This talk presents a prototype of a compiler-based mitigation for use-after-free accesses in the Linux kernel. The mitigation runs on X86-64 systems, and ensures that no accesses can happen to (most) slab allocations if the allocation has been freed and reused in the meantime.
This talk will introduce the rough design goals for such a mitigation, followed by the design they led to, the performance characteristics, and ideas for possible improvements to the current prototype.