Kernel Self-Protection Project: Overview and Recent Developments
Offered By: Linux Foundation via YouTube
Course Description
Overview
Explore the latest developments in the Kernel Self-Protection Project through this informative conference talk by Kees Cook from Google. Gain insights into security defenses implemented in Linux kernels 4.14 through 4.18, including vmapped stacks, structure randomization, SLUB freelist obfuscation, and more. Learn about the evolution of kernel CVE lifetimes, ongoing defense developments, and areas requiring further attention. Discover the speaker's extensive background in Free Software, his contributions to various projects, and his current focus on Linux kernel security features. Delve into topics such as bug lifetimes, failure modes, bug-fighting strategies, and upcoming features in kernel self-protection.
Syllabus
Intro
Context
What are we protecting
Bug life time
git history
long tail
dirtycow
Bugfighting
Failure modes
Bugs
Killing Bug Classes
Killing Exploitation
Kernel SelfProtection
Kernel Releases
Specter in Meltdown
Refcount Conversions
Internal Systems
Multiplication Overflows
SSB
Coming Features
Challenges
hypervisor
hypervisor magic bullet
questions
GCC plugin support
Taught by
Linux Foundation
Tags
Related Courses
Armv8-M Architecture FundamentalsArm Education via Coursera Memory Management in OS - Contiguous Memory Allocation
CodeHelp - by Babbar via YouTube Shreds - Fine-Grained Execution Units with Private Memory
IEEE via YouTube CHERI - A Hybrid Capability-System Architecture for Scalable Software Compartmentalization
IEEE via YouTube XMP: Selective Memory Protection for Kernel and User Space
IEEE via YouTube