Overview
Syllabus
Status of the Kernel Self Protection Project
Kernel Security
Devices using Linux
Upstream Bug Lifetime
Fighting Bugs
Killing bugs is nice
Killing bug classes is better
Killing exploitation is best
Developers under KSPP umbrella
Bug class: Stack Overflow
Bug class: Integer overlunderflow
Bug class: Heap Overflow
Bug class: format string injection
Bug class: kernel pointer leak
Bug class: uninitialized variables
Exploitation finding the kernel
Exploitation Direct kernel overwrite
Exploitation: function pointer overwrite
Exploitation: userspace execution
Exploitation: userspace data
Exploitation Reused code chunks
Crystal Ball predictions for 4.9
Challenge Culture
Challenge: Technical
Challenge: Resources
Taught by
Linux Foundation