On Thu, 7 May 2026 03:05:45 -0400 Sasha Levin <[email protected]> wrote:
> When a (security) issue goes public, fleets stay exposed until a patched > kernel > is built, distributed, and rebooted into. > > For many such issues the simplest mitigation is to stop calling the buggy > function. Killswitch provides that. An admin writes: > > echo "engage af_alg_sendmsg -1" \ > > /sys/kernel/security/killswitch/control It certainly sounds useful, but what would I know. How do we hunt down suitable operations people (aka "target audience") to find out how useful this is to them? Also, > 19 files changed, 1451 insertions(+), 1 deletion(-) wowzers. I'm looking at samples/livepatch/livepatch-sample.c wondering "why"?
