Gaining Bounds-Checking on Trailing Arrays in Linux Kernel - Kernel Recipes 2023

Explore the intricacies of trailing arrays in the Linux kernel and learn about recent efforts to enhance bounds-checking capabilities in this 51-minute conference talk from Kernel Recipes 2023. Delve into the distinction between dynamically-sized and fixed-size trailing arrays, and understand why compilers have historically treated them similarly. Discover how GCC-13's new -fstrict-flex-arrays option aims to differentiate between these array types. Follow the Kernel Self-Protection Project's work in transforming fake flexible-arrays into modern C99 flexible-array members. Examine the combination of these efforts with compiler attributes to mitigate out-of-bounds vulnerabilities in the upstream Linux kernel. Investigate the connection between this work and recent initiatives to harden key APIs like memcpy() and globally enable options such as -Warray-bounds. Gain valuable insights from speaker Gustavo A.R. SILVA on improving kernel security through enhanced bounds-checking mechanisms.