Breaking and Protecting Linux Kernel Stack
Offered By: Linux Foundation via YouTube
Course Description
Overview
Explore the evolution of Linux kernel stack attacks and defenses in this comprehensive conference talk. Delve into the history of stack-based vulnerabilities, examining existing protective measures implemented in the upstream Linux kernel. Analyze the effectiveness of current safeguards, including vmalloc-based stack allocation with guard pages, thread_info removal, and the STACKLEAK feature. Investigate the potential for further enhancing kernel stack security through RANDOMIZE_KSTACK_OFFSET, considering its challenges and performance implications. Gain insights into various attack techniques such as buffer overflows, stack overflows, and inter-stack exploitation, while learning about countermeasures like VMAP-based stacks and Variable-Length Arrays removal. Evaluate the gap between current protections and potential threats, and engage in a discussion on the future of Linux kernel stack security.
Syllabus
SECURITY
Linux thread stack for x86_64
Buffer overflows
Stack Overflows
Uninitialized Stack
Stackjacking
Inter-stack exploitation
A more recent example
Stack Clash
Basic measures for x86_64
VMAP-based stack
Variable-Length Arrays removal
STACKLEAK and stack initialization
Gap analysis
In-stack randomization: comparison
CONFIG_RANDOMIZE_KSTACK_OFFSET
Performance, performance, performance.....
Discussion & Conclusions
References
Taught by
Linux Foundation
Tags
Related Courses
Building Geospatial Apps on Postgres, PostGIS, & Citus at Large ScaleMicrosoft via YouTube Unlocking the Power of ML for Your JavaScript Applications with TensorFlow.js
TensorFlow via YouTube Managing the Reactive World with RxJava - Jake Wharton
ChariotSolutions via YouTube What's New in Grails 2.0
ChariotSolutions via YouTube Performance Analysis of Apache Spark and Presto in Cloud Environments
Databricks via YouTube