Presented by

  • Kees Cook

    Kees Cook
    @https://hachyderm.io/@kees https://outflux.net/

    Kees Cook has been working with Free Software since 1994, has been a Debian Developer since 2007, and has been a member of the Linux Kernel Technical Advisory Board since 2019. He is currently employed as a Linux kernel security engineer by Google, focusing on upstream kernel security defenses.

    From 2006 through 2011 he worked for Canonical as the Ubuntu Security Team's Tech Lead. Before that, he worked as the lead sysadmin at OSDL, before it was the Linux Foundation. He has written various utilities including GOPchop and Sendpage, and contributes randomly to other projects including fun chunks of code in OpenSSH, Inkscape, Wine, MPlayer, and Wireshark.

Abstract

Kernel Control Flow Integrity (KCFI) hardens the Linux kernel against function pointer hijacking by validating each indirect call against its expected function-type signature. This protection has, until recently, only existed in Clang. This talk is the story of bringing it to GCC: giving myself a crash course in GCC's internals, experimenting with implementation choices across front, middle, and backend code, adding coverage and regression tests as I hit bugs, and working through reviewer feedback across a dozen revisions. Attendees will leave with a picture of what it takes to work on a security feature in GCC, how KCFI actually works, and where the implementation stands today.