Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Drop the ROP - Fine-Grained Control-Flow Integrity for the Linux Kernel

Black Hat via YouTube

Overview

Explore a comprehensive Black Hat conference talk on fine-grained Control-Flow Integrity (CFI) for the Linux kernel. Delve into the evolution of kernel-level security measures, from W^X memory policies to the challenges posed by return-oriented programming (ROP). Examine the limitations of existing kernel-level CFI proposals and their struggle to balance security with support for dynamically loadable kernel modules. Follow João Moreira's in-depth analysis of memory safety bugs, control-flow hijacking, and various mitigation techniques. Investigate the intricacies of gadgets, wrap attacks, indirect branches, and control-flow graphs. Learn about fine-grained control-flow issues, the Abadi approach, and the challenges of enforcing CFG and protecting returns. Gain insights into kernel configuration, core graph detaching, and support for assembly code. Conclude with a demonstration and discussion on the proposed guidelines for implementing robust CFI in the Linux kernel.

Syllabus

Introduction
Who am I
Agenda
Memory Safety Bugs
ControlFlow Hijacking
Mitigation
Gadgets
Wrap Attack
Rocks
Indirect Branches
ControlFlow Graph
What could go wrong
FineGrained ControlFlow Issues
CaseEfi
Two major problems
Abadi approach
Function pointer
enforcing the CFG
protecting returns
is it safe
the problem
Source code
Kernel configuration
Core graph detaching
Support for assembly code
Parsers
Benchmarks
Proposed Guides
Demo
Conclusions
Discussion

Taught by

Black Hat

Reviews

Start your review of Drop the ROP - Fine-Grained Control-Flow Integrity for the Linux Kernel

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.