Loading…
August 27 - 28 - Vancouver, BC, Canada
Click for Information & Registration
View analytic
Monday, August 27 • 9:15am - 9:55am
Making C Less Dangerous - Kees Cook, Google

Sign up or log in to save this to your schedule and see who's attending!

Feedback form is now closed.
With the kernel written in C, it comes with some worrisome baggage, "undefined" behaviors, and other weaknesses that lead to security flaws and vulnerable infrastructure. Some of these weaknesses related to the design of chipsets and how close C is to machine code, but others are less specific.

This presentation will explore the areas where the kernel is changing the C standard, defining undefined behaviors, or otherwise reorganizing things to make C itself less of a hazard.

Specifically this will cover removing (and enforcing the lack of) Variable Length Arrays in kernel code, forcing all stack variables to be initialized with a GCC plugin, performing implicit bounds checking with overloaded builtins, handling arithmetic overflows safely, and protecting forward (call) and reverse (return) indirect function calls with CFI under Clang.

Speakers
avatar for Kees Cook

Kees Cook

Kernel Security Engineer, Google
Kees Cook has been working with Free Software since 1994, and has been a Debian Developer since 2007. He is currently employed as a Linux kernel security engineer by Google, working on Android and and Chrome OS. From 2006 through 2011 he worked for Canonical as the Ubuntu Security... Read More →



Monday August 27, 2018 9:15am - 9:55am
Room 301