Linux Kernel Runtime Guard 1.0 has been released. LKRG is a project providing runtime integrity checking of the Linux kernel and is able to detect security vulnerability exploits against the running kernel.
After seven years in development, the developers behind the Linux Kernel Runtime Guard were finally comfortable declaring their “1.0” release this week. It’s been several years since we last covered this open-source project working to provide better runtime security for Linux> and in the past also benchmarked the overhead of LKRG. As a lot has changed the past few years, I’ll work to benchmark LKRG 1.0 in the coming weeks.
Linux Kernel Runtime Guard 1.0 supports the latest Linux kernels up through the 6.17 series, adds support for newer kernel features since its prior release, supports Intel CET IBT and/or KCFT on x86_64, Clang-built kernels work in more cases, various performance improvements, and there have also been a variety of bug fixes to LKRG.
LKRG functions as a Linux kernel module with the code for now at least continuing to be carried out-of-tree.
Those wanting to learn more about LKRG 1.0 can do so via LKRG.org and its 1.0 release announcement.
