The Sched app allows you to build your schedule but is not a substitute for your event registration. In addition, you must be registered for Linux Security Summit to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

This schedule is automatically displayed in Pacific Daylight Time (PDT), UTC-7. Please select from the drop-down menu to the right to see the schedule in your preferred timezone above "Filter by Date."
Back To Schedule
Friday, October 1 • 2:30pm - 3:00pm
(IN PERSON) Analysing and Improving the Security Properties of Secret Memory - James Bottomley & Mike Rappoport, IBM

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Various patches are advancing through the kernel to designate regions of memory as hidden or secret. The current implementation mechanism for almost all of them is to remove them from the direct map of the kernel, meaning that it becomes impossible to refer to the memory from within the kernel without finding a way to map it and if an address in secret memory is ever accessed by the kernel or from another user space process, a page fault will result. The enhanced security for secret memory comes from the fact that most of the attempts to exfiltrate secrets mostly rely either on rop gadgets or privilege escalation. Since root cannot gain access to the secret from userspace because of the lack of direct map entry, the only viable exfiltration mechanism is via rop. Since there are no easy gadgets available to map a kernel address, it involves constructing a complex rop chain, making the exfiltration significantly harder (although not impossible). What we'd like to discuss in this session is how we could improve the security posture of secret memory and what its use cases might be (we've already put together a preloader that allocates openssl private keys in secret memory).

We'll be using the Plumbers BBB infrastructure. You can try it out here
  • We've disabled the authentication, so just type your name to join
  • We'll be using the plumbers protocols, so unmute video to interact
  • It will all be streamed over the AccelEvents platform, so if you only want to ask questions over chat, you don't need to use BBB

avatar for James Bottomley

James Bottomley

James Bottomley is a Distinguished Engineer at IBM Research where he works on Cloud and Container technology. He is also Linux Kernel maintainer of the SCSI subsystem. He has been a Director on the BoardJames Bottomley is a Distinguished Engineer at IBM Research where he works on... Read More →

Mike Rapoport

Developer, IBM
Mike has lots of programming experience in different areas ranging from medical equipment to visual simulation, but most of all he likes hacking on Linux kernel and low level stuff. Throughout his career Mike promoted use of free and open source software and made quite a few contributions... Read More →

Friday October 1, 2021 2:30pm - 3:00pm PDT
Room 402 - Chiliwack