Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Linux Foundation

Control Flow Integrity in the Linux Kernel

Linux Foundation via YouTube

Overview

Explore the critical topic of Control Flow Integrity (CFI) in the Linux Kernel through this 45-minute conference talk by Kees Cook from Google. Gain insights into why CFI matters, understand attack methods targeting kernel code, and learn about implementation strategies using clang and alternative approaches. Discover the concept of shadow call stacks, sign pointers, and the challenges of integrating CFI upstream. Witness a live demonstration and participate in a Q&A session addressing CFI's compatibility with kernel modules. Enhance your understanding of kernel security measures and their importance in protecting against potential vulnerabilities in the Linux ecosystem.

Syllabus

Introduction
Agenda
Why should anyone care
Writing directly to kernel code
Writable and executable
Simplified view
Read only
Userspace
Attack Methods
Direct Function Calls
Indirect Function Calls
Backward Edge
Writable
Goal
Function Prototypes
Implementation with clang
Implementation without clang
Embedded function prototype
Improved speed
Shadow call stack
Shadow stack
Sign pointers
Getting it upstream
Where are we
How to do it
Live demo
Questions
How does CFI work with the kernel module

Taught by

Linux Foundation

Reviews

Start your review of Control Flow Integrity in the Linux Kernel

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.