Linux Kernel Runtime Guard (LKRG)
LKRG performs runtime integrity checking of the Linux kernel and detection of
security vulnerability exploits against the kernel.
LKRG is a kernel module (not a kernel patch), so it can be built for and loaded
on top of a wide range of mainline and distros' kernels, without needing to
patch those. We currently support kernel versions ranging from as far back as
RHEL7's (and its many clones/revisions) and Ubuntu 16.04's to latest mainline
and distros' kernels. For this release, we've tested LKRG with Linux kernels
up to and including 5.7.
LKRG currently supports the x86-64, 32-bit x86, AArch64 (ARM64), and 32-bit ARM
CPU architectures.
Please refer to CONCEPTS for concepts behind LKRG and for information on its
efficacy, and to PERFORMANCE for information on its performance impact.
The following sections describe how to obtain LKRG sources, build LKRG, test
it, install it on the system, and customize its configuration.
https://github.com/openwall/lkrg
[招生]科锐逆向工程师培训(2024年11月15日实地,远程教学同时开班, 第51期)