Making C Less Dangerous in the Linux Kernel

Making C Less Dangerous in the Linux Kernel

linux.conf.au via YouTube Direct link

C as a fancy assembler: almost machine code

4 of 25

4 of 25

C as a fancy assembler: almost machine code

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

Making C Less Dangerous in the Linux Kernel

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Intro
  2. 2 Making C Less Dangerous in the Linux kernel
  3. 3 Kernel Self Protection Project
  4. 4 C as a fancy assembler: almost machine code
  5. 5 C as a fancy assembler: undefined behavior
  6. 6 Variable Length Arrays and alloca () are bad
  7. 7 Variable Length Arrays are slow
  8. 8 Variable Length Arrays: stop it
  9. 9 Switch case fall-through: new "statement"
  10. 10 Always-initialized local variables: just do it
  11. 11 Always-initialized local variables: switch gotcha
  12. 12 Arithmetic overflow detection: gcc?
  13. 13 Arithmetic overflow detection: Clang :
  14. 14 Bounds checking: explicit checking is slow
  15. 15 Instead of sprintf(): scnprintf()
  16. 16 Instead of memcpy: uhhh ... be ... careful?
  17. 17 Bounds checking: memory tagging :
  18. 18 Control Flow Integrity: indirect calls
  19. 19 CFI, forward edges: just call pointers
  20. 20 CFI, forward edges: enforce prototype :
  21. 21 CFI, backward edges: two stacks
  22. 22 CFI, backward edges: shadow call stack
  23. 23 CFI, backward edges: hardware support
  24. 24 Where is the Linux kernel now?
  25. 25 Challenges in Kernel Security Development

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.