Linux Security in 10 Years
Brad Spengler, grsecurity
In the presentation I'll touch on a number of topics ranging from exploitation to security model theorizing to prevention. I'll provide a brief discussion of lessons learned from last year's exploit releases, a discussion of the real-life implications of the kernel being in the TCB, a description of what grsecurity is doing right now in terms of kernel self-protection, and an outline of our ultimate goal for kernel self-protection. Current self-protection involves removing classes of bugs from the set of bugs exploitable for privilege escalation, removing information leaks from the kernel that are greatly useful to an attacker, 'constify'-ing function pointers and other targets of interest, removing arbitrary code execution, and hardening allocators and user<->kernel copying routines against integer overflows and heap overflows/infoleaks through efficient methods. Finally, I'll discuss the weaknesses that need to be overcome for concrete self-protection in the kernel against exploitation of memory corruption vulnerabilities.