Solar Designer

A similar issue exists for module names, although hopefully only for "attacks" by root.

@sempervictus What "in-binary execution woes" are you referring to?

> I don't see anything wrong with this @Adam-pi3 While it's just a warning, somehow upstream Linux recently decided to explicitly enable these warnings - perhaps they had their reasons:...

Hey, this issue was about the linker warning that is still unfixed, and we still haven't decided on fixing it or not. That you added off-topic comments to it doesn't...

@Adam-pi3 Off the top of my head, our options might be: 1. Do nothing. (Accept that a warning is printed during LKRG build on recent systems.) 2. Add a linker...

As I recall, kfence was seen in a backtrace in one of the crashes at https://github.com/openwall/lkrg/runs/2693541239 - and this makes me wonder whether Adam's addition of some `cpu_relex();` calls today...

It's not just performance overhead. I think there's little value in LKRG's kernel `.text` integrity checking if LKRG constantly accepts updated hashes, because this means that it'd also accept (update...

> disable kernel integrity checking when `CONFIG_KFENCE_STATIC_KEYS` and to log a warning message about that. If we check for `CONFIG_KFENCE_STATIC_KEYS` at LKRG compile time, then we should also have a...

> disable kernel integrity checking when `CONFIG_KFENCE_STATIC_KEYS` BTW, it's a pity we don't currently have a mode where LKRG would check integrity of most important kernel globals, but not of...

Hi @gnd. Thank you for reporting this. What version of LKRG is this with? If it's anything other than the latest from this repo, then please upgrade and try again....