MacMusic  |  PcMusic  |  440 Software  |  440 Forums  |  440TV  |  Zicos
live
Recherche

[$] Live patching for CPU vulnerabilities

jeudi 20 décembre 2018, 22:27 , par LWN.net
The kernel's live-patching (KLP) mechanism can apply a wide variety of
fixes to a running kernel but, at a first glance, the sort of highly
intrusive changes needed to address vulnerabilities like Meltdown or L1TF
would not seem like likely candidates for live patches.
The most notable obstacles are the required
modifications of global semantics on a running system, as well as the
need for live patching the kernel's entry code. However, the SUSE live
patching team started working on proof-of-concept live patches for these
vulnerabilities as a
fun project and has been able to overcome these hurdles. The
techniques that were developed are generic and might become handy again when
fixing future vulnerabilities.
https://lwn.net/Articles/775264/rss
News copyright owned by their original publishers | Copyright © 2004 - 2024 Zicos / 440Network
Date Actuelle
ven. 22 nov. - 04:39 CET