Linux Kernel Runtime Guard 0.8 Released

LKRG is a loadable kernel module that performs runtime integrity checking of the Linux kernel and detection of security vulnerability exploits against the kernel.

Linux Kernel Runtime Guard (LKRG) is a loadable kernel module that performs runtime integrity checking of the Linux kernel and detection of security vulnerability exploits against the kernel.

LKRG is a kernel module (not a kernel patch), so it can be built for and loaded on top of a wide range of mainline and distros’ kernels, without needing to patch those.

After almost a year since the previous release, Linux Kernel Runtime Guard (LKRG) version 0.8 is finally available. The following major changes have been made between LKRG 0.7 and 0.8:

  • Add support for kernels 5.3+ (JUMP_LABEL batch mode), 5.5+ and 5.6+ (other changes in JUMP_LABEL), 5.7+ (non-exported kallsyms_lookup_name symbol)
  • Add support for ACPI S3 (suspend to RAM) and S4 (suspend to disk)
  • Add support for DKMS to Makefile
  • Add more hooks, most notably on capable() for more likely timely detection of exploits that mess with capabilities rather than credentials
  • New logic for detection of namespace escapes (e.g., from Docker containers)
  • Rework the optional systemd unit file so that LKRG is loaded at an earlier stage of system bootup, but can be disabled via the kernel command-line
  • Add experimental support for Raspberry Pi 4 and 32-bit ARM

Like before, this release is mostly due to work by Adam ‘pi3’ Zabrocki. If you would like to see the full list of changes, please visit announcement.

Bobby Borisov

Bobby Borisov

Bobby, an editor-in-chief at Linuxiac, is a Linux professional with over 20 years of experience. With a strong focus on Linux and open-source software, he has worked as a Senior Linux System Administrator, Software Developer, and DevOps Engineer for small and large multinational companies.

Linux News You'll Love!

Craving the latest in Linux? Get your weekly fix with our newsletter. It's everything Linux, straight to your inbox! It's fun, it's free, and it's full of insights!

Think You're an Ubuntu Expert? Let's Find Out!

Put your knowledge to the test in our lightning-fast Ubuntu quiz!
Ten questions to challenge yourself to see if you're a Linux legend or just a penguin in the making.

1 / 10

Ubuntu is an ancient African word that means:

2 / 10

Who is the Ubuntu's founder?

3 / 10

What year was the first official Ubuntu release?

4 / 10

What does the Ubuntu logo symbolize?

5 / 10

What package format does Ubuntu use for installing software?

6 / 10

When are Ubuntu's LTS versions released?

7 / 10

What is Unity?

8 / 10

What are Ubuntu versions named after?

9 / 10

What's Ubuntu Core?

10 / 10

Which Ubuntu version is Snap introduced?

The average score is 68%

Related Posts