Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

GCC's -fanalyzer and the Linux Kernel

Linux Plumbers Conference via YouTube

Overview

Explore GCC's -fanalyzer feature and its application to the Linux kernel in this 45-minute conference talk by David Malcolm at the Linux Plumbers Conference. Delve into the intricacies of -f analyzer and -f warnings, understanding how they work to track memory state and detect issues. Learn about detecting uninitialized fields, taint analysis, and handling attacker-controlled indexes. Discover special cases, alternative approaches, and the use of attributes like access, readonly, and tintedargs. Examine trust boundaries, address spaces, and custom address spaces, along with the untrusted attribute. Gain insights into smart checkers, address space casting, GCC's annual release cycle, and GCC plugins. Engage in a discussion on the practical implications of these tools for kernel development and security.

Syllabus

Introduction
Dashf analyzer
Dashf warnings
How it works
Tracking state of memory
Warnings
My day job
Detecting uninitialized fields
taint example
attacker controlled index
special case
second approach
access attribute
readonly attribute
tintedargs attribute
demo
example
trust boundaries
address spaces
custom address spaces
untrusted attributes
woohoo
CPU
RCU tag
Double underscore force
Smart Checkers
Address Space Cast
GCC annual release cycle
GCC plugins
Discussion

Taught by

Linux Plumbers Conference

Reviews

Start your review of GCC's -fanalyzer and the Linux Kernel

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.