24-28 August 2020
US/Pacific timezone

Following the Linux Kernel Defence Map

25 Aug 2020, 09:20
30m
Microconference2/Virtual-Room (LPC 2020)

Microconference2/Virtual-Room

LPC 2020

150
Kernel Dependability & Assurance MC Kernel Dependability & Assurance MC

Speaker

Alexander Popov

Description

Linux kernel security is a very complex topic. To learn it, I created a Linux Kernel Defence Map showing the relationships between:

  • Vulnerability classes
  • Exploitation techniques
  • Bug detection mechanisms
  • Defence technologies

These kernel defence technologies have the corresponding Kconfig options.

A lot of them are not enabled by the major Linux distributions.

So I created a kconfig-hardened-check tool that can help to examine security-related options in your Linux kernel config.

In this short talk we will follow the Linux Kernel Defence Map and explore the kconfig-hardened-check tool.

I agree to abide by the anti-harassment policy I agree

Primary author

Presentation Materials