diff --git a/KEEP/grsecurity.version b/KEEP/grsecurity.version
index fd105a0d1..75e72855c 100644
--- a/KEEP/grsecurity.version
+++ b/KEEP/grsecurity.version
@@ -1,2 +1,2 @@
-grsecurity-3.0-3.14.23-201410312212
+grsecurity-3.1-3.18.8-201502271843
 
diff --git a/KEEP/kernel.version b/KEEP/kernel.version
index c8c349231..23b59f37d 100644
--- a/KEEP/kernel.version
+++ b/KEEP/kernel.version
@@ -1,2 +1,2 @@
-3.14.23
+3.18.8
 
diff --git a/KEEP/linux-3.18-posix_sed.patch b/KEEP/linux-3.18-posix_sed.patch
new file mode 100644
index 000000000..d1a832858
--- /dev/null
+++ b/KEEP/linux-3.18-posix_sed.patch
@@ -0,0 +1,28 @@
+--- linux-3.18.8/arch/x86/boot/Makefile
++++ linux-3.18.8.patched/arch/x86/boot/Makefile
+@@ -75,7 +75,8 @@
+ 
+ SETUP_OBJS = $(addprefix $(obj)/,$(setup-y))
+ 
+-sed-voffset := -e 's/^\([0-9a-fA-F]*\) [ABCDGRSTVW] \(_text\|_end\)$$/\#define VO_\2 0x\1/p'
++sed-voffset := -e 's/^\([0-9a-fA-F]*\) [ABCDGRSTVW] \(_text\)$$/\#define VO_\2 0x\1/p' \
++		-e 's/^\([0-9a-fA-F]*\) [ABCDGRSTVW] \(_end\)$$/\#define VO_\2 0x\1/p'
+ 
+ quiet_cmd_voffset = VOFFSET $@
+       cmd_voffset = $(NM) $< | sed -n $(sed-voffset) > $@
+@@ -84,7 +85,14 @@
+ $(obj)/voffset.h: vmlinux FORCE
+ 	$(call if_changed,voffset)
+ 
+-sed-zoffset := -e 's/^\([0-9a-fA-F]*\) [ABCDGRSTVW] \(startup_32\|startup_64\|efi32_stub_entry\|efi64_stub_entry\|efi_pe_entry\|input_data\|_end\|z_.*\)$$/\#define ZO_\2 0x\1/p'
++sed-zoffset := -e 's/^\([0-9a-fA-F]*\) [ABCDGRSTVW] \(startup_32\)$$/\#define ZO_\2 0x\1/p' \
++		-e 's/^\([0-9a-fA-F]*\) [ABCDGRSTVW] \(startup_64\)$$/\#define ZO_\2 0x\1/p' \
++		-e 's/^\([0-9a-fA-F]*\) [ABCDGRSTVW] \(efi32_stub_entry\)$$/\#define ZO_\2 0x\1/p' \
++		-e 's/^\([0-9a-fA-F]*\) [ABCDGRSTVW] \(efi64_stub_entry\)$$/\#define ZO_\2 0x\1/p' \
++		-e 's/^\([0-9a-fA-F]*\) [ABCDGRSTVW] \(efi_pe_entry\)$$/\#define ZO_\2 0x\1/p' \
++		-e 's/^\([0-9a-fA-F]*\) [ABCDGRSTVW] \(input_data\)$$/\#define ZO_\2 0x\1/p' \
++		-e 's/^\([0-9a-fA-F]*\) [ABCDGRSTVW] \(_end\)$$/\#define ZO_\2 0x\1/p' \
++		-e 's/^\([0-9a-fA-F]*\) [ABCDGRSTVW] \(z_.*\)$$/\#define ZO_\2 0x\1/p'
+ 
+ quiet_cmd_zoffset = ZOFFSET $@
+       cmd_zoffset = $(NM) $< | sed -n $(sed-zoffset) > $@
diff --git a/KEEP/linux-3.18-posix_sh.patch b/KEEP/linux-3.18-posix_sh.patch
new file mode 100644
index 000000000..3d772358e
--- /dev/null
+++ b/KEEP/linux-3.18-posix_sh.patch
@@ -0,0 +1,11 @@
+--- linux-3.18.8.org/arch/x86/kernel/cpu/mkcapflags.sh
++++ linux-3.18.8/arch/x86/kernel/cpu/mkcapflags.sh
+@@ -6,7 +6,7 @@
+ IN=$1
+ OUT=$2
+ 
+-function dump_array()
++dump_array()
+ {
+ 	ARRAY=$1
+ 	SIZE=$2
diff --git a/KEEP/linux-3.8-posix_sed.patch b/KEEP/linux-3.8-posix_sed.patch
deleted file mode 100644
index 22a21e027..000000000
--- a/KEEP/linux-3.8-posix_sed.patch
+++ /dev/null
@@ -1,27 +0,0 @@
---- linux-3.8.org/arch/x86/boot/Makefile
-+++ linux-3.8/arch/x86/boot/Makefile
-@@ -86,7 +86,8 @@
- 
- SETUP_OBJS = $(addprefix $(obj)/,$(setup-y))
- 
--sed-voffset := -e 's/^\([0-9a-fA-F]*\) . \(_text\|_end\)$$/\#define VO_\2 0x\1/p'
-+sed-voffset := -e 's/^\([0-9a-fA-F]*\) . \(_text\)$$/\#define VO_\2 0x\1/p' \
-+		-e 's/^\([0-9a-fA-F]*\) . \(_end\)$$/\#define VO_\2 0x\1/p'
- 
- quiet_cmd_voffset = VOFFSET $@
-       cmd_voffset = $(NM) $< | sed -n $(sed-voffset) > $@
-@@ -95,7 +96,13 @@
- $(obj)/voffset.h: vmlinux FORCE
- 	$(call if_changed,voffset)
- 
--sed-zoffset := -e 's/^\([0-9a-fA-F]*\) . \(startup_32\|startup_64\|efi_pe_entry\|efi_stub_entry\|input_data\|_end\|z_.*\)$$/\#define ZO_\2 0x\1/p'
-+sed-zoffset := -e 's/^\([0-9a-fA-F]*\) . \(startup_32\)$$/\#define ZO_\2 0x\1/p' \
-+		-e 's/^\([0-9a-fA-F]*\) . \(startup_64\)$$/\#define ZO_\2 0x\1/p' \
-+		-e 's/^\([0-9a-fA-F]*\) . \(efi_pe_entry\)$$/\#define ZO_\2 0x\1/p' \
-+		-e 's/^\([0-9a-fA-F]*\) . \(efi_stub_entry\)$$/\#define ZO_\2 0x\1/p' \
-+		-e 's/^\([0-9a-fA-F]*\) . \(input_data\)$$/\#define ZO_\2 0x\1/p' \
-+		-e 's/^\([0-9a-fA-F]*\) . \(_end\)$$/\#define ZO_\2 0x\1/p' \
-+		-e 's/^\([0-9a-fA-F]*\) . \(z_.*\)$$/\#define ZO_\2 0x\1/p' 
- 
- quiet_cmd_zoffset = ZOFFSET $@
-       cmd_zoffset = $(NM) $< | sed -n $(sed-zoffset) > $@
diff --git a/KEEP/linux-menuconfig.patch b/KEEP/linux-menuconfig.patch
deleted file mode 100644
index 07639bd2c..000000000
--- a/KEEP/linux-menuconfig.patch
+++ /dev/null
@@ -1,40 +0,0 @@
---- linux-3.10.5/scripts/kconfig/lxdialog/check-lxdialog.sh.org	2013-08-06 04:30:10.369000004 +0000
-+++ linux-3.10.5/scripts/kconfig/lxdialog/check-lxdialog.sh	2013-08-06 04:32:20.840000004 +0000
-@@ -4,35 +4,13 @@
- # What library to link
- ldflags()
- {
--	pkg-config --libs ncursesw 2>/dev/null && exit
--	pkg-config --libs ncurses 2>/dev/null && exit
--	for ext in so a dll.a dylib ; do
--		for lib in ncursesw ncurses curses ; do
--			$cc -print-file-name=lib${lib}.${ext} | grep -q /
--			if [ $? -eq 0 ]; then
--				echo "-l${lib}"
--				exit
--			fi
--		done
--	done
--	exit 1
-+echo -lncurses
- }
- 
- # Where is ncurses.h?
- ccflags()
- {
--	if [ -f /usr/include/ncursesw/curses.h ]; then
--		echo '-I/usr/include/ncursesw -DCURSES_LOC="<curses.h>"'
--		echo ' -DNCURSES_WIDECHAR=1'
--	elif [ -f /usr/include/ncurses/ncurses.h ]; then
--		echo '-I/usr/include/ncurses -DCURSES_LOC="<ncurses.h>"'
--	elif [ -f /usr/include/ncurses/curses.h ]; then
--		echo '-I/usr/include/ncurses -DCURSES_LOC="<curses.h>"'
--	elif [ -f /usr/include/ncurses.h ]; then
--		echo '-DCURSES_LOC="<ncurses.h>"'
--	else
--		echo '-DCURSES_LOC="<curses.h>"'
--	fi
-+echo '-DCURSES_LOC="<ncurses.h>"'
- }
- 
- # Temp file, try to clean up after us
diff --git a/KEEP/linux-noperl-timeconst.patch b/KEEP/linux-noperl-timeconst.patch
index 479e8bdaa..7925ff8ae 100644
--- a/KEEP/linux-noperl-timeconst.patch
+++ b/KEEP/linux-noperl-timeconst.patch
@@ -1,10 +1,8 @@
 Replace timeconst.bc with the c version I've been using for years (to replace
 the perl version). Eventually I should add bc to toybox, but for now...
 
-diff --git a/kernel/Makefile b/kernel/Makefile
-index eceac38..f00be6d 100644
 --- /dev/null
-+++ linux/kernel/mktimeconst.c
++++ linux/kernel/time/mktimeconst.c
 @@ -0,0 +1,110 @@
 +/* Copyright 2010 Parallels Inc, licensed under GPLv2 */
 +/* Copyright 2010-2013 Rob Landley <rob@landley.net> */
@@ -116,7 +114,7 @@ index eceac38..f00be6d 100644
 +	fflush(stdout);
 +	return ferror(stdout);
 +}
---- linux/kernel/timeconst.bc	2013-04-28 19:36:01.000000000 -0500
+--- linux/kernel/time/timeconst.bc	2013-04-28 19:36:01.000000000 -0500
 +++ /dev/null	2013-02-23 10:58:11.743993346 -0600
 @@ -1,108 +0,0 @@
 -scale=0
@@ -227,9 +225,9 @@ index eceac38..f00be6d 100644
 -}
 -
 -timeconst(hz)
---- linux/kernel/Makefile
-+++ linux/kernel/Makefile
-@@ -125,19 +125,13 @@
+--- linux/kernel/time/Makefile
++++ linux/kernel/time/Makefile
+@@ -125,17 +125,11 @@
  
  $(obj)/time.o: $(obj)/timeconst.h
  
@@ -252,5 +250,3 @@ index eceac38..f00be6d 100644
 +$(obj)/timeconst.h: $(obj)/mktimeconst FORCE
 +	$(call if_changed,mktimeconst)
  
- ifeq ($(CONFIG_MODULE_SIG),y)
- #
diff --git a/pkg/grsec b/pkg/grsec
index 0e307cf7e..31c697dba 100644
--- a/pkg/grsec
+++ b/pkg/grsec
@@ -1,9 +1,9 @@
 [mirrors]
-http://ftp.barfooze.de/pub/sabotage/tarballs/grsecurity-3.0-3.14.23-201410312212.patch.xz
-http://foss.aueb.gr/mirrors/linux/sabotage/tarballs/grsecurity-3.0-3.14.23-201410312212.patch.xz
-http://dl.2f30.org/mirrors/sabotage/tarballs/grsecurity-3.0-3.14.23-201410312212.patch.xz
+http://ftp.barfooze.de/pub/sabotage/tarballs/grsecurity-3.1-3.18.8-201502271843.patch.xz
+http://foss.aueb.gr/mirrors/linux/sabotage/tarballs/grsecurity-3.1-3.18.8-201502271843.patch.xz
+http://dl.2f30.org/mirrors/sabotage/tarballs/grsecurity-3.1-3.18.8-201502271843.patch.xz
 
 [main]
-filesize=774904
-sha512=c912f5439a19cf38dca94efd2c9109dd52cc37b2bb45c8b20f17ab0a5b6f45d2445d855dd2da258a935cd7df9888ee8cc32a3a086af66dbf8f6bcf57875b2c38
+filesize=787220
+sha512=d78ee2da13b22c2a189a2b68996e7b0173a22135f3b11ed5bbdc0c928a61074897e7daa97d6db5496a68bd2ca24d35b5c3f8d8f7c4b2675d9170d48a97d1e186
 
diff --git a/pkg/kernel b/pkg/kernel
index e31ec17fb..0fa7e723a 100644
--- a/pkg/kernel
+++ b/pkg/kernel
@@ -27,16 +27,14 @@ dopatch() {
 #noperl and qemu patches from landley.net/aboriginal
 dopatch "$K"/linux-noperl-timeconst.patch
 
-# fix the broken "ncurses detector" which fails, and even worse removes our HOSTLDFLAGS
-dopatch "$K"/linux-menuconfig.patch
-
 # work around mismatch between devicename and channel name in 9p virtfs code
 # p9_virtio_create gets something like "/dev/chan" and the channel name is "chan"
 dopatch "$K"/linux-virtio9p.patch
 
 # patches to support busybox trap and sed with strict musl BRE engine
 dopatch "$K"/linux-3.8-trap.patch
-dopatch "$K"/linux-3.8-posix_sed.patch
+dopatch "$K"/linux-3.18-posix_sed.patch
+dopatch "$K"/linux-3.18-posix_sh.patch
 
 if [ -n "$ENABLE_GRSEC" ] ; then
 	patchname="$GRSEC_VER".patch
diff --git a/pkg/kernel-tarball b/pkg/kernel-tarball
index cefeafb75..f346bd0bd 100644
--- a/pkg/kernel-tarball
+++ b/pkg/kernel-tarball
@@ -1,9 +1,9 @@
 [mirrors]
-ftp://kernel.org/pub/linux/kernel/v3.x/linux-3.14.23.tar.xz
-http://www.kernel.org/./pub/linux/kernel/v3.x/linux-3.14.23.tar.xz
-http://ftp.free.fr/pub/linux/kernel/v3.x/linux-3.14.23.tar.xz
-http://ftp.heanet.ie/mirrors/linux/kernel/v3.x/linux-3.14.23.tar.xz
+ftp://kernel.org/pub/linux/kernel/v3.x/linux-3.18.8.tar.xz
+http://www.kernel.org/./pub/linux/kernel/v3.x/linux-3.18.8.tar.xz
+http://ftp.free.fr/pub/linux/kernel/v3.x/linux-3.18.8.tar.xz
+http://ftp.heanet.ie/mirrors/linux/kernel/v3.x/linux-3.18.8.tar.xz
 
 [main]
-filesize=78456428
-sha512=c4e6380a3a434e8bf5c88e86890c14df66e179317ab1457775c857712125925297c3c6dc7bb91653659dbcbdd926c219327ca8302676ce923ae9b949c7aeb7cc
+filesize=80954240
+sha512=bfe989e66e4935d6b906452852ae8a389258f528ec6eb5cbd5cf2a8636949557407f3db8aa0dbebe84def78f0adedf76b56040992340184d8fa504f9a3ae99a2