Speaker
Omar Sandoval
Description
drgn is currently read-only: it can attach to the running kernel and read memory, but it can't modify memory or modify the flow of execution. These read-write features would clearly be useful for development (for example, in a virtual machine or a lab). If done safely, they could also be useful for modifying the kernel in production. There are many potential mechanisms for implementing this, each with risks.
I'll share some kernel bugs we hit in production at Meta where we wished drgn could make modifications in order to mitigate a bug until a fix is deployed. Then, let's brainstorm how we can allow this without creating huge footguns and backdoors.
