{"id":2089,"date":"2025-08-28T05:27:23","date_gmt":"2025-08-28T11:27:23","guid":{"rendered":"https:\/\/embeddedor.com\/blog\/?p=2089"},"modified":"2025-11-03T22:50:14","modified_gmt":"2025-11-04T04:50:14","slug":"speaking-about-linux-kernel-hardening-in-tokyo","status":"publish","type":"post","link":"https:\/\/embeddedor.com\/blog\/2025\/08\/28\/speaking-about-linux-kernel-hardening-in-tokyo\/","title":{"rendered":"Speaking about Linux kernel hardening in Tokyo"},"content":{"rendered":"\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"700\" height=\"525\" src=\"https:\/\/embeddedor.com\/blog\/wp-content\/uploads\/2025\/08\/1000004025-700x525.jpg\" alt=\"\" class=\"wp-image-2093\" srcset=\"https:\/\/embeddedor.com\/blog\/wp-content\/uploads\/2025\/08\/1000004025-700x525.jpg 700w, https:\/\/embeddedor.com\/blog\/wp-content\/uploads\/2025\/08\/1000004025-300x225.jpg 300w, https:\/\/embeddedor.com\/blog\/wp-content\/uploads\/2025\/08\/1000004025-768x576.jpg 768w, https:\/\/embeddedor.com\/blog\/wp-content\/uploads\/2025\/08\/1000004025-1536x1152.jpg 1536w, https:\/\/embeddedor.com\/blog\/wp-content\/uploads\/2025\/08\/1000004025-2048x1536.jpg 2048w, https:\/\/embeddedor.com\/blog\/wp-content\/uploads\/2025\/08\/1000004025-800x600.jpg 800w, https:\/\/embeddedor.com\/blog\/wp-content\/uploads\/2025\/08\/1000004025-80x60.jpg 80w\" sizes=\"auto, (max-width: 700px) 100vw, 700px\" \/><\/figure>\n\n\n\n<p>(Part of the group hanging out after the event. &#x1f60e;)<\/p>\n\n\n\n<p>On August 21, I had the opportunity to speak about the work we do in the <a href=\"https:\/\/kspp.github.io\/\">Linux Kernel Self-Protection Project<\/a> in front of graduate students and professors from <a href=\"https:\/\/www.keio.ac.jp\/en\/\" target=\"_blank\" rel=\"noreferrer noopener\">Keio University<\/a> in Tokyo. It was my very first time visiting Japan, and I was truly honored to be invited to present at the <a href=\"https:\/\/sc-sys.github.io\/\">Workshop on Software, Architecture, and Theory for Secure Systems<\/a>. &#x1f1ef;&#x1f1f5;&#x1f3a4;&#x1f468;&#x1f3fd;&#x200d;&#x1f4bb;&#x1f427;<\/p>\n\n\n\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<h3 class=\"wp-block-heading\">Enhancing spatial safety: Better array-bounds checking in C (and Linux)<\/h3>\n\n\n\n<p>The C language has historically suffered from a lack of proper bounds-checking on all kinds of arrays. The Linux Kernel Self-Protection Project has been addressing this issue for several years. In this presentation, we will learn about the most recent hardening efforts to resolve the problem of bounds-checking, particularly for fixed-size and flexible arrays.<\/p>\n\n\n\n<p>We will explore the different mechanisms being used to harden key APIs like memcpy() against buffer overflows, which includes the use of some interesting built-in compiler functions. We will also talk about a couple of recent compiler options like -fstrict-flex-arrays and -Wflex-array-member-not-at-end, as well as the new counted_by attribute released in Clang 18 and GCC 15, which helps us gain run-time bounds-checking coverage on flexible arrays.<\/p>\n\n\n\n<p>Overall, we will discuss how various challenges have been overcome, and highlight the innovations developed to solve the problem of array bounds-checking in both C and the Linux kernel once and for all.<\/p>\n<\/blockquote>\n\n\n\n<p>I&#8217;ll go back to Japan for Open Source Summit Japan and the Linux Plumbers Conference this December. In the meantime, the slides are below if you&#8217;d like to check them out. Thanks! \ud83d\ude42<\/p>\n\n\n\n<p><a href=\"https:\/\/kspp.github.io\/\" target=\"_blank\" rel=\"noreferrer noopener\">Linux Kernel Self-Protection Project<\/a> &#x1f427;&#x1f6e1;&#x2694;&#xfe0f;<\/p>\n\n\n<a href=\"https:\/\/embeddedor.com\/blog\/wp-content\/uploads\/2025\/08\/keiouni2025.pdf\" class=\"pdfemb-viewer\" style=\"\" data-width=\"max\" data-height=\"max\" data-toolbar=\"bottom\" data-toolbar-fixed=\"off\">keiouni2025<\/a>\n\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>(Part of the group hanging out after the event. &#x1f60e;) On August 21, I had the opportunity to speak about the work we do in the Linux Kernel Self-Protection Project in front of graduate students and professors from Keio University in Tokyo. It was my very first time visiting Japan, and I was truly honored&#8230;<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[13,9,22,29],"tags":[],"class_list":["post-2089","post","type-post","status-publish","format-standard","hentry","category-kernel-self-protection-project","category-linux-kernel-hardening","category-mentoring","category-presentations"],"_links":{"self":[{"href":"https:\/\/embeddedor.com\/blog\/wp-json\/wp\/v2\/posts\/2089","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/embeddedor.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/embeddedor.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/embeddedor.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/embeddedor.com\/blog\/wp-json\/wp\/v2\/comments?post=2089"}],"version-history":[{"count":15,"href":"https:\/\/embeddedor.com\/blog\/wp-json\/wp\/v2\/posts\/2089\/revisions"}],"predecessor-version":[{"id":2106,"href":"https:\/\/embeddedor.com\/blog\/wp-json\/wp\/v2\/posts\/2089\/revisions\/2106"}],"wp:attachment":[{"href":"https:\/\/embeddedor.com\/blog\/wp-json\/wp\/v2\/media?parent=2089"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/embeddedor.com\/blog\/wp-json\/wp\/v2\/categories?post=2089"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/embeddedor.com\/blog\/wp-json\/wp\/v2\/tags?post=2089"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}