Aug 24 – 28, 2020
US/Pacific timezone

Following the Linux Kernel Defence Map

Aug 25, 2020, 9:20 AM
Microconference2/Virtual-Room (LPC Virtual)


LPC Virtual

Kernel Dependability & Assurance MC Kernel Dependability & Assurance MC


Alexander Popov


Linux kernel security is a very complex topic. To learn it, I created a Linux Kernel Defence Map showing the relationships between:

  • Vulnerability classes
  • Exploitation techniques
  • Bug detection mechanisms
  • Defence technologies

These kernel defence technologies have the corresponding Kconfig options.

A lot of them are not enabled by the major Linux distributions.

So I created a kconfig-hardened-check tool that can help to examine security-related options in your Linux kernel config.

In this short talk we will follow the Linux Kernel Defence Map and explore the kconfig-hardened-check tool.

I agree to abide by the anti-harassment policy I agree

Primary author

Presentation materials

Diamond Sponsor

Platinum Sponsors

Gold Sponsors

Silver Sponsors

Catchboxes Sponsor

Conference Services Provided By