AI Engineer - Learn how to integrate AI into software applications
Master Production-Ready Machine Learning, Step by Step
Overview
Google, IBM & Meta Certificates – 40% Off
One plan covers every Professional Certificate on Coursera.
Unlock All Certificates
Explore advanced compiler security features for Linux kernel hardening in this 18-minute conference talk from the Linux Plumbers Conference. Discover toolchain experiences from Google's production server kernel hardening work, focusing on "profile guided hardening" or "selective sanitization" techniques that enhance security in kernel cold paths using -lower-allow-check-percentile-cutoff-hot and -fsanitize-ignorelist flags. Learn about recent Clang developments in slab isolation that leverage allocated type properties to strengthen memory safety and make exploitation more difficult, including insights into the -fsanitize=alloc-partition RFC. Gain practical knowledge about implementing these cutting-edge compiler security measures in production kernel environments.
Syllabus
Exciting new compiler flags for kernel security - Florent Revest (Google)
Taught by
Linux Plumbers Conference