From: David Collier-Brown <davecb@sun.com>
To: weigelt@metux.de
Cc: linux kernel list <linux-kernel@vger.kernel.org>
Subject: Re: A system for rebootless kernel security updates
Date: Thu, 01 May 2008 09:35:04 -0400 [thread overview]
Message-ID: <4819C708.1000802@sun.com> (raw)
In-Reply-To: <20080501113802.GC28005@nibiru.local>
Enrico Weigelt wrote:
> I didn't have the time for an deeper study yet, but as you already
> mentioned, there're lots of limitations which can make it harmful:
> as soon as interfaces chance, you're in *big* trouble. There should
> be a way for finding them (automatically). Maybe extract the
> interface signatures (including structs!) so some appropriate place
> next to the kernel, so they can be checked before (re)loading the
> module.
Actually there is a mature discipline around data changes that
dates back to before Unix v7, but it's off-topic for this
discussion: it would make the changes too big (;-))
If anyone is interested, see http://multicians.org/stachour.html
and/or send me mail
--dave (reading LKML when he should be working) c-b
--
David Collier-Brown | Always do right. This will gratify
Sun Microsystems, Toronto | some people and astonish the rest
davecb@sun.com | -- Mark Twain
(905) 943-1983, cell: (647) 833-9377, (800) 555-9786 x56583
bridge: (877) 385-4099 code: 506 9191#
next prev parent reply other threads:[~2008-05-01 13:37 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-04-23 18:59 A system for rebootless kernel security updates Jeff Arnold
2008-04-23 21:37 ` FD Cami
2008-04-24 13:42 ` Andi Kleen
2008-04-28 6:18 ` Jeff Arnold
2008-04-28 10:29 ` Andi Kleen
2008-04-29 6:55 ` Jeff Arnold
2008-04-29 12:57 ` Dan Noe
2008-04-29 22:43 ` Jeff Arnold
2008-05-01 11:38 ` Enrico Weigelt
2008-05-01 13:35 ` David Collier-Brown [this message]
2008-04-24 13:43 ` Christian Hesse
2008-04-24 18:13 ` Jeff Arnold
2008-04-24 19:16 ` Christian Hesse
2008-04-28 6:11 ` Jeff Arnold
-- strict thread matches above, loose matches on Subject: below --
2008-04-24 14:26 Tomasz Chmielewski
2008-04-24 14:42 ` Andi Kleen
2008-04-27 10:17 ` Pavel Machek
2008-04-27 17:00 ` Gilles Espinasse
2008-04-27 17:49 ` Willy Tarreau
2008-04-27 19:51 ` Oliver Pinter
2008-04-27 19:58 ` Jesper Juhl
2008-04-28 19:07 ` Bill Davidsen
2008-04-29 23:39 ` Jeff Arnold
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4819C708.1000802@sun.com \
--to=davecb@sun.com \
--cc=linux-kernel@vger.kernel.org \
--cc=weigelt@metux.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.