Stories
Slash Boxes
Comments

SoylentNews is people

posted by janrinok on Saturday November 12 2016, @06:27AM   Printer-friendly
from the we've-got-to-try dept.

At the 2015 Kernel Summit, Kees Cook said, he talked mostly about the things that the community could be doing to improve the security of the kernel. In 2016, instead, he was there to talk about what had actually been done. Kernel hardening, he reminded the group, is not about access control or fixing bugs. Instead, it is about the kernel protecting itself, eliminating classes of exploits, and reducing its attack surface. There is still a lot to be done in this area, but the picture is better than it was one year ago.

One area of progress is in the integration of GCC plugins into the build system. The plugins in the kernel now are mostly examples, but there will be more interesting ones coming in the future. Plugins are currently supported for the x86, arm, and arm64 architectures; he would like to see that list grow, but he needs help from the architecture maintainers to validate the changes. Plugins are also not yet used for routine kernel compile testing, since it is hard to get the relevant sites to install the needed dependencies.

Linus asked how much plugins would slow the kernel build process; linux-next maintainer Stephen Rothwell also expressed interest in that question, noting that "some of us do compiles all day." Kees responded that there hadn't been a lot of benchmarking done, but that the cost was "not negligible." It is, though, an important part of protecting the kernel.


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 2) by jasassin on Saturday November 12 2016, @09:24AM

    by jasassin (3566) <jasassin@gmail.com> on Saturday November 12 2016, @09:24AM (#425988) Homepage Journal

    I give up.

    --
    jasassin@gmail.com GPG Key ID: 0xE6462C68A9A3DB5A
    Starting Score:    1  point
    Karma-Bonus Modifier   +1  

    Total Score:   2  
  • (Score: 2) by Gaaark on Saturday November 12 2016, @06:04PM

    by Gaaark (41) on Saturday November 12 2016, @06:04PM (#426091) Journal

    Yeah, but the AC gives up, going uphill both ways in a snow storm while dragging his dead daddy by the penis!

    --
    --- Please remind me if I haven't been civil to you: I'm channeling MDC. ---Gaaark 2.0 ---