Conferences/Kernel Self-Protection Project/Open Source/Presentations

Back to Europe to present at Open Source Summit

Posted on by Gustavo A. R. Silva / 0 Comment

Happy to share that I will be traveling back to Europe in September to speak at the Open Source Summit Europe 2024 in Vienna. ✈️🇦🇹🗣️🎙️ I will also attend both Linux Security Summit and Linux Plumbers. 🧑🏽‍💻🐧 I hope to meet with a lot of friends that I haven’t seen in a while. Feel free to say hi if you see me around. 🙂

My talk will be about the work we’ve been doing in the Kernel Self-Protection Project over the last 5 years to harden the upstream Linux kernel, particularly focusing on spatial safety related to array-bounds checking. ⚔ 🛡 🐧 You can see the description below.

Challenges and Innovations Towards Spatial Safety in the Linux Kernel

The first flexible-array transformation we implemented in the kernel, as part of the Kernel Self-Protection Project, took place back in March 2019. At the time, our work on preventing integer overflows during memory allocations led us to discover an 8-year-old bug. Addressing this bug not only resolved a longstanding issue but also initiated the work of flexible-array transformations across the whole kernel tree.

This marked the beginning of a challenging yet rewarding journey to add bounds-checking on trailing arrays in the Linux kernel. Five years have passed since then, and we’ve come a long way. We have now new Clang and GCC hardening compiler options and attributes, that significantly improve the security of the Linux kernel, particularly in the spatial-safety area. We have new hardening helpers that make traditional methods less prone to error.

In general, we have new and safer ways of doing things, which usually require a learning curve, even for seasoned kernel developers. In this talk, we will walk through the most recent challenges and history of our quest to improve spatial safety in the Linux kernel, and with that, get rid of out-of-bounds bugs once and for all.

https://osseu2024.sched.com/event/1ej2k/challenges-and-innovations-towards-spatial-safety-in-the-linux-kernel-gustavo-a-r-silva-the-linux-foundation

I will start by explaining basic technical concepts and then move up to bleeding-edge kernel hardening. Whether you’re an advanced kernel developer or just starting to delve into the world of Linux kernel development, I’m sure you’ll find this presentation interesting and educational. 📖 I really hope to see many of you there. 🙂

You can see the entire schedule here: https://osseu2024.sched.com/

Kernel Self-Protection Project ⚔ 🛡 🐧

Gustavo A. R. Silva
Gustavo A. R. Silva works full-time as an Upstream Linux Kernel Engineer focused on hardening and proactive security. He has spent the past several years fixing all sorts of bugs and hardening the Linux kernel. His work is supported by The Linux Foundation and the Alpha-Omega project. He’s a member of the Linux Kernel Self-Protection Project, and a regular speaker at Kernel Recipes and Open Source Summit. He has also presented at Linux Security Summit, Lund LinuxCon, Linux Plumbers Conference, Everything Open, The University of Adelaide, and Symposium sur la Sécurité des Technologies de l’Information et des Communications (SSTIC) as an invited speaker.

Leave a Comment

Your email address will not be published. Required fields are marked *