Compartmentalizing Vulnerable Kernel Components Without Stopping the Machine
Offered By: Linux Foundation via YouTube
Course Description
Overview
Explore a groundbreaking approach to enhancing kernel security in this 28-minute conference talk from the Linux Foundation. Delve into the challenges of compartmentalizing vulnerable device drivers, which constitute 70% of the kernel codebase, without interrupting system services. Learn about the limitations of existing methods that require system reboots, and discover the potential of on-the-fly enforcement. Witness a demonstration of transition hazard attacks using CVE-2022-0995, and understand how the innovative O2C solution addresses these challenges. Gain insights into O2C's key technical innovations, including software-based compartmentalization using eBPF and the integration of an ML model into the kernel. Examine the negligible overhead and excellent scalability of O2C through detailed measurement results, and access the open-source code for further exploration.
Syllabus
Compartmentalizing Vulnerable Kernel Components Without Stopping the Machine - Qinrun Dai
Taught by
Linux Foundation
Tags
Related Courses
Fuzzing the Native NTFS Read-Write Driver - NTFS3 - in the Linux KernelBlack Hat via YouTube SyzDescribe - Automated Static Generation of Syscall Descriptions for Kernel Drivers
Linux Foundation via YouTube Making Fuzzing Part of Your Software Development Lifecycle
Linux Foundation via YouTube Fuzzing Linux Drivers with Syzkaller
Linux Foundation via YouTube ACRN Security: Fuzzing and Hardening Edge Hypervisors
Linux Foundation via YouTube