Linux Kernel Runtime Guard (LKRG) v0.2 released

The following changes have been made between LKRG 0.1 and 0.2:

*) Add support for being loaded at early boot stage (e.g. from initramfs)
*) [CI] Add a new sysctl to control whether LKRG performs code integrity checks on random events (or only at regular intervals)
*) Reduce performance impact, e.g. in our specific test case:
-> Average cost of running a fully enabled LKRG => 2.5%
-> Average cost of running LKRG without the code integrity checks on random events (disabled with the new sysctl) => 0.7%
*) [CI] Fix a potential deadlock bug caused by get_online_cpus() function, which might sleep if CONFIG_PREEMPT_VOLUNTARY=y
*) [CI] Fix dynamic NOPs injected by *_JUMP_LABEL for MWESTMERE
*) [CI] Remove false positives caused by *_JUMP_LABEL in corner case scenarios
*) [ED] Remove false positives when kernel executes usermode helper binaries

Legend:
[CI] – Code Integrity
[ED] – Exploit Detection

https://www.patreon.com/p_lkrg

http://www.openwall.com/lists/announce/2018/03/27/1

http://www.openwall.com/lkrg/

 

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s