greg@kroah.com>" imported gpg: 3 marginal(s) needed, 1 complete(s) needed, PGP trust model gpg: depth: 0 valid: 3 signed: 1 trust: 0-, 0q, 0n, 0m, 0f, 3u gpg: depth: 1 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 1f, 0u gpg: Total number processed: 1 gpg: imported: 1 (RSA: 1)
Let's rerun "gpg --verify":
$ gpg --verify linux-3.1.5.tar.sign gpg: Signature made Fri 09 Dec 2011 12:16:46 PM EST using RSA key ID 6092693E gpg: Good signature from "Greg Kroah-Hartman (Linux kernel stable release signing key) <greg@kroah.com>" gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: 647F 2865 4894 E3BD 4571 99BE 38DB BDC8 6092 693E
Notice the WARNING: This key is not certified with a trusted signature! You will now need to verify that the key used to sign the archive really does belong to the owner (in our example, Greg Kroah-Hartman). There are several ways you can do this:
If at any time you see "BAD signature" output from "gpg --verify", please first check that your download is correct and that the downloaded file is not truncated or otherwise corrupted. If you repeatedly get the same "BAD signature" output, email ftpadmin@kernel.org immediately, so we can investigate the problem.
We have a dedicated off-the-network system that connects directly to our central attached storage and calculates checksums for all uploaded software releases. The generated sha256sums.asc file is then signed with a PGP key generated for this purpose and that doesn't exist outside of that system.
These checksums are NOT intended to replace the web of trust. It is merely a way for someone to quickly verify whether contents on one of the many kernel.org mirrors match the contents on the master mirror. While you may use them to quickly verify whether what you have downloaded matches what we have on our central storage system, you should still use the GPG web of trust to verify whether the release tarball actually matches what the kernel developer published.
Prior to September, 2011 all kernel releases were signed automatically by the same PGP key:
pub 1024D/517D0F0E 2000-10-10 [revoked: 2011-12-11] Key fingerprint = C75D C40A 11D7 AF88 9981 ED5B C86B A06A 517D 0F0E uid Linux Kernel Archives Verification Key <ftpadmin@kernel.org>
Due to the kernel.org systems compromise, this key has been retired and revoked. It will no longer be used to sign future releases and you should NOT use this key to verify the integrity of any archives. It is almost certain that this key has fallen into malicious hands.
All kernel releases that were previously signed with this key are being cross-checked and will be signed with another key, created specifically for this purpose. Once the process is completed, the new key information will be put on this page.
The following revocation certificates have been issued for keys used in the past to sign kernel.org software releases:
Key fingerprint:
pub 1024D/517D0F0E 2000-10-10 [revoked: 2011-12-11] Key fingerprint = C75D C40A 11D7 AF88 9981 ED5B C86B A06A 517D 0F0E uid Linux Kernel Archives Verification Key <ftpadmin@kernel.org>
Revocation certificate:
-----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: A revocation certificate should follow iIkEIBECAEkFAk7lL6xCHQJLZXkgd2FzIHVzZWQgdG8gYXV0b3NpZ25pbmc7IGF1 dG9zaWduaW5nIHNlcnZlciB3YXMgY29tcHJvbWlzZWQuAAoJEMhroGpRfQ8OS7EA nikD5S7mmNM0QRX+H4BDxvdWzXWyAKCTuDGOdLoZs8gnl/G5UKVjX9mVkg== =eL49 -----END PGP PUBLIC KEY BLOCK-----
Key fingerprint:
pub 1024D/1E1A8782 1999-10-05 [revoked: 2000-10-10] Key fingerprint = 9DB4 C3A4 EF2A 3111 9072 82F3 F2A5 75DC 1E1A 8782 uid Linux Kernel Archives Verification Key <ftpadmin@kernel.org>
Revocation certificate:
-----BEGIN PGP PUBLIC KEY BLOCK----- Version: GnuPG v1.0.0 (GNU/Linux) Comment: For info see http://www.gnupg.org Comment: A revocation certificate should follow iEYEIBECAAYFAjnisTIACgkQ8qV13B4ah4K3DgCfShKQe2kfz68OKu0WwEzgKkAE vIQAn3Y8CTCRZ9QEIwsIs93F501VUtPs =l5FV -----END PGP PUBLIC KEY BLOCK-----
Key fingerprint:
pub 1024R/514C5279 1998-12-16 [revoked: 1999-10-05] Key fingerprint = 59 B1 5F 6F E3 13 4C 8B 33 E5 14 35 21 F1 D1 03 uid Linux Kernel Archives <ftpadmin@kernel.org>
Revocation certificate:
-----BEGIN PGP PUBLIC KEY BLOCK----- Version: 2.6.3a mQCNAzZ4N0EAAAEEAJpp8Hy0n2FBJqmrfX9dha1Ja/Uc7f63Afbv0SBTE4i+xeyg 5O/4VWr11LlP1uAjM8Gvfw8neRMLhMUjvRaXPhRR9KoAaW84Bg0cBSyakY6j1JXz JcBVKGoGNgBo82cVM9bkE1/Qdy9v6pGDw3qhAqBNLDtYDUS8fgTPgU1RTFJ5AAUR iQCVAwUgN/p+yATPgU1RTFJ5AQGk3wP/YDsx7Wys/FSfBMpfQA+7IO5Ug2voBGDa hXHKIofT9H7/eYBr3Sctq+/eZAVwll1iS3dkzBIEuvbVlgVam/nvegfRrL2hKy7i ELespx5WEqfhnapawg/xpFRsPkYOq96IcoGSIQSwGCq4wqz/CwfG/tQx0eGP9k7j N176TIjYdzu0K0xpbnV4IEtlcm5lbCBBcmNoaXZlcyA8ZnRwYWRtaW5Aa2VybmVs Lm9yZz6JAJUDBRA2eFIpnE1kY6hrNcUBARi6BACbJhIzBynhTW75RUeOqGv097+c ybQZ5fysSf3zeAIxGSFlZcpruHpLylwRXumhiOjqWjKbEeN2r9MqcutIKUVt2lkP p2BsqKN7CzmSMWLO13DYr7cSufKqm6AOe0pTqJJKTI/yST7DpHkDsi+FYN7eZ79w xETITd0Z/7/dF1uwBIkAlQMFEDZ4S3QCetOcrPWlRQEBcwkEAJbhw4ggjcenRNNo 357I8dzEHrIWIAhonjAnWddEwyGFUy1cmayNTO/PRXjubCEFuJttWZ50cKPpiwYr oxGOglUnX52aw7lZMIrQOTwe25VyrXIsSGDa3a+pyWHiWcRuAIAIP68rfFEYLhYf MMqBkh6f9QvipntvSYpuciS5xF9biQEVAwUQNnhHnTuFIe3ySu75AQH4NAf9GSYF T+rrPJhKHKnRT0qbnfwhgCGy6nQyjC1fEPLfnZnwoAvW1GO7JaXa516RbFkrrvHN vUeatXkRM3m94MSRdTfxabdgHlySbIkzGtCN0LaUI+it304UdheqP9cHbeQReMhf SmX0iEEbW+uUsfjv3+C2DiuHVb/xbql+Kacd+jf03OpRYRZg/lM7+WVJPhIg869Z WTeGc7THYVshQ8I/Ea9+O/PhqdZamHyG2bdpZVN24v6y/ULHrTTWZ4fUeybHNQzL bdJ2gpE58V+nbdcL7qkAU8fiHrTQwTWqp5tT1YBWUmFQKk/ETxQb1YEHnEIaPiKx p4FT/BTu0xj5D+72/4kAlQMFEDZ4N0EEz4FNUUxSeQEB6gQD/RqBgIU/BiVNUe/7 iKOUxATGhetqm82FbOhSRuoeqZjL6NV+CfLzTzF17ngXPopQ4B7Nf0vKzEhkw6S4 OqJ6PMOg/PG0dEbtTWFQL4BhUipkrCB+VfXnD8BbKz3cmUFgzTHdj/Rut3GTNjlL 7gWZTFAiBtkNvSaeRl40S4+UG4ys =ejCq -----END PGP PUBLIC KEY BLOCK-----