Linux Security Summit North America 2025

This session is a short, open discussion on strategies and mechanisms for mitigating malicious modifications to structures in the data and bss segments as well as the heap of the kernel. We will overview case studies for how these attacks work across various types of CVEs, as well as existing protections, from those requiring new hardware (ARM MTE, TMDFI), to those working with existing hardware (ARM POE + kpkeys, HVCI/Heki-style enforcement systems), to software approaches (compiler-enforced data-flow, allocator restrictions, data layout randomization). We will then turn to an open discussion session of the benefits and drawbacks of offered protections, to (1) identify just how difficult we can make it for attackers using current mechanisms, (2) pinpoint precise gaps to focus in on for future work, and (3) come up with solutions to the harder problems involved, such as determining what is a "valid" write.

Refs.
https://lore.kernel.org/all/uqgb234tm4svoz2yvbamzal2srxnjnwrj2coiimvuz5bzblbia@pfabobbxo2jf/
https://lore.kernel.org/all/a32cjyekuecoowzbitc2xykilvpu6l3jjtityp7x5hw7xbiysp@5l2lptwmqiug/
https://www.usenix.org/system/files/usenixsecurity24-johannesmeyer.pdf