|
Message-ID: <20211229023840.GA6590@openwall.com> Date: Wed, 29 Dec 2021 03:38:41 +0100 From: Solar Designer <solar@...nwall.com> To: announce@...ts.openwall.com, lkrg-users@...ts.openwall.com Subject: LKRG 0.9.2 Hi, For those new to LKRG, it is a kernel module that performs runtime integrity checking of the Linux kernel and detection of security vulnerability exploits against the kernel. We've just released LKRG 0.9.2. At the same time, we've moved LKRG from Openwall's to LKRG project's new website at: https://lkrg.org This is where you'll find the new release. Similarly, we've moved the LKRG GitHub repository from the Openwall organization to LKRG's own: https://github.com/lkrg-org And we now tweet LKRG project news via @lkrg_org: https://twitter.com/lkrg_org These moves are made to better position LKRG for potential support by other companies. Stay tuned. The following major changes have been made between LKRG 0.9.1 and 0.9.2: *) Support new stable and mainline kernels 5.14 to at least 5.16-rc* *) Support new longterm kernels 5.4.118+, 4.19.191+, 4.14.233+ *) Support various CONFIG_SECCOMP configurations *) Fix a false positive possible because of race on SECCOMP_FILTER_FLAG_TSYNC where LKRG started to validate other threads' seccomp state too early *) Fix support of CONFIG_HAVE_STATIC_CALL on Linux 5.10+ to avoid a race with unloading of other modules *) Support the "nolkrg" kernel parameter in LKRG itself (not only in systemd) *) Log the blocked module name when lkrg.block_modules=1 *) Install/expect the sysctl settings in /etc/sysctl.d/01-lkrg.conf *) Add dkms.conf *) Continuous Integration and debugging build updates and improvements At the time of our previous release, LKRG 0.9.1, Linux 5.12.x were the latest. We were lucky that it also worked as-is on Linux 5.13.x and on newer longterm 5.10.x series kernels. However, starting with 5.14, as well as for 3 older longterm kernel series listed in the change log above, we had to make changes to support those newer kernel releases. Under the hood, LKRG grew just a little bit: $ git diff --shortstat v0.9.1..v0.9.2 38 files changed, 629 insertions(+), 442 deletions(-) and got a moderate number of changes, by the following people: $ git shortlog -sn v0.9.1..v0.9.2 13 Adam 'pi3' Zabrocki 11 Solar Designer 7 Vitaly Chikunov 3 Mariusz Zaborski 3 Patrick Schleizer 2 Mikhail Morfikov 2 Vladimir D. Seleznev 1 0xC0ncord As usual so far, the key changes in this release are Adam's. Notable to our project was Vitaly's ongoing support of the Continuous Integration, promptly fixing it whenever updates to its dependencies would break it. As usual, we welcome any feedback on lkrg-users. And yes, despite of the website and GitHub org and Twitter moves, the mailing list stays at Openwall, and further releases of LKRG will continue to be announced via Openwall (as well as via LKRG's new Twitter account). Alexander
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.