Back To Schedule
Wednesday, August 21 • 10:50am - 11:20am
Kernel Self-Protection Project - Kees Cook, Google*

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
This presentation will cover the year-in-review of the Kernel Self-Protection Project since the last Linux Security Summit NA. The project continues to eliminate classes of bugs and block exploitation techniques in the kernel. It will including an overview of all the security defenses landed in kernels 4.19 through 5.3. Some highlights are stack and heap auto-initialization, heap mapping robustness, per-task stack canaries, VLA removal, implicit-fallthrough removal, and the progress on upstreaming CFI.

We'll also take a quick look at the evolution of kernel CVE lifetimes, find out what defenses are still under development, and note some areas where help is still needed.

avatar for Kees Cook

Kees Cook

Kernel Hacker, Google
Kees Cook has been working with Free Software since 1994, has been a Debian Developer since 2007, and has been a member of the Linux Kernel Technical Advisory Board since 2019. He is currently employed as a Linux kernel security engineer by Google, focusing on upstream kernel security... Read More →

Wednesday August 21, 2019 10:50am - 11:20am PDT
Sapphire D
  Short Topic
  • Session Slides Included Yes