Pulojekiti ya Openwall yasindikiza kutulutsidwa kwa kernel module LKRG 0.9.2 (Linux Kernel Runtime Guard), yopangidwa kuti izindikire ndikuletsa kuukira ndi kuphwanya kukhulupirika kwa kernel. Mwachitsanzo, gawoli limatha kuteteza motsutsana ndi kusintha kosaloledwa kwa kernel yothamanga ndikuyesa kusintha zilolezo zamachitidwe ogwiritsira ntchito (kuzindikira kugwiritsa ntchito zomwe zachitika). Gawoli ndiloyenera kukonza chitetezo ku zovuta zomwe zimadziwika kale za Linux kernel (mwachitsanzo, nthawi zomwe zimakhala zovuta kusinthira kernel mu dongosolo), komanso kuwerengera zomwe zachitika pazovuta zomwe sizikudziwika. Khodi ya polojekitiyi imagawidwa pansi pa layisensi ya GPLv2. Mutha kuwerenga za mawonekedwe a LKRG pakulengeza koyamba kwa polojekitiyi.
Zina mwa zosintha mu mtundu watsopano:
- Kugwirizana kumaperekedwa ndi ma Linux maso kuchokera ku 5.14 mpaka 5.16-rc, komanso zosintha za LTS kernels 5.4.118+, 4.19.191+ ndi 4.14.233+.
- Zothandizira pazosintha zosiyanasiyana za CONFIG_SECCOMP.
- Thandizo lowonjezera la "nolkrg" kernel parameter kuti mutsegule LKRG panthawi yoyambira.
- Tinakonza zolakwika chifukwa cha mpikisano pokonza SECCOMP_FILTER_FLAG_TSYNC.
- Kupititsa patsogolo luso logwiritsa ntchito CONFIG_HAVE_STATIC_CALL makonda mu Linux kernels 5.10+ kuti aletse mipikisano yothamanga potsitsa ma module ena.
- Mayina a ma module otsekedwa mukamagwiritsa ntchito lkrg.block_modules=1 makonzedwe amasungidwa mu chipika.
- Kuyika kwa makonda a sysctl mufayilo /etc/sysctl.d/01-lkrg.conf
- Fayilo yowonjezeredwa ya dkms.conf ya DKMS (Dynamic Kernel Module Support) yomwe imagwiritsidwa ntchito popanga ma module a chipani chachitatu pambuyo pakusintha kwa kernel.
- Thandizo lokwezeka komanso losinthidwa pamapangidwe achitukuko ndi machitidwe ophatikizana mosalekeza.
Source: opennet.ru