Dapper Secure Kernel Patchset

Download Dapper Secure Kernel Patchsets

Download links for Dapper Secure Kernel Patchsets can be found on this page.
If you would like to review the code that comprises the patchsets, click the source links underneath each patchset.
If you would like to verify your downloads with GPG, you can find the GPG key on the contact page.

Dapper Secure Kernel Patchset Stable

Targeting the Linux 4.9.x Kernel Series

Dapper Secure Kernel Patchset Stable Releases

Status: Fully functional.

source license

Dapper Secure Kernel Patchset

Targeting the Linux 4.13.x Kernel Series

Dapper Secure Kernel Patchset Releases

Status: Compile errors and fails to boot.

source license

Why Maintain Dapper Secure Kernel Patchset?

On 26th April 2017, Grsecurity announced that they were discontinuing open and free access to their "test" patchset, meant for the latest released kernel, and that they are "passing the baton" to the community to maintain the patchset. We thank Open Source Security for their contributions over the last 16 years, and wish them well for the future.

With no updates or stable patchsets to rely on, Dapper Secure Kernel Patchset was initiated to provide a forward port of the final Grsecurity patchset, from version 4.9.24 to the latest kernel version. Dapper Secure Kernel Patchset Stable was created to continue to provide support for kernels on the 4.9.x line, as it involves minimal changes from the last Grsecurity patchset and can be used while the forward port to newer kernels is completed.

Dapper Linux would not be able to provide the same level of security as can be expected if not for the hardened kernel, so continuing this patchset is essential, and there has been little interest on the internet of others providing forward ports of the patchset. If you are interested in working on the patchset and improving it or fixing bugs, please click the source links under the patches, and submit pull requests.

You can read more on this blog post announcing the patchset.

Dapper Secure Kernel Patchset Features

Extensive Kernel Hardening and Closure of Potential Security Issues

Strong Protection Against Memory Corruption Based Exploits

Prevention of Code Reuse Attacks With Control Flow Integrity


Dapper Secure Kernel Patchset and Dapper Secure Kernel Patchset Stable are both licensed under the GPLv2, a copy of which can be found here. The GPLv2 states that if you recieve a binary of the compiled software, the source code must also be provided, or a written offer for a copy of the source code provided.

This means if you have obtained or recieved a binary distribution of a kernel patched with Dapper Secure Kernel Patchset or Dapper Secure Kernel Patchset Stable, you are entitled to the corresponding source code of that release. If you find someone violating these conditions, send a message to [email protected] and we will look into it.

The beauty of open source is encased within the four freedoms mentioned by Richard Stallman.

The first freedom is to be able to run the program as we wish, for any purpose. This enables us to be able to run the resulting kernel patched by Dapper Secure Kernel Patchset for any purpose, such as using it on personal computers, servers, businessess or to study. Anyone can run a kernel patched with Dapper Secure Kernel Patchset, and we can all benefit from the security it provides.

The second freedom is to study how the program works, and change it so it does computing as you wish it to. This means that anyone can obtain the source code for Dapper Secure Kernel Patchset and be able to study exactly how each security enhancement functions and how security is provided to the user. If you are technically inclined, you are able to improve it even further.

The third freedom is to redistribute copies of the program to help your neighbour, which can help improve the security of everyones computers.

Finally, the fourth freedom is the ability to redistribute modified copies to your neighbour, which gives the community as a whole a chance to benefit from your changes. It is this freedom that enables Dapper Limited to keep developing and releasing a free to access patchset for the entire community, picking up the baton from Grsecurity, and attempting to release the best patchset to the best of our ability.

Dapper Linux Limited distributes Dapper Secure Kernel Patchset and Dapper Secure Kernel Patchset Stable to the entire community in the hope that you find it useful. If you do find it useful, or even put effort into improving the patchset, please feel free to send the changes back to the original patchset by means of a pull request, which can be done on Github.

Ready To Try Out Dapper Linux?

Let's get you secured. We will have you up and running in no time.

Download Now