Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Linux Foundation

Kernel Self-Protection Project: Eliminating Bug Classes and Blocking Exploitation Techniques

Linux Foundation via YouTube

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore the latest developments in the Kernel Self-Protection Project in this 25-minute conference talk by Kees Cook from Google. Gain insights into the project's efforts to eliminate bug classes and block kernel exploitation techniques. Learn about security defenses implemented in kernels 4.19 through 5.3, including stack and heap auto-initialization, heap mapping robustness, per-task stack canaries, VLA removal, and implicit-fallthrough removal. Discover the progress on upstreaming Control Flow Integrity (CFI) and examine the evolution of kernel CVE lifetimes. Get an overview of ongoing defense developments and areas requiring further assistance. The presentation covers topics such as bugfighting, exploitation methods, memory safety languages, and upcoming features, concluding with a discussion of challenges and a Q&A session.

Syllabus

Intro
Why is this important
Bugfighting
Car analogy
Killing bugs
Killing bug classes
Exploitation methods
Memory safety languages
Kernel Subduction Project
Kernel Updates
Vulnerabilities
Conversions
Bugs
More conversions
Expected for 53
Upcoming features
Challenges
Questions

Taught by

Linux Foundation

Reviews

Start your review of Kernel Self-Protection Project: Eliminating Bug Classes and Blocking Exploitation Techniques

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.