Name: Control Flow Integrity in the Linux Kernel - Kees Cook, Google
Start: 2020-07-01T12:00:00-0500
End: 2020-07-01T12:45:00-0500

NOTE: The event will be held in Central Daylight Time (CDT), UTC -5.
View More Details & Registration

Back To Schedule

Control Flow Integrity in the Linux Kernel - Kees Cook, Google

Feedback form is now closed.

WATCH NOW

Like all C/C++ programs, the Linux Kernel regularly suffers from memory corruption flaws. A common way for attackers to gain execution control is to target function pointers that were saved to memory. Control Flow Integrity (CFI) seeks to sanity-check these pointers and eliminate a huge portion of attack surface. It's possible to do this today with the Linux kernel (or any program) with Clang/LLVM's CFI implementation.

This presentation will discuss how Android is using Clang's CFI in the Linux kernel for recent phones, how it is being upstreamed, and what you can do to use CFI yourself. We will explore what Clang actually inserts for code, data, and symbols to protect indirect calls, what needed fixing in the kernel to support it, and what's still missing. We'll wrap up with a short demo of CFI foiling a kernel attack.

Speakers

Kees Cook

Kernel Security Software Engineer, Google

Kees Cook has been working with Free Software since 1994, has been a Debian Developer since 2007, and has been a member of the Linux Kernel Technical Advisory Board since 2019. He is currently employed as a Linux kernel security engineer by Google, focusing on upstream kernel security... Read More →

CFI in the Linux Kernel pdf

Wednesday July 1, 2020 12:00pm - 12:45pm CDT
LSS Room 1

Refereed Presentation

Skill Level Intermediate

Linux Security Summit North America 2020

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Kees Cook