SUSE Labs Conference 2018 - Live patching tricks
Most of the time, fixing a vulnerablility from a live patch is straight forward and local in nature: adding an additional bounds check, for example.
And then there's CPU bugs.
After a short recap of the kGraft and upstream kernel live patching's per-task consistency model, see how we managed to achieve global consistency by live patching kGraft itself. This enabled us to to change semantics on a running system: flipping CR4 bits, messing with page tables, etc. is all possible now.
Other highlights, unrelated to the consistency model, include
live patching entry code
fooling the non-eager mode FPU switching heuristics into being eager
Parts of this talk have been handled at a not so technical level at
https://www.suse.com/c/live-patching-...
Nicolai Stange
Watch video SUSE Labs Conference 2018 - Live patching tricks online, duration hours minute second in high quality that is uploaded to the channel SUSE Labs 17 September 2018. Share the link to the video on social media so that your subscribers and friends will also watch this video. This video clip has been viewed 253 times and liked it 2 visitors.
![[Arizona RP Mesa] Жалоба на Santiago Lerma](https://images.reviewsvideo.ru/videos/WBCnGd5e7hg)
