Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [day] [month] [year] [list]
Date: Mon, 12 Nov 2018 13:27:19 +0100
From: Solar Designer <solar@...nwall.com>
To: announce@...ts.openwall.com, lkrg-users@...ts.openwall.com
Subject: [openwall-announce] LKRG 0.5

Hi,

We'd like to announce Linux Kernel Runtime Guard (LKRG) version 0.5:

https://www.openwall.com/lkrg/

The following changes have been made between LKRG 0.4 and 0.5:

*) [CI] Add *_JUMP_LABEL support for kernel modules (a major change)
*) [CI] Add support for "cold" function versions generated by new GCC -
necessary to correctly handle *_JUMP_LABEL
*) [CI] Change output message format when *_JUMP_LABEL was detected for kernel
module's .text section
*) [CI] Add new sysctl interface - optional panic() on CI verification failure
*) [ED] Hook generic_permission() instead of may_open()
*) [ED] Hook and correctly handle override_creds() / revert_creds()
*) Add Mikhail Klementev's patches for Makefile, .gitignore and missing include

Legend:
[CI] - Code Integrity
[ED] - Exploit Detection

Like before, this release is mostly due to work by Adam 'pi3' Zabrocki.

Alexander

Powered by blists - more mailing lists

Your e-mail address:

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.