'[oss-security] Re: Re: [MAINTAINERS SUMMIT] Handling of embargoed security issues -- security@korg v'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    [oss-security] Re: Re: [MAINTAINERS SUMMIT] Handling of embargoed security issues -- security@korg v
From:       Miroslav Benes <mbenes () suse ! cz>
Date:       2023-08-29 8:46:09
Message-ID: alpine.LSU.2.21.2308291043590.21665 () pobox ! suse ! cz
[Download RAW message or body]

[ apologies for a slight off topic ]

Hi,

On Fri, 25 Aug 2023, Donald Buczek wrote:

> We go a long way to avoid rebooting. This might be as easy as disabling 
> unused dynamic modules by just removing the .ko files from userspace, 
> but sometimes we even convert an upstream fix into a loadable module 
> which uses ftrace to replace or wrap the buggy functions in the running 
> systems. A "reboot party" would only be a measure of last resort.

the kernel live patching infrastructure might help you with this. See 
Documentation/livepatch/ and samples/livepatch/ in the kernel tree.

Regards,
Miroslav
[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic