HN Theater has aggregated all Hacker News stories and comments that mention linux.conf.au's video ""Meaningful Bounds Checking in the Linux Kernel" - Kees Cook (LCA 2022 Online)".
Youtube Summary
(Kees Cook) Like all C/C++ programs, the Linux Kernel regularly suffers from buffer overflow flaws. While stack overflows have been largely addressed, heap overflows remain common. Especially frustrating is that the compiler usually has enough context to have been able to stop the overflow but C APIs are so terrible that it doesn't happen.
We'll take a quick look back through at least the last 3 years of heap buffer overflow CVEs in the kernel. This will lead to the discovery that all 11 memcpy overflows from this timespan (which includes the heap buffer overflow flaw used by the BleedingTooth exploit), could have been detected and mitigated by the compiler. However, limitations in C language usage, APIs, kernel coding conventions, and compiler bugs made this a difficult problem to tackle.
We will explore the path to solutions being developed in the Linux kernel for dealing with array index overflows, string manipulation overflows, and especially memcpy overflows. We will cover the history of C flexible arrays, the unexpected places where the "-Warray-bounds" and "-fsanitize=bounds" compiler options don't work, the limits of "__builtin_object_size" (the work-horse of FORTIFY_SOURCE), and how memcpy is being effectively replaced to stop overflows from ever happening again.
linux.conf.au is a conference about the Linux operating system, and all aspects of the thriving ecosystem of Free and Open Source Software that has grown up around it. Run since 1999, in a different Australian or New Zealand city each year, by a team of local volunteers, LCA invites more than 500 people to learn from the people who shape the future of Open Source. For more information on the conference see https://linux.conf.au/
Produced by Next Day Video Australia: https://nextdayvideo.com.au
Kees really has started a great plan here, These memory bugs accounted for a number of real-life exploits that were viable and able to be exploited on users systems. The wifi examples were just the start.
With these mitigations in place it will raise the bar for attackers.
Kees has been pushing for better security for quite some time now, he also drove the project to make Linux kernel VLA clean, and he is also involved in Google's support for Rust's adoption in Android/Linux.
Kudos to his efforts.
HN Theater is an independent project and is not operated by
Y Combinator or any of the video hosting platforms linked to on this
site.
Lorem ipsum dolor sit amet,
consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et
dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation
ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor
in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla
pariatur. Excepteur sint occaecat cupidatat non proident, sunt in culpa qui
officia deserunt mollit anim id est laborum.