Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Security Features Status Update for Linux Kernel Toolchains

Linux Plumbers Conference via YouTube

Overview

Explore the latest developments in security features for the Linux kernel across GCC and Clang toolchains in this comprehensive conference talk. Dive into the progress made since the previous year, including achievements in parity between toolchains such as -fstrict-flex-arrays=3, -fsanitize=bounds, __builtin_dynamic_object_size(), and arm64 Shadow Call Stack for backward edge CFI. Learn about ongoing efforts, including the __counted_by(member) attribute for bounded Flexible Array Members. Discuss areas that require further work and consideration, such as the -fbounds-safety language extension proposal, handling nested structures with Flexible Array Members in Clang, and language extensions for Flexible Array Members in Unions. Examine challenges in implementing arbitrary stack protector guard locations, Link Time Optimization for kernel support in GCC, forward and backward edge CFI, arithmetic overflow protection, and addressing false positives in -Warray-bounds for GCC. Gain insights into the collaborative efforts to enhance Linux kernel security through toolchain improvements and feature implementations.

Syllabus

Security Features status update - Kees Cook, Qing Zhao, Bill Wendling

Taught by

Linux Plumbers Conference

Reviews

Start your review of Security Features Status Update for Linux Kernel Toolchains

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.