Control Flow Integrity in the Linux Kernel

Explore the critical topic of Control Flow Integrity (CFI) in the Linux Kernel through this 45-minute conference talk by Kees Cook from Google. Gain insights into why CFI matters, understand attack methods targeting kernel code, and learn about implementation strategies using clang and alternative approaches. Discover the concept of shadow call stacks, sign pointers, and the challenges of integrating CFI upstream. Witness a live demonstration and participate in a Q&A session addressing CFI's compatibility with kernel modules. Enhance your understanding of kernel security measures and their importance in protecting against potential vulnerabilities in the Linux ecosystem.

Introduction
Agenda
Why should anyone care
Writing directly to kernel code
Writable and executable
Simplified view
Read only
Userspace
Attack Methods
Direct Function Calls
Indirect Function Calls
Backward Edge
Writable
Goal
Function Prototypes
Implementation with clang
Implementation without clang
Embedded function prototype
Improved speed
Shadow call stack
Shadow stack
Sign pointers
Getting it upstream
Where are we
How to do it
Live demo
Questions
How does CFI work with the kernel module