Loading…

Sign up or log in to bookmark your favorites and sync them to your phone or calendar.

Monday, August 19
 

8:00am

Registration
Monday August 19, 2019 8:00am - 9:00am
Indigo North Foyer

9:00am

Welcome & Opening Remarks - James Morris, Microsoft
Speakers
avatar for James Morris

James Morris

Kernel Developer, Microsoft
James is the maintainer of the Linux security subsystem, and kernel engineer at Microsoft.


Monday August 19, 2019 9:00am - 9:05am
Sapphire D

9:05am

Enarx - Attested, Secured Execution with AMD’s SEV - Nathaniel McCallum, Red Hat, Inc. & David Kaplan, Advanced Micro Devices, Inc.
AMD SEV (Secure Encrypted Virtualization) is a new CPU security technology available in AMD's EPYC processors and provides new levels of protection for virtualized workloads. AMD SEV can encrypt the memory and register state of VMs individually, isolating them from the hypervisor.

Enarx is an open source project led by Red Hat, leveraging TEEs, and providing attestation and protection for run-time workloads. It is written in Rust and aims to reduce the number of trust relationships required when running executables in the private or public cloud. It currently supports AMD SEV, and this session will:
● Discuss SEV capabilities and roadmap;
● Introduce the Enarx architecture;
● Present some of the components of Enarx;
● Show a demonstration of an early set of Enarx capabilities.

Speakers
avatar for David Kaplan

David Kaplan

Security Architect, AMD
David Kaplan is a Fellow at AMD who focuses on developing new security technologies across the AMD product line as part of the Security Architecture Research and Development center. He is the lead architect for the AMD memory encryption features and has worked on both CPU and SOC... Read More →
avatar for Nathaniel McCallum

Nathaniel McCallum

Sr. Principle Software Engineer, Red Hat
Nathaniel McCallum is a Sr. Principal Software Engineer at Red Hat where he works on security and cryptography technologies. This has includes projects such as MIT Kerberos, FreeIPA, FreeOTP, Clevis, Tang and Enarx. Nathaniel is a regular presenter at conferences such as Linux Security... Read More →


Monday August 19, 2019 9:05am - 9:45am
Sapphire D

9:50am

TrenchBoot - How to Nicely Boot System with Intel TXT and AMD SVM - Daniel Kiper, Oracle & Daniel Smith, Apertus Solutions*
TrenchBoot is a cross-community OSS integration project for hardware-rooted, late launch integrity of open and proprietary systems. It reduces the attack surface introduced by platform firmware.

TrenchBoot contributors are working to add SecureLaunch boot capability to the Linux kernel, making it capable of using Intel TXT or AMD SVM Secure Launch for platform hardware security. This will enable a general purpose, open-source DRTM kernel for measured system launch and attestation of device integrity to trust-centric access infrastructure.

This talk introduces the TrenchBoot architecture, the role of SecureLaunch, the goals that drove its development, and some examples how both can increase the platform security. Within this discussion, mechanisms will be presented on how DRTM-enabled capabilities for client, server and embedded platforms may be integrated into Linux distributions.

Speakers
DS

Daniel Smith

Chief Technologist, Apertus Solutions
Daniel Smith began using Linux in 1997, building Linux-based endpoint security solutions in 2004 and contributing to the OpenXT virtualization platform in 2014, later serving as release manager for OpenXT 7.0. He developed the first open-source implementation of DRTM forward sealing... Read More →
avatar for Daniel Kiper

Daniel Kiper

Software Developer, Oracle
Daniel Kiper works as software developer for Oracle. He is TrenchBoot technical leader inside Oracle. He is also one of GRUB2 maintainers. Earlier he worked on kexec, kdump, makedumpfile, crash tool and memory hotplug development.



Monday August 19, 2019 9:50am - 10:30am
Sapphire D
  • Session Slides Included Yes

10:30am

Coffee Break
Monday August 19, 2019 10:30am - 10:50am
Sapphire D

10:50am

Making Containers Safer - Stéphane Graber & Christian Brauner, Canonical Ltd.*
Containers are used for a multitude of workloads everywhere today. But not all containers are actually created in a way that we can be sure that they are safe to use. In fact, CVE-2019-5736 has shown that most containers are not.

In this talk we will thus take a close look at what is required to make containers safe.
The first part of this presentation we will go over the main type of containers out there, look at what security features they are using and what their security model is.

In the second part we will be focusing on new features, covering recent kernel developments to make unprivileged containers safe and at the same time more usable.

In the last part we will take a look at what we consider remaining challenges to make containers safe.

Speakers
CB

Christian Brauner

Kernel engineer - LXD, Canonical Ltd.
Christian Brauner is a kernel and core developer and maintainer of the LXD and LXC projects. He works mostly upstream on the Linux Kernel and lower-level problems. He is strongly committed to working in the open, and a strong proponent of Free Software. Christian has been active in... Read More →
avatar for Stéphane Graber

Stéphane Graber

Technical Lead, Canonical Ltd.
Stéphane Graber is the engineering manager for the LXD team at Canonical Ltd. He is the upstream project leader for LXC and LXD and a frequent speaker and track leader at events related to containers and Linux. Stéphane is also a longtime contributor to the Ubuntu Linux distribution... Read More →



Monday August 19, 2019 10:50am - 11:30am
Sapphire D
  • Session Slides Included Yes

11:35am

Kernel Runtime Security Instrumentation - KP Singh, Google *
Kernel Runtime Security Instrumentation (KRSI) [1] aims to provide an extensible Linux Security Module (LSM) by allowing userspace programs and system owners to attach eBPF (extended Berkeley Packet Filter) programs to security hooks. This makes the LSM framework extensible without needing to rebuild/re-write and enables a new class of security and auditing software.

The talk discusses the need for such an LSM (with representative use cases) and compares it to some existing alternatives, such as Landlock, a separate custom LSM, kprobes+eBPF etc. The second half of the talk outlines the proposed design and interfaces, and includes a live demo.

[1] https://github.com/sinkap/linux-krsi

Speakers
avatar for KP Singh

KP Singh

Senior Software Engineer, Google
KP Singh is a Senior Software Engineer with Google based in Zürich and is the Tech Lead for a project to improve the Security features in the Linux Kernel. Prior to working at Google he has worked with ARM on Linux Kernel Projects like Energy Aware Scheduling [1] and Intelligent... Read More →



Monday August 19, 2019 11:35am - 12:15pm
Sapphire D
  • Session Slides Included Yes

12:15pm

Lunch (Attendees on Own)
Monday August 19, 2019 12:15pm - 1:45pm

1:45pm

Breaking and Protecting Linux Kernel Stack - Elena Reshetova, Intel*
Linux kernel stack has always been a popular attack target due to its simple structure and predictable deterministic operation. The upstream Linux kernel has been somewhat slow on implementing various protections against these attacks, but nonetheless it did made a number of changes that notably decreased attacker's success chances, namely vmalloc-based stack allocation with guard pages, thread_info removal from the stack, VLAs removal, the upstream port of the STACKLEAK grsecurity feature, etc. However, are these protections enough to combat the stack-based attacks or should we do more?
This talk first presents history of stack-based attacks that are applicable to the Linux kernel together with existing implemented protections. Next it presents the case for further improving security of the kernel stack using RANDOMIZE_KSTACK_OFFSET with its challenges and performance implications.

Speakers
ER

Elena Reshetova

Security engineer, Intel
Elena Reshetova is a security engineer and researcher at the Intel System Software Products Security group in Finland working with various Open Source platform security projects across the whole Linux platform security community.



Monday August 19, 2019 1:45pm - 2:25pm
Sapphire D
  • Session Slides Included Yes

2:30pm

Securing TPM Secrets with TXT and Kernel Signatures - Paul Moore, Cisco*
This presentation will discuss a work in progress to secure data in the TPM2’s NVRAM using Intel’s TXT and extensions to tboot to support kernel signature verification. The ultimate goal being the ability to restrict access to TPM2 stored data to only those kernels which have been signed by an authorized entity while being robust in the face of kernel upgrades and downgrades.

The talk will discuss the design, and current progress, in the context of existing solutions using traditional TXT and UEFI Secure Boot; explaining why these solutions fall short either in terms of protection or usability.

Speakers
avatar for Paul Moore

Paul Moore

Technical Leader, Cisco
Paul Moore has been involved in various Linux security efforts since 2004, at Hewlett-Packard, Red Hat, and Cisco. He currently maintains the SELinux, audit, and labeled networking subsystems in the Linux Kernel as well as the libseccomp userspace library.



Monday August 19, 2019 2:30pm - 3:10pm
Sapphire D
  • Session Slides Included Yes

3:10pm

Coffee Break
Monday August 19, 2019 3:10pm - 3:30pm
Sapphire D

3:30pm

Tutorial: The Why and How of libseccomp - Tom Hromatka, Oracle & Paul Moore, Cisco*
The Linux Kernel's seccomp feature can restrict the syscalls available to a
given process, thus reducing the attack surface available to untrusted and
potentially malicious programs. It is a critical building block for
containers and process isolation in general. However, writing a seccomp
filter by hand is error prone and difficult to maintain.

In this tutorial session, Paul Moore and Tom Hromatka (the libseccomp
maintainers) will explain how libseccomp makes this process much easier and
will guide you through making your own seccomp filter using libseccomp.

Speakers
avatar for Paul Moore

Paul Moore

Technical Leader, Cisco
Paul Moore has been involved in various Linux security efforts since 2004, at Hewlett-Packard, Red Hat, and Cisco. He currently maintains the SELinux, audit, and labeled networking subsystems in the Linux Kernel as well as the libseccomp userspace library.
TH

Tom Hromatka

Software Engineer, Oracle
Tom Hromatka has worked in a wide variety of software engineering fields since 2002 and is currently focusing on resource management at Oracle. He maintains the libseccomp userspace library.



Monday August 19, 2019 3:30pm - 5:00pm
Sapphire D
  • Session Slides Included Yes

3:30pm

Unconference Session - (Sign up available onsite)
Do you have:
  • A topic you’d like to discuss with other interested attendees?
  • A project or idea you want to share and get feedback on?
  • Something you’d like to teach other attendees?
Linux Security Summit offers an Unconference Track and meeting space for project discussions, small-team breakouts, etc. We call this an “Unconference” because it’s less about pre-arranged formal presentations, and instead allows for discussion topics of interest to “spring up” at the event itself.

Monday August 19, 2019 3:30pm - 5:00pm
Indigo Terrace Foyer

5:00pm

 
Tuesday, August 20
 

8:00am

Registration
Tuesday August 20, 2019 8:00am - 9:00am
Indigo North Foyer

9:00am

Keynote: Retrospective: 26 Years of Flexible MAC - Stephen Smalley, National Security Agency*
For the past 26 years, the speaker has been engaged in the design, implementation, technology transfer, and application of flexible Mandatory Access Control (MAC). In this talk, he describes the history and lessons learned from this body of work. The background and motivation for MAC is first presented, followed by a discussion of how a flexible MAC architecture was created and matured through a series of research systems. The work to bring this architecture to mainstream systems is then described, along with how the architecture and implementation evolved. The experience with applying this architecture to mobile platforms is examined. The role of MAC in a larger system architecture is reviewed in the context of a secure virtualization system. The state of MAC in mainstream systems is compared before and after our work. Work to bring MAC to emerging operating systems is discussed.

Speakers
SS

Stephen Smalley

Computer Systems Researcher, National Security Agency
Stephen Smalley is a computer systems researcher in the Laboratory for Advanced Cybersecurity Research organization of the National Security Agency. He presently leads the NSA's Security Enhancements (SE) for the Internet of Things (IoT) project, which is investigating and advancing... Read More →



Tuesday August 20, 2019 9:00am - 9:50am
Sapphire D
  • Session Slides Included Yes

9:55am

NFS Support for the Linux Integrity Measurement Architecture - Chuck Lever, Oracle Corporation *
Until recently, integrity measurement support was available only on local file systems. This talk describes the design of a proposed extension of the NFS protocol to support IMA. The discussion will include the design's strengths and limitations, and remaining challenges.

Speakers
CL

Chuck Lever

Linux Kernel Architect, Oracle Corporation
Chuck Lever has been a contributor to the Linux NFS implementation for nearly 20 years, working on such features as IPv6 support and NFS/RDMA. He has also published several NFS-related RFCs.



Tuesday August 20, 2019 9:55am - 10:30am
Sapphire D
  • Session Slides Included Yes

10:30am

Coffee Break
Tuesday August 20, 2019 10:30am - 10:50am
Sapphire D

10:50am

Application Whitelisting - Steven Grubb, Red Hat*
Application whitelisting is an effective way of preventing unknown software from executing on a machine. This presentation will detail an open source implementation. We will talk about the various ways that applications could be executed and how to design policy. We will also look at how the information from an application whitelisting daemon can be leveraged in real time to maintain system integrity. An overall strategy will be outlined showing how this piece fits into a broader security context.

Speakers
avatar for Steven Grubb

Steven Grubb

Security Architect, Red Hat
Steve Grubb is a Senior Principal Engineer whose role in Red Hat Engineering is as a Security Architect with a focus on Security Certifications (such as Common Criteriai, SCAP, and FIPS-140) and configuration Guidance (such as DISA STIG, USGCB, and the CIS RHEL Benchmark). He also... Read More →



Tuesday August 20, 2019 10:50am - 11:30am
Sapphire D
  • Session Slides Included Yes

11:35am

Rich Authorization in a Resource Constrained Device - Kenneth Goldman, IBM*
TPM 2.0 is an example of a low cost, resource-constrained device that provides a rich set of authorizations. The design targeted a device with very little RAM. This talk starts with the overall design of TPM
authorization policies, how they are calculated and how they are satisfied.

Next, many of the policy statements are presented, with examples of use cases that they enable. Finally, a more complicated use case is presented, one that was never envisioned when the TPM was first designed.

Speakers
KG

Kenneth Goldman

Senior Engineer, IBM
I am a member of the Security Department at the IBM TJ Watson Research Center. I am the IBM representative several Trusted Computing Group (TCG) working groups and the editor of the TPM 1.2 and TPM 2.0 specifications. I have a complete Unix and Windows TPM 1.2 and 2.0 implementations... Read More →



Tuesday August 20, 2019 11:35am - 12:15pm
Sapphire D
  • Session Slides Included Yes

12:15pm

Lunch (Attendees on Own)
Tuesday August 20, 2019 12:15pm - 1:45pm

1:45pm

Writing Linux Kernel Modules in Safe Rust - Geoffrey Thomas, Two Sigma Investments & Alex Gaynor, Alloy*
With 65% of recent Linux kernel vulnerabilities being the result of memory unsafety (buffer overflows, pointers used after being freed, etc.) and not logic errors, both kernel developers and downstream users have wondered whether it's possible to use a safer language than C for kernel development. This talk will explore the presenters' work building a framework for writing kernel modules in Rust and accessing kernel APIs in safe Rust. In particular, the talk will discuss some of the challenges of building binary-compatible kernel modules in Rust, techniques for working with existing C code, and how to design safe bindings over raw kernel APIs. It will also discuss advantages and difficulties for integrating Rust in upstream kernel development and possible directions the upstream kernel community could go.

Speakers
AG

Alex Gaynor

Staff Software Engineer and CISO, Alloy
Alex is currently Chief Information Security Officer at Alloy, a startup working on data infrastructure for politics. Before that, he was tech lead for Firefox sandboxing, and before that an engineer at the US Digital Service. He's active in the open source community, contributing... Read More →
GT

Geoffrey Thomas

Geoffrey Thomas is a software engineer with interests in operating systems infrastructure and computer security, a Debian maintainer, and a contributor to various Rust and Python projects. He cohosts Loose Leaf Security, a podcast about practical digital security for a broad audience... Read More →



Tuesday August 20, 2019 1:45pm - 2:25pm
Sapphire D
  • Session Slides Included Yes

2:30pm

Integrity Measurements and the Cruel World - Janne Karhunen, Dark Matter LLC*
Offline attacks have been a hot topic for a while now, yet the deployments of integrity measurement systems have been scarce especially in the embedded world. Many deployment efforts have
yielded failures for multiple reasons, usually getting stuck with performance and measurement reliability issues due to system power outages and crashes.

We have managed to overcome most of these issues for security-enhanced android device and the Linux integrity subsystem appears to work like clockwork without causing unnecessary pains for the end user. In this talk, we cover the changes needed to make things (mostly) work and how things can be improved from here.

Speakers
JK

Janne Karhunen

Senior principal engineer, Dark Matter LLC
I have been working with the Linux security subsystems for 15 years for various companies (Nokia, Ericsson, Huawei, Rambus Cryptography Research and now Dark Matter LLC). My current primary assignment is to make Linux Integrity Subsystem (IMA) work for Android userdata protection... Read More →



Tuesday August 20, 2019 2:30pm - 3:10pm
Sapphire D
  • Session Slides Included Yes

3:10pm

Coffee Break
Tuesday August 20, 2019 3:10pm - 3:30pm
Sapphire D

3:30pm

Tutorial: Complete Platform Attestation: Remotely Verifying the Authenticity and Integrity of your Platform’s Hardware, Firmware, and Software - Monty Wiseman & Avani Dave, General Electric
This tutorial will discuss and demonstrate remote verification of a platform’s hardware, firmware and runtime (IMA) events using open source components with industry standard protocols. It will show client utilities to send verifiers a collection of firmware and runtime measurement all in the TCG defined Canonical Event Log format. It will show a utility that suppliers can use to send verifiers a collection of expected firmware and runtime golden measurements in TCG defined signed structures as extensions to SWID Tags. It will show how to use an open source verifier to confirm that the platform booted with the expected firmware and is running the expected software. It will show how these components, along with TPM and Platform Certificates can be part of a complete Trusted Supply Chain solution by integration with the HIRS project (https://github.com/nsacyber/HIRS).

Speakers
AD

Avani Dave

Research Intern / Ph.D Student, General Electric
Avani Dave is a Research Intern at General Electric Global Research Center Niskayuna, NY, USA and a Ph.D. student at UMBC. Her research involves hardware security in embedded and IoT devices, developing attack resilient, dependable, secure, and trustworthy computing through the cooperation... Read More →
avatar for Monty Wiseman

Monty Wiseman

Principal Engineer, GE Research
Monty Wiseman's professional focus is in Platform Identity and Integrity. During the last 18+ years Monty was a leading contributor to various TCG specifications for platform key management, hardware and software identity. Monty is currently a Principle Engineer at General Electric... Read More →


Tuesday August 20, 2019 3:30pm - 5:00pm
Sapphire D

3:30pm

Unconference Session - (Sign up available onsite)
Do you have:
  • A topic you’d like to discuss with other interested attendees?
  • A project or idea you want to share and get feedback on?
  • Something you’d like to teach other attendees?
Linux Security Summit offers an Unconference Track and meeting space for project discussions, small-team breakouts, etc. We call this an “Unconference” because it’s less about pre-arranged formal presentations, and instead allows for discussion topics of interest to “spring up” at the event itself.

Tuesday August 20, 2019 3:30pm - 5:00pm
Indigo Terrace Foyer

5:00pm

BoF Sessions
Tuesday August 20, 2019 5:00pm - 5:45pm
Indigo Terrace Foyer
 
Wednesday, August 21
 

8:00am

Registration
Wednesday August 21, 2019 8:00am - 9:00am
Indigo North Foyer

9:00am

Tutorial: How to Write a Linux Security Module - Casey Schaufler, Intel*
You have a great idea for security in the Linux kernel, but you don't know how to add it properly. How can you implement additional security mechanism in a way that can be accepted upstream? This tutorial will teach you the basics of the Linux Security Module (LSM) infrastructure and how to use it properly. You will learn what an LSM can and cannot do, when you should use an LSM, when you should look into mainline changes and when you should look at namespaces. Security module data management conventions will be discussed. The filesystem, process, networking and audit interfaces will be covered.

Casey Schaufler will be joined by Paul Moore and John Johansen to ensure that each LSM interface is covered by its expert. There's a lot of information to cover in 90 minutes, but there is no better set of instructors around.

Speakers
avatar for Casey Schaufler

Casey Schaufler

Engineer, Intel
Casey Schaufler worked on Unix kernels in the 1970s-90s. He has implemented access control lists, mandatory access control, extended filesystem attributes, X11 access controls, network protocols and audit systems. His involvement in Linux began with the Linux Security Module work... Read More →



Wednesday August 21, 2019 9:00am - 10:30am
Sapphire D
  • Session Slides Included Yes

10:30am

Coffee Break
Wednesday August 21, 2019 10:30am - 10:50am
Sapphire Ballroom (4th Floor)

10:50am

Kernel Self-Protection Project - Kees Cook, Google*
This presentation will cover the year-in-review of the Kernel Self-Protection Project since the last Linux Security Summit NA. The project continues to eliminate classes of bugs and block exploitation techniques in the kernel. It will including an overview of all the security defenses landed in kernels 4.19 through 5.3. Some highlights are stack and heap auto-initialization, heap mapping robustness, per-task stack canaries, VLA removal, implicit-fallthrough removal, and the progress on upstreaming CFI.

We'll also take a quick look at the evolution of kernel CVE lifetimes, find out what defenses are still under development, and note some areas where help is still needed.

Speakers
avatar for Kees Cook

Kees Cook

Kernel Security Software Engineer, Google
Kees Cook has been working with Free Software since 1994, has been a Debian Developer since 2007, and has been a member of the Linux Kernel Technical Advisory Board since 2019. He is currently employed as a Linux kernel security engineer by Google, focusing on upstream kernel security... Read More →



Wednesday August 21, 2019 10:50am - 11:20am
Sapphire D
  • Session Slides Included Yes

11:25am

Making Remote Attestation Useful on Linux - Brandon Weeks & Matthew Garrett, Google*
TPM remote attestation allows a machine to provide proof about what happened during its boot process, in turn allowing appropriate policy and trust decisions to be made by remote services. But the flexibility of any such decision is determined by the richness of the available information that is logged and can be reported, and right now in Linux there's very little available information.

This presentation will give a brief overview of remote attestation and the state of available tooling under Linux, along with the various components that generate events that can be used for policy decisions. It will compare Linux to Windows, and identify the areas where Linux is currently deficient. Finally, it will propose some potential solutions for improving the state of the ecosystem and move on to a discussion around whether there are better alternatives.

Speakers
MG

Matthew Garrett

Security developer, Google
Matthew is a security developer at Google, specialising in Linux security. He thinks computers were probably a mistake.
avatar for Brandon Weeks

Brandon Weeks

Security Engineer, Google
Brandon Weeks is a Security Engineer at Google. His focus is on client device security, public key infrastructure and remote attestation.



Wednesday August 21, 2019 11:25am - 11:55am
Sapphire D
  • Session Slides Included Yes

12:00pm

It's Coming From Inside the House: Kernelspace Fault Injection with KRF - William Woodruff, Trail of Bits*
Fault injection (FI) has become an increasingly popular software testing method, with major players like Netflix, Microsoft, and Google using automated failures to test the end-to-end resiliency of their (geographically, functionally) distributed services.

In this talk, William Woodruff presents a lower-level, vulnerability-first approach: by randomly inducing errors in the system calls made by (targeted) programs, fault injection can be used to discover incorrect and potentially dangerous assumptions. This talk will cover specific classes of dangerous assumptions and their potential for exploitation, all motivated by KRF, a kernelspace fault injector open-sourced by Trail of Bits.

Speakers
WW

William Woodruff

Security Engineer, Trail of Bits
William contributes to the engineering and research practices at Trail of Bits in work for corporate and governmental clients. He has developed several of our open-source projects (e.g., KRF, twa, winchecksec, Sienna Locomotive, and pe-parse with Alessandro). Outside of the company... Read More →



Wednesday August 21, 2019 12:00pm - 12:30pm
Sapphire D
  • Session Slides Included Yes

12:30pm

Lunch (Attendees on Own)
Wednesday August 21, 2019 12:30pm - 2:00pm

2:00pm

Using and Implementing Keyring Restrictions for Userspace - Mat Martineau, Intel *
The kernel keyring facility has grown in capability beyond its initial, limited support for x.509 certificate verification. It has been generalized to allow any key type to implement its own checks for allowable keys, and to configure these restrictions from userspace.

Keyrings created by the keyctl API can currently be configured to verify signed x.509 asymmetric keys as they are linked to a keyring. The iNet Wireless Daemon (iwd) and the underlying Embedded Linux Library (ELL) leverage this to validate certificate chains.

This presentation will cover use of the keyring restriction userspace API with asymmetric keys in today's kernel, how to extend kernel key types to support new userspace-configurable restrictions, and ideas for more capable and flexible restrictions in the future.

Speakers
avatar for Mat Martineau

Mat Martineau

Software Engineer, Intel
Mat Martineau is a software engineer at Intel. He has contributed to the keyring and Bluetooth subsystems in the Linux kernel, and is currently working to upstream Multipath TCP for Linux. He has previously spoken at the NetDev Conference and the Intel Open Source Technology Summ... Read More →



Wednesday August 21, 2019 2:00pm - 2:30pm
Sapphire D
  • Session Slides Included Yes

2:35pm

syzkaller Update and Open Problems - Dmitry Vyukov, Google*
syzkaller is state-of-the-art kernel fuzzer which has found several thousands of bugs in Linux kernel. In this talk, Dmitry will talk about progress and new developments since last year; share the current test coverage and what's not being covered. Then, talk about testability of kernel subsystems, do's and don'ts. Lastly, Dmitry will describe future plans.

Speakers
avatar for Dmitry Vyukov

Dmitry Vyukov

Senior Staff Software Engineer, Google
I work on dynamic testing tools at Google. My projects include: - ASAN/TSAN/MSAN, dynamic bug detection tools, user-space and kernel, C/C++ and Go/Java - go-fuzz, libfuzzer (fuzzing systems) - syzkaller, kernel fuzzer I spoke at LSS NA 2018, Plumbers 2018, 2016, Qualcomm Mobile Security... Read More →



Wednesday August 21, 2019 2:35pm - 3:05pm
Sapphire D
  • Session Slides Included Yes

3:10pm

Binary Policy with IMA and AppArmor - Eric Chiang, Google
Google operates one of the largest fleet of developer machines, supporting a wide range of user workflows and expectations. While techniques such as social voting of binaries for whitelisting on other OSes have been successful, Corp Security has taken novel approaches on Linux workstations for providence based policy. Over the past year Eric’s worked to build features into AppArmor for targeting IMA signatures, enabling restrictions of executables that don’t originate from Google’s centralized package repositories. This talk will dive into the technical aspects of Google’s binary signing and operational challenges rolling out restrictive policies at scale.

Speakers
avatar for Eric Chiang

Eric Chiang

Security Engineer, Google
Eric is a security engineer on the Platform Security team at Google where he focuses on securing Google’s Linux workstation fleet. Previously he worked at CoreOS on identity management and co-lead the Kubernetes Auth special interest group. Eric is a Bay Area native, SFSU alumni... Read More →


Wednesday August 21, 2019 3:10pm - 3:40pm
Sapphire D

3:40pm

Coffee Break
Wednesday August 21, 2019 3:40pm - 4:00pm
Sapphire Ballroom (4th Floor)

4:00pm

Subsystem Update: State of SELinux, 2019 - Paul Moore, Cisco*
This presentation will discuss the current state of SELinux, including a review of the past year and a brief discussion of current work in progress.

Speakers
avatar for Paul Moore

Paul Moore

Technical Leader, Cisco
Paul Moore has been involved in various Linux security efforts since 2004, at Hewlett-Packard, Red Hat, and Cisco. He currently maintains the SELinux, audit, and labeled networking subsystems in the Linux Kernel as well as the libseccomp userspace library.



Wednesday August 21, 2019 4:00pm - 4:10pm
Sapphire D
  • Session Slides Included Yes

4:10pm

Subsystem Update: AppArmor Update 2019 - John Johansen, Canonical
This talk provides an update of the current state of the AppArmor project. It will look at new features, and miscellaneous changes developed over the last year, as well as a look at the current work in progress.

Speakers
JJ

John Johansen

Security Engineer, Canonical
John Johansen began working with open source software in the late 80s and began playing with Linux in 93. He completed a masters in mathematics at the University of Waterloo and the began working for Immunix doing compiler hardening, and then AppArmor. After Immunix was acquired by... Read More →



Wednesday August 21, 2019 4:10pm - 4:20pm
Sapphire D

4:20pm

Subsystem Update: tpm2-Software Update and Highlights - Philip Tricca, Intel
Since our last update at LSS 2018 the tpm2-software community has been hard at work. Our implementation of components and APIs from the TCG TPM2 software stack (TSS2) architecture continue to mature and stabilize thanks to the numerous contributions from the core team and many motivated contributors. With the number of distros and projects actively using the TSS2 growing we've been hard at work solving common usability issues and expanding the tools available to bootstrap projects. This talk will focus on the significant accomplishments and new developments from the tpm2-software community in 2019 while highlighting progress on our efforts to enable use-cases important to downstream consumers.

Speakers
PT

Philip Tricca

Software Engineer, Intel
Philip is a software engineer in Intel’s platform security division working to enable use of the Trusted Platform Module (TPM2) and a number of other security technologies. Phil has worked for the last 3 years to standardize the TCGs TPM2 software stack (TSS2), to develop an open... Read More →


Wednesday August 21, 2019 4:20pm - 4:30pm
Sapphire D

4:30pm

Subsystem Update: Seccomp, Yama, and LoadPin - Kees Cook, Google*
This will present an update on development over the last year (and quick demos of new features) of several smaller Linux kernel security areas: the seccomp syscall filtering subsystem, the Yama ptrace-restriction LSM, and the LoadPin kernel-file-reading restriction LSM.

Speakers
avatar for Kees Cook

Kees Cook

Kernel Security Software Engineer, Google
Kees Cook has been working with Free Software since 1994, has been a Debian Developer since 2007, and has been a member of the Linux Kernel Technical Advisory Board since 2019. He is currently employed as a Linux kernel security engineer by Google, focusing on upstream kernel security... Read More →



Wednesday August 21, 2019 4:30pm - 4:40pm
Sapphire D
  • Session Slides Included Yes

4:40pm

Subsystem Update: Linux Integrity Status Update - Mimi Zohar, IBM*
The Integrity subsystem status update will provide an overview of the new features and other changes upstreamed this past year, as well as discuss current and future development.

Speakers
MZ

Mimi Zohar

Software Engineer, IBM
Mimi Zohar is a member of the Secure Systems Group at the IBM T.J. Watson Research Center. Her current interests are in the areas of system security and integrity, a natural progression from prior work in firewall design for perimeter security. She is the linux-integrity subsystem... Read More →



Wednesday August 21, 2019 4:40pm - 4:50pm
Sapphire D
  • Session Slides Included Yes

4:50pm

Subsystem Update: LSM Stacking - What You Can Do Now and What's Next - Casey Schaufler, Intel
Before the 5.1 Linux kernel it was only possible to combine Linux security modules (LSM) that don't use extended security "blobs". With the introduction of infrastructure blob management it is now possible for a limited set of extended system security data to be shared, allowing greater flexibility in security module combination. This talk will describe what data can currently be shared. It moves on to describe plans to expand the blobs that can be shared. Plans for achieving the ultimate goal of complete module stacking wrap up the presentation. Feedback on the plans, and suggestions for alternatives and improvements are solicited.

Speakers
avatar for Casey Schaufler

Casey Schaufler

Engineer, Intel
Casey Schaufler worked on Unix kernels in the 1970s-90s. He has implemented access control lists, mandatory access control, extended filesystem attributes, X11 access controls, network protocols and audit systems. His involvement in Linux began with the Linux Security Module work... Read More →


Wednesday August 21, 2019 4:50pm - 4:55pm
Sapphire D

4:55pm

Subsystem Update: The 2019 Smack Update - Casey Schaufler, Intel*
This is the annual Smack update.

Speakers
avatar for Casey Schaufler

Casey Schaufler

Engineer, Intel
Casey Schaufler worked on Unix kernels in the 1970s-90s. He has implemented access control lists, mandatory access control, extended filesystem attributes, X11 access controls, network protocols and audit systems. His involvement in Linux began with the Linux Security Module work... Read More →



Wednesday August 21, 2019 4:55pm - 5:00pm
Sapphire D
  • Session Slides Included Yes

5:00pm

Lightning Talks
Wednesday August 21, 2019 5:00pm - 5:30pm
Sapphire D

5:30pm

Closing Remarks - James Morris, Microsoft
Speakers
avatar for James Morris

James Morris

Kernel Developer, Microsoft
James is the maintainer of the Linux security subsystem, and kernel engineer at Microsoft.


Wednesday August 21, 2019 5:30pm - 5:35pm
Sapphire D