YoVDO

Making C Less Dangerous

Offered By: Linux Foundation via YouTube

Tags

Conference Talks Courses C Programming Courses Control-Flow Integrity Courses

Course Description

Overview

Explore the efforts to enhance C language safety in Linux kernel development through this informative conference talk by Kees Cook from Google. Delve into various strategies for mitigating security vulnerabilities and undefined behaviors inherent in C programming. Learn about removing Variable Length Arrays, enforcing stack variable initialization, implementing implicit bounds checking, handling arithmetic overflows, and protecting function calls with Control Flow Integrity. Gain insights into the Linux kernel's approach to modifying C standards and redefining undefined behaviors to create a more secure codebase. Discover the challenges faced in kernel security development and the ongoing work to make C less hazardous for critical infrastructure.

Syllabus

Intro
Kernel Self Protection Project
C as a fancy assembler almost machine code
C as a fancy assembler: undefined behavior
Variable Length Arrays are bad
Variable Length Arrays are slow
Switch case fall-through did I mean it?
Switch case fall-through: new statement
Switch case fall-through new statement
Always-initialized local variables: just do it
Always-initialized local variables switch gotcha
Arithmetic overflow detection Clang :
Bounds checking: explicit checking is slow
Bounds checking memory tagging :
Control Flow Integrity: indirect calls
CFI, forward edges: enforce prototype :
CFI, backward edges: two stacks
CFI, backward edges: shadow call stack . Clang's Shadow Cal Stack
CFI, backward edges: hardware support
Where is the Linux kernel now?
Challenges in Kernel Security Development


Taught by

Linux Foundation

Tags

Related Courses

Building Geospatial Apps on Postgres, PostGIS, & Citus at Large Scale
Microsoft via YouTube
Unlocking the Power of ML for Your JavaScript Applications with TensorFlow.js
TensorFlow via YouTube
Managing the Reactive World with RxJava - Jake Wharton
ChariotSolutions via YouTube
What's New in Grails 2.0
ChariotSolutions via YouTube
Performance Analysis of Apache Spark and Presto in Cloud Environments
Databricks via YouTube