August 27 - 28 - Vancouver, BC, Canada
Click for Information & Registration
Monday, August 27 • 3:40pm - 4:20pm
STACKLEAK: A Long Way to the Linux Kernel Mainline - Alexander Popov, Positive Technologies

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
STACKLEAK is a Linux kernel security feature initially created by Grsecurity/PaX developers. In May of 2017 Alexander Popov took on the task of introducing STACKLEAK into the Linux kernel mainline. The way to the mainline turned out to be long and complicated.

In this talk Alexander will describe the inner workings of this security feature and why the vanilla kernel needs it. In fact, STACKLEAK mitigates several types of attacks against the Linux kernel due to:
- reducing the information that can be revealed through kernel stack leak bugs;
- blocking some uninitialized stack variable attacks;
- blocking kernel stack depth overflow caused by alloca (aka Stack Clash attack).

Alexander will also show the timeline of his work and share some lessons he learned from it.

avatar for Alexander Popov

Alexander Popov

Linux kernel developer, Positive Technologies
Alexander Popov is a security researcher at Positive Technologies where he is having a lot of fun with the Linux kernel vulnerabilities, exploitation techniques and defensive technologies. Alexander is a Linux kernel developer since 2012.

Monday August 27, 2018 3:40pm - 4:20pm PDT
Room 301