Explore Android kernel security in this 32-minute conference talk by Google engineers Jeff Vander Stoep and Sami Tolvanen. Dive into the details of kernel vulnerabilities, analyze reported security bugs, and evaluate the effectiveness of recent mitigations. Learn about new kernel security measures introduced in the Android Open Source Project and discover the kernel security wishlist. Gain insights into attack surface reduction, Android Oreo's security improvements, and Control Flow Integrity (CFI) implementation. Understand how the Linux kernel serves as Android's trusted computing base and primary enforcer of its security model, while also being a prime target for privilege escalation attacks.
Overview
Syllabus
Intro
Data Source
Attack Surface Reduction
Android Oreo
Kernel Mitigations
Kernel Vulnerabilities
CFI Control Flow Integrity
Questions
Taught by
Linux Foundation
Tags
Related Courses
-
Android: Protecting the Kernel - Kernel Security Strategies
-
Control Flow Integrity in the Linux Kernel
-
Linux Kernel Control-Flow Integrity Support
-
LinkDoor - A Hidden Attack Surface in the Android Netlink Kernel Modules
-
Control Flow Integrity in the Linux Kernel
-
Enforcing Unique Code Target Property for Control-Flow Integrity
