August 27 - 28 - Vancouver, BC, Canada
Click for Information & Registration
Intermediate [clear filter]
Monday, August 27

11:25am PDT

Open System Firmware Projects - Elaine Palmer, IBM Research
Three industry groups are pursuing the goal of creating open source system firmware. They seek to improve the openness, portability, security, and maintainability of boot firmware, device firmware, and system management firmware. A panel of passionate trailblazers will describe their efforts and the groups and organizations supporting them.

avatar for Elaine Palmer

Elaine Palmer

Senior Technical Staff Member, IBM Research
Elaine Palmer is a Senior Technical Staff Member at the Thomas J. Watson Research Center, Yorktown Heights, NY, and a member of the IBM Academy of Technology. Her current interests are in extending principles of secure boot, measured boot, and attestation to subsystems of high availability... Read More →

avatar for Bryan Kelly

Bryan Kelly

Principal Firmware Engineering Manager, Microsoft
Bryan Kelly is a Principle Firmware Engineering Manager for Microsoft’s Azure Cloud Server Infrastructure team. Bryan supports Microsoft’s cloud services by designing and developing firmware that enables hardware solutions in Microsoft’s next generation cloud platforms. During... Read More →
avatar for Nate Klein

Nate Klein

OCP Security Project Lead, Google
Nate Klein is a hardware engineer on the Platforms Infrastructure team that designs and deploys all of the hardware that powers Google's internal and cloud services.  In 6 years at Google his work includes NIC drivers and firmware, server and PCIe card design, and hardware security... Read More →

Monday August 27, 2018 11:25am - 12:05pm PDT
Room 301

1:30pm PDT

Year in Review: Android Kernel Security - Jeff Vander Stoep & Sami Tolvanen, Google
The Linux kernel provides Android’s trusted computing base and is the primary enforcer of Android’s security model. Increasingly, it’s also the primary target for privilege escalation attacks. Let’s dive into the details and discuss:
- Data data data! Where/how the kernel is being attacked. An analysis of the kernel security bugs reported to Google.
- Discussion on the effectiveness of recently introduced mitigations.
- New kernel mitigations introduced in the Android Open Source Project.
- Kernel security wishlist.


Jeff Vander Stoep

Software Engineer - Android Security, Google
Jeff Vander Stoep is a software engineer on the Android security team at Google where he is working on security improvements to the Android platform.

Sami Tolvanen

Software Engineer - Android Security, Google
Sami Tolvanen is a software engineer on the Android Platform Security team, currently focusing on kernel hardening.

Monday August 27, 2018 1:30pm - 2:10pm PDT
Room 301

2:50pm PDT

Syzbot and the Tale of Thousand Kernel Bugs - Dmitry Vyukov, Google
The root cause of most software exploits is bugs. Hardening, mitigations and containers are important, but they can't protect a system with thousands of bugs. In this presentation, Dmitry Vyukov will review the current [sad] situation with Linux kernel bugs and security implications based on their experience testing kernel for the past 3 years; overview a set of bug finding tools they are developing (syzbot, syzkaller, KASAN, KMSAN, KTSAN); and discuss problems and areas that require community help to improve the situation.

avatar for Dmitry Vyukov

Dmitry Vyukov

Senior Staff Bug Slaughterer, Google
Dmitry Vyukov, Google, Senior Kernel Bug SlaughtererDmitry works on dynamic testing tools at Google. His projects includea variety of bug detection tools for user-space and kernel, C/C++ andGo/Java; fuzzing tools (LibFuzzer, go-fuzz, syzkaller) and automationsystems like syzbot. Dmitry... Read More →

Monday August 27, 2018 2:50pm - 3:30pm PDT
Room 301

3:40pm PDT

STACKLEAK: A Long Way to the Linux Kernel Mainline - Alexander Popov, Positive Technologies
STACKLEAK is a Linux kernel security feature initially created by Grsecurity/PaX developers. In May of 2017 Alexander Popov took on the task of introducing STACKLEAK into the Linux kernel mainline. The way to the mainline turned out to be long and complicated.

In this talk Alexander will describe the inner workings of this security feature and why the vanilla kernel needs it. In fact, STACKLEAK mitigates several types of attacks against the Linux kernel due to:
- reducing the information that can be revealed through kernel stack leak bugs;
- blocking some uninitialized stack variable attacks;
- blocking kernel stack depth overflow caused by alloca (aka Stack Clash attack).

Alexander will also show the timeline of his work and share some lessons he learned from it.

avatar for Alexander Popov

Alexander Popov

Linux kernel developer, Positive Technologies
Alexander Popov is a security researcher at Positive Technologies where he is having a lot of fun with the Linux kernel vulnerabilities, exploitation techniques and defensive technologies. Alexander is a Linux kernel developer since 2012.

Monday August 27, 2018 3:40pm - 4:20pm PDT
Room 301

4:20pm PDT

How to Safely Restrict Access to Files in a Programmatic Way with Landlock? - Mickaël Salaün, ANSSI
Mandatory Access Control is implemented in four major LSMs. They either identify a file with its inode attribute (SELinux and Smack) or with its path (AppArmor and Tomoyo). This techniques share a common drawback: they cannot safely be used from an unprivileged context. One of Landlock's goal is to tackle this problem with a new hybrid way to identify a file from a user-defined security policy.

After a brief recap of the main mechanisms used by Landlock (covered in LSS 2017), this talk highlight the constraints of applying an unprivileged access-control on files, what was the previous Landlock attempts, and how works the new way to programmatically describe a file access (cf. the eighth patch series of Landlock). We illustrate this with a demo of a dynamic access-control for end user. Finally, we discuss some drawbacks and how much it depends on the internal kernel implementation.

avatar for Mickaël Salaün

Mickaël Salaün

Senior Software Engineer, Microsoft
Mickaël Salaün is a security researcher and open source enthusiast. He is mostly interested in Linux-based operating systems, especially from a security point of view. He has built security sandboxes before hacking into the kernel on a new LSM called Landlock, of which he is now... Read More →

Monday August 27, 2018 4:20pm - 4:50pm PDT
Room 301

5:00pm PDT

Sub-system Update: State of SELinux - Paul Moore, Red Hat
This is the annual "State of SELinux" presentation where the past year of SELinux related development is presented as well as current and expected future work.

avatar for Paul Moore

Paul Moore

Principal Software Engineer, Microsoft Corporation
Paul Moore has been involved in various Linux platform security efforts since 2004 at Hewlett-Packard, Red Hat, Cisco, and Microsoft. He currently maintains the Linux Security Module (LSM) layer as well as the SELinux, audit, and labeled networking subsystems in the Linux Kernel... Read More →

Monday August 27, 2018 5:00pm - 5:10pm PDT
Room 301

5:30pm PDT

Sub-system Update: Kernel Self-Protection Project - Kees Cook, Google
This presentation will cover the year-in-review of the Kernel Self-Protection Project since the last Linux Security Summit NA, including an overview of all the security defenses landed in kernels 4.14 through 4.18. Some highlights are vmapped stacks, structure randomization, SLUB freelist obfuscation, set_fs() checking, fast refcount_t protection, Page Table Isolation, usercopy whitelisting, VLA removals, and the stackleak plugin.

We'll also take a quick look at the evolution of kernel CVE lifetimes, find out what defenses are still under development, and note some areas where help is still needed.

avatar for Kees Cook

Kees Cook

Kernel Security Software Engineer, Google
Kees Cook has been working with Free Software since 1994, has been a Debian Developer since 2007, and has been a member of the Linux Kernel Technical Advisory Board since 2019. He is currently employed as a Linux kernel security engineer by Google, focusing on upstream kernel security... Read More →

Monday August 27, 2018 5:30pm - 5:40pm PDT
Room 301
Tuesday, August 28

9:50am PDT

Updating Linux with TUX: Trust Update for Linux Kernel - Suhho Lee & Hyunik Kim, Dankook University
As lethal security attacks, such as Spectre and Meltdown, arise, Linux has conducted a vast number of software updates to mitigate security threats. However, less attention was given to the dynamically changing integrity of the system after updates. To maintain the trust of the platform, system updates should accompany integrity information updates as well.
We propose TUX, Trust Update for Linux kernel, to guarantee the up-to-date integrity of the pre-boot environment. TUX consolidates kernel repository into Intel's Open CIT to manage up-to-date integrity. Also, TUX deploys kernel which holds up-to-date integrity value as a signature. Finally, TUX secure bootloader mandates integrity verification at the booting using the TUX kernel, leveraging the UEFI secure boot and TPM. Thus, with TUX, Linux system can maintain trust even with the frequent updates.

avatar for Hyunik Kim

Hyunik Kim

Research Assistant, Dankook University
Hyunik Kim is an enthusiastic undergraduate student in Department of Mobile Systems Engineering, Dankook University, Korea. He is currently interested in Many-core architecture, Operating systems, and System security.
avatar for Suhho lee

Suhho lee

Research Assistant, Dankook University
Suhho Lee is a master's student in Department of Computer Science at Dankook University, Korea. His research interests include Operating systems, Computer architecture, System Security, and Human-Computer Interaction. His current focus is TUX, Trust update for Linux kernel, which... Read More →

Tuesday August 28, 2018 9:50am - 10:30am PDT
Room 301

10:40am PDT

The Future of Security is in Open Silicon - Joel Wittenauer, Rambus Security, Cryptography Research
In this talk we describe how we used an open operating system (Zephyr) to create a root of trust running on RISC-V based security CPU to secure a high-level operating system (Linux). Security features of the RISC-V processor and the assisting hardware security cores are utilized to implement three internal privilege levels within the root of trust in order to create a freely-programmable application sandbox providing services for Linux.

The talk quickly describes the way Zephyr OS is used as the base, internal architecture of the root of trust, the functionality of its three internal privilege levels and the hardware security cores, the programming interfaces and the current integration state with the Linux host. We would also like to establish a dialogue with the Linux security community in order to understand how to better serve Linux security.

avatar for Joel Wittenauer

Joel Wittenauer

Embedded Software Product Architect, Rambus Cryptography Research

Tuesday August 28, 2018 10:40am - 11:20am PDT
Room 301

3:20pm PDT

Getting Started with the TPM2 Software Stack (TSS2) - Philip Tricca, Intel
For the last ~2 years Intel and our collaborators in Trusted Computing Group (TCG) and OSS community have been working to standardize and implement APIs and infrastructure to drive interactions with TPM2 devices. This work has produced TCG standards describing the APIs, an OSS implementation of the APIs and a small community that has organized around the implementation on the web / Github at https://github.com/tpm2-software. In this talk Phil will give an overview of the project before breaking down the various components and APIs in detail. He'll discuss major accomplishments in the year since our last update at the Linux Pliumbers Conference as well as future project direction and use cases.


Philip Tricca

Software Engineer, Intel
Philip is a software engineer in Intel’s platform security division working to enable use of the Trusted Platform Module (TPM2) and a number of other security technologies. Phil has worked for the last 3 years to standardize the TCGs TPM2 software stack (TSS2), to develop an open... Read More →

Tuesday August 28, 2018 3:20pm - 4:00pm PDT
Room 301

4:40pm PDT

Extending OpenPOWER Boot Security to Guests - George Wilson, IBM
The KVM and PowerVM guest environments are significantly different from the OpenPOWER host environment: the boot sequence is shorter, the firmware components are simpler, and the bootloader is entirely replaced. A secure boot design must accommodate the dissimilarities and, consequently, the solution for the OpenPOWER host is not directly applicable to guests. Yet, much as for the host case, existing open source elements can help solve the problem of booting guest OSs securely. This talk follows last year's OpenPOWER host secure boot talk and discusses possible design alternatives that reuse open source code to bring OS boot security improvements to KVM on OpenPOWER and PowerVM guests.

avatar for George Wilson

George Wilson

Security Architect and Development Team Lead, IBM's Linux Technology Center
George Wilson is a security architect and development team lead in IBM's Linux Technology Center. Since joining the LTC in 2004, he has led IBM's Linux security certification activities and development of open source security technology including key management, Trusted Computing... Read More →

Tuesday August 28, 2018 4:40pm - 5:10pm PDT
Room 301
Filter sessions
Apply filters to sessions.