Does Making the Kernel Harder Make Making the Kernel Harder?

Explore the impacts of the Linux Kernel Hardening Project in this 35-minute conference talk. Delve into how seemingly subtle changes like introducing refcount_t and removing variable length arrays contribute to kernel security. Gain insights from Casey Schaufler, a veteran kernel developer, as he explains the hidden benefits of these modifications and their significance in reducing vulnerabilities. Examine the trade-offs between enhanced security and potential drawbacks in development overhead, code churn, and performance. Learn about Schaufler's extensive experience in Unix kernels, access control systems, and his contributions to Linux security, including the Smack LSM and ongoing work on LSM infrastructure improvements.

Does Making the Kernel Harder Make Making the Kernel Harder? - Casey Schaufler, The Smack Project