Welcome to the toolchain track from the organizers.
There has been tons of work across both GCC and Clang to provide the Linux kernel with a variety of security features. Let's review and discuss where we are with parity between toolchains, approaches to solving open problems, and exploring new features.
Parity reached since last year:
- zero call-used registers
- structure layout randomization
- stack protector...
Potentially broken dependency orderings in the Linux kernel have been a recurring theme on the Linux kernel mailing list and even Linux Plumbers Conference. The Linux kernel community fears that with ever-more sophisticated compiler optimizations, it would become possible for modern compilers to undermine the Linux kernel memory consistency model when optimizing code for weakly-ordered...
I'm the author of GCC's [-fanalyzer option] for static analysis.
I've been working on extending this option to better detect various kinds of bugs in the Linux kernel (infoleaks, use of attacker controlled values, etc).
I've also created [antipatterns.ko], a contrived kernel module containing examples of the bugs that I think we ought to be able to detect statically.
The new CTF(Compact C Type Format) supported in libabigail is able
to extract a corpus representation for the debug information in
Kernel binary and its modules, i.e, entire Kernel release (kernel +
modules). Using CTF reader improvements the time to extract and build
the corpus compared with DWARF reader, for example, extracting ABI
information from the Linux ...
This activity is about programmable debuggers and their usage in the
Linux kernel. By "programmable debugger" we understand debuggers that
are able to understand the data structures handled by the target
program, and to operate on them guided by user-provided scripts or
First we will be doin a very brief presentation of two of these
debuggers: drgn and GDB+poke,...
At LPC 2021, we talked about the proposal to define and generate CTF
Frame unwind information in the GNU Toolchain. CTF Frame format is here
- its a compact and simple unwind format for supporting asynchronous
virtual stack unwinding. Let's discuss what the value proposition of
CTF Frame format is, and what usescases in the Linux kernel can benefit
from it. The purpose of this activity...
Objtool is a kernel-specific tool which reverse engineers the control
flow graph (CFG) of compiled objects. It then performs various
validations, annotations, and modifications, mostly with the goal of
improving robustness and security of the kernel.
Objtool features which use the CFG include: validation/generation of unwinding
metadata; validation of Intel SMAP rules; and validation...
Control-Flow Integrity (CFI) is a technique used to ensure that indirect
branches are not diverted from a pre-defined set of valid targets,
ensuring, for example, that a function pointer overwritten by an
exploited memory corruption bug is used to arbitrarily redirect the
control-flow of the program. The simpler way to achieve CFI is through
instrumenting the binary code being executed...