search

lkrg-org / lkrg

Linux Kernel Runtime Guard
https://lkrg.org
Other
404 stars 72 forks source link

Rename the module from p_lkrg to lkrg #205

Closed solardiz closed 1 year ago

solardiz commented 1 year ago

Description

3 commits here: simplify a shell command in copy-builtin.sh, rename the kernel module from p_lkrg to lkrg (we still have plenty of p_lkrg_ as part of internal symbol names), and update CHANGES.

How Has This Been Tested?

Passed CI.

solardiz commented 1 year ago

@sempervictus It'd help if you retest copy-builtin.sh and subsequent kernel build and booting with all changes in this PR. Thanks!

Adam-pi3 commented 1 year ago

LGTM, let's wait for @sempervictus

sempervictus commented 1 year ago

Pulling in the change-set and kicking off a linux-hardened build this evening - should have a result by tomorrow. Havent had a chance to peek the diff yet, but does this include the PR fixing debug builds from the weekend or should i rebase atop that?

solardiz commented 1 year ago

@sempervictus This includes your recent PR. You don't need to rebase. Thanks!

sempervictus commented 1 year ago

CI seems to be "thinking it over" - still running the kernel build from last night along with a bunch of Rust builds (CPU-tapped out for >10h). Just kicked a local build to verify it compiles correctly at least. Should have results shortly

sempervictus commented 1 year ago

@solardiz @Adam-pi3 - builds fine in-tree, i'll either wait for CI to do a QA run in Qemu or manually test the build product when i get a breather, but in any case it did build and package the kernel correctly with LKRG in-tree

solardiz commented 1 year ago

Thank you, @sempervictus! Please update here when you have more results.

solardiz commented 1 year ago

FWIW, here's what loading of LKRG at AlmaLinux 8.5 bootup via systemd looks like after the recent changes:

[    5.769457] lkrg: loading out-of-tree module taints kernel.
[    5.769592] lkrg: module verification failed: signature and/or required key missing - tainting kernel
[    5.802044] LKRG: ALIVE: Loading LKRG
[    5.802047] LKRG: ISSUE: System does not support SMEP, which won't be validated
[    5.802047] LKRG: ISSUE: System does not support SMAP, which won't be validated
[    5.880125] Freezing user space processes ... (elapsed 0.002 seconds) done.
[    5.883093] OOM killer disabled.
[    5.987823] perf: interrupt took too long (2747 > 2500), lowering kernel.perf_event_max_sample_rate to 72000
[    6.097538] LKRG: ISSUE: [kretprobe] register_kretprobe() for <ovl_create_or_link> failed! [err=-22]
[    6.134102] LKRG: ISSUE: [kretprobe] register_kretprobe() for ovl_create_or_link failed and ISRA / CONSTPROP version not found!
[    6.134103] LKRG: ISSUE: Can't hook 'ovl_create_or_link' function. This is expected when OverlayFS is not used.
[    6.367787] LKRG: ALIVE: LKRG initialized successfully
[    6.367789] OOM killer enabled.
[    6.367789] Restarting tasks ... done.
[    6.502240] EXT4-fs (sda1): mounted filesystem with ordered data mode. Opts: (null)

BTW, this is pretty early - ~5 seconds before the network link is brought up.