This however would be OK in theory if we used bitdefender/vbh_sample since that is fully Open Source?
If you’re wondering why I was packaging LKRG and not yet VBH:
- Time is one reason.
- Another is that LKRG is supported by Adam and Solar. Both are very responsive on the mailing list for years, very reasonable and easy to talk to. I haven’t seen much from VBH yet but also didn’t search.
If someone wants to move this forward, I suggest:
- discuss VBH on LKRG mailing list
- try VBH in Debian, Kicksecure, and Whonix, contact upstream when applicable.
Packaging VBH might be similarly doable for me if it’s a “pure” kernel module since I already packaged LKRG. Useful? Dunno, I don’t know if VBH does things that LKRG doesn’t. Please contact both upstream’s to talk about this.
Related: Linux Kernel Runtime Guard (LKRG) - Linux Kernel Runtime Integrity Checking and Exploit Detection