How do I prevent kernel updates from bricking my CM4 DevTerm?

I flashed the official 0.2 CM4 image and everything was working fine. However, the system soon after performed a kernel update, after which, I couldn’t use the machine any more.

I have reflashed the 0.2 CM4 image five or six times and every time it breaks with a kernel update.
I assume the new kernel just doesn’t contain the display driver or whatever.

So can I either
A. have the Kernel update and still retain a working device?
B. block the system from every updating the kernel?

You can hold the packages you dont want removed/updated with apt-mark hold.

  • Step 1: Find your installed kernel by running the command uname -r

Pretend Example Output:

[User@Machine ~]$ uname -r

NOTE: Your kernel might not say ‘linux-kernel’ or anything similar and may look like a random splash of nonsense numbers. Here is an example from one of my Fedora boxes

[usfrozen@nobaranuc ~]$ uname -r
  • Step 2: Copy the output of the last command

  • Step 3: Hold the kernel packages in APT
    Run the following command, but use your kernel version from above:
    sudo apt-mark hold 5.4.10-generic
    Apt will spit out a list of packages that are “set on hold”

Pretend Example Output:

[User@Machine ~]$ sudo apt-mark hold 5.4.10-generic
linux-headers-5.4.10-generic set on hold.
linux-kernel-5.4.10-generic set on hold.
linux-kernel-5.4.10-whatever set on hold.

There will be several packages held.

Other commands you should know if you need to undo these changes:

Show held packages
apt-mark showhold

Unhold a single package:
apt-mark unhold package_name

Unhold all held packages using some fancy command substitution:
apt-mark unhold $(apt-mark showhold)

sudo bash -c 'cat <<EOF > /etc/apt/preferences.d/raspberrypi-kernel
Package: raspberrypi-kernel raspberrypi-kernel:armhf
Pin: release *
Pin-Priority: -1

this will prevent kernel from apt upgrading