Conferences/Kernel Self-Protection Project/Open Source/Presentations

Back to Europe to present at Open Source Summit

Posted on by Gustavo A. R. Silva / 0 Comment

Happy to share that I will be traveling back to Europe in September to speak at the Open Source Summit Europe 2024 in Vienna. ✈️🇦🇹🗣️🎙️ I will also attend both Linux Security Summit and Linux Plumbers. 🧑🏽‍💻🐧 I hope to meet with a lot of friends that I haven’t seen in a while. Feel free to say hi if you see me around. 🙂

My talk will be about the work we’ve been doing in the Kernel Self-Protection Project over the last 5 years to harden the upstream Linux kernel, particularly focusing on spatial safety related to array-bounds checking. ⚔ 🛡 🐧 You can see the description below.

New Challenges Towards Spatial Safety in the Linux Kernel

The first flexible-array transformation we implemented in the kernel, as part of the Kernel Self-Protection Project, took place back in March 2019. At the time, our work on preventing integer overflows during memory allocations led us to discover an 8-year-old bug. Addressing this bug not only resolved a longstanding issue but also initiated the work of flexible-array transformations across the whole kernel tree.

This marked the beginning of a challenging yet rewarding journey to add bounds-checking on trailing arrays in the Linux kernel. Five years have passed since then, and we’ve come a long way. We have now new Clang and GCC hardening compiler options and attributes, that significantly improve the security of the Linux kernel, particularly in the spatial-safety area. We have new hardening helpers that make traditional methods less prone to error.

In general, we have new and safer ways of doing things, which usually require a learning curve, even for seasoned kernel developers. In this talk, we will walk through the most recent challenges and history of our quest to improve spatial safety in the Linux kernel, and with that, get rid of out-of-bounds bugs once and for all.

https://osseu2024.sched.com/event/1ej2k/new-challenges-towards-spatial-safety-in-the-linux-kernel-gustavo-a-r-silva-the-linux-foundation

I will start by explaining basic technical concepts and then move up to bleeding-edge kernel hardening. Whether you’re an advanced kernel developer or just starting to delve into the world of Linux kernel development, I’m sure you’ll find this presentation interesting and educational. 📖 I really hope to see many of you there. 🙂

You can see the entire schedule here: https://osseu2024.sched.com/

Kernel Self-Protection Project ⚔ 🛡 🐧

Gustavo A. R. Silva
Gustavo A. R. Silva works full-time as an Upstream Linux Kernel Engineer, focused on security. Over the past several years, he’s been hunting and fixing all sorts of bugs and issues in the Linux kernel. Gustavo’s kernel work is supported by The Linux Foundation, and he is a member of the Kernel Self-Protection Project. He is a regular speaker at Kernel Recipes and has presented his work at other conferences like Linux Security Summit and Everything Open. Additionally, Gustavo has been an invited speaker at SSTIC.

Leave a Comment

Your email address will not be published. Required fields are marked *