-
Kate Stewart (Linux Foundation), Lukas Bulwahn (BMW AG), Shuah Khan (The Linux Foundation)25/08/2020, 07:00
We will shortly describe the overall topic of Kernel Dependability & Assurance MC and where we see how the topics in the MC agenda fit to this larger table. If there is a bit of time, we can align among speakers and the audience this common understanding on the large scope of the two terms, dependability and assurance.
Go to contribution page -
Julia Lawall (Inria), Nic Volanschi (Inira)25/08/2020, 07:10
Understanding the Linux kernel source code requires understanding the role played by different entities. An interesting example is the case of structures of type list_head. Some are actually heads of lists. Others are inlined inside of list elements. Documentation about which are which, and which heads are connected to which elements, is not systematic. We have developed a tool, Liliput,...
Go to contribution page -
Dr Elana Copperman (Mobileye), Mr Rafi Davidovich (Mobileye)25/08/2020, 07:40
Thread Control Block (TCB) is a data structure in the Linux kernel which contains thread-specific information needed to manage it.
Go to contribution page
The Thread Control Block acts as a library of information about the threads in the system.
TCB is being manipulated by the kernel constantly, while the thread is being executed and while it is switched out.
Assuring the integrity of the TCB is critical to... -
Ben Dooks, Mr Jens Petersohn25/08/2020, 08:00
A process running a safety critical function needs to be free from any interference. One source of this interference comes from are interruptions to the program flow from either synchronous events like system calls, or asynchronous events such as interrupts.
This talk details the sources of such events; the hazards that are associated with them, and some of the ways in which these may be...
Go to contribution page -
Dr Jens Petersohn (Elektrobit Automotive GmbH), Prof. Nicholas Mc Guire (OpenTech)25/08/2020, 08:30
Key question: Can system calls be regarded as independent and consequently tested individually rather than in some form of use-case specific call sequence?
The kernel has a set of asynchronously operated state machines, e.g., RCU, buddy-system, ratelimits of all sorts, that cause a repeated identical system call to take different paths in consecutive invocations. The model thus is that the...
Go to contribution page -
Mr Lukas Bulwahn25/08/2020, 09:00
Various static analysis tools have been used for many years in the kernel development; even more, some static analysis tools have dedicatedly been developed in the realm of the kernel community.
While with the introduction of the first static analysis tools, some relevant kernel bugs were found and fixed, the repeated execution of those static analysis tools on recent kernels suffer from a...
Go to contribution page -
Alexander Popov25/08/2020, 09:20
Linux kernel security is a very complex topic. To learn it, I created a [Linux Kernel Defence Map][1] showing the relationships between:
- Vulnerability classes
- Exploitation techniques
- Bug detection mechanisms
- Defence technologies
These kernel defence technologies have the corresponding Kconfig options.
A lot of them are not enabled by the major Linux distributions.
So...
Go to contribution page -
Shuah Khan (The Linux Foundation)25/08/2020, 10:00
Let's discuss proactive and reactive approaches to Linux Kernel dependability. We all care about keeping our data safe and systems secure. We counter security attacks using fuzzers and other test tools to identify vulnerabilities and hardening the code base.
How can we ensure we aren't introducing new problems?
Regression testing and continuous fuzzing helps in finding regressions and...
Go to contribution page -
Kees Cook (Google)25/08/2020, 10:30
At the end of the day, "security flaws" are just a special case of "regular" bugs, so anything that helps avoid bugs will also help with reducing the incidence of security flaws. This explores the approaches taken to avoiding bugs generally and security flaws in particular.
Find and fix bugs before they are released. This is fundamentally a matter of testing. Whether that's done via unit...
Go to contribution page
Choose timezone
Your profile timezone:
