Navigation
Recherche
|
[$] Live patching for CPU vulnerabilities
jeudi 20 décembre 2018, 22:27 , par LWN.net
The kernel's live-patching (KLP) mechanism can apply a wide variety of
fixes to a running kernel but, at a first glance, the sort of highly intrusive changes needed to address vulnerabilities like Meltdown or L1TF would not seem like likely candidates for live patches. The most notable obstacles are the required modifications of global semantics on a running system, as well as the need for live patching the kernel's entry code. However, the SUSE live patching team started working on proof-of-concept live patches for these vulnerabilities as a fun project and has been able to overcome these hurdles. The techniques that were developed are generic and might become handy again when fixing future vulnerabilities.
https://lwn.net/Articles/775264/rss
|
56 sources (32 en français)
Date Actuelle
ven. 22 nov. - 04:39 CET
|