[$] A “runtime guard” for the kernel

Post Syndicated from jake original https://lwn.net/Articles/749707/rss

While updating kernels frequently is generally considered a best
practice, there are many installations that are unable to do so for a
variety of reasons. That means with some number of known
(along with an unknown number of unknown , of
course), so some way to detect and stop for those flaws may be
desired. That is exactly what the Linux Kernel Runtime Guard (LKRG)
is meant to do.