Date: Tue, 29 Aug 2023 10:46:09 +0200 (CEST) From: Miroslav Benes <mbenes@...e.cz> To: Donald Buczek <buczek@...gen.mpg.de> cc: Solar Designer <solar@...nwall.com>, oss-security@...ts.openwall.com, Vegard Nossum <vegard.nossum@...cle.com>, Jiri Kosina <jkosina@...e.cz>, ksummit@...ts.linux.dev Subject: Re: Re: [MAINTAINERS SUMMIT] Handling of embargoed security issues -- security@...g vs. linux-distros@ [ apologies for a slight off topic ] Hi, On Fri, 25 Aug 2023, Donald Buczek wrote: > We go a long way to avoid rebooting. This might be as easy as disabling > unused dynamic modules by just removing the .ko files from userspace, > but sometimes we even convert an upstream fix into a loadable module > which uses ftrace to replace or wrap the buggy functions in the running > systems. A "reboot party" would only be a measure of last resort. the kernel live patching infrastructure might help you with this. See Documentation/livepatch/ and samples/livepatch/ in the kernel tree. Regards, Miroslav
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.