Sasha Levin, a key figure at NVIDIA and member of the Linux Foundation’s advisory board, has recently developed a series of patches for the Linux kernel to introduce a new feature known as the killswitch mechanism. This feature enables users to instantly disable certain functions within a running kernel, providing a quick solution to blocking vulnerabilities until a proper fix can be implemented through a kernel update. The implementation of this killswitch mechanism aims to enhance the security and stability of the Linux kernel.
The killswitch can be managed through the file “/sys/kernel/security/killswitch/control”, which allows users to specify which kernel functions should be intercepted based on their names. For example, by entering the command “engage af_alg_sendmsg -1” into the control file, users can effectively block the af_alg_sendmsg function and return an error code instead of executing it, thus preventing potential vulnerabilities from being exploited.
Utilizing characters supported by the kprobes subsystem, users can customize the killswitch to target specific subsystems where recent serious vulnerabilities have been identified. These vulnerabilities often affect subsystems that are used by a limited number of users, such as AF_ALG, ksmbd, nf_tables, vsock, and ax25. While disabling certain functions may cause inconvenience for some users, the risk of running a kernel with known unpatched vulnerabilities far outweighs any temporary inconvenience.
One notable example where the killswitch mechanism can be crucial is in the case of the Dirty Frag vulnerability, where an exploit was made public before a fix was available in the kernel. In such scenarios, the killswitch mechanism provides a proactive approach to mitigating security risks and safeguarding the integrity of the Linux kernel.