Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Explore advanced compiler security features for Linux kernel hardening in this 18-minute conference talk from the Linux Plumbers Conference. Discover toolchain experiences from Google's production server kernel hardening work, focusing on "profile guided hardening" or "selective sanitization" techniques that enhance security in kernel cold paths using -lower-allow-check-percentile-cutoff-hot and -fsanitize-ignorelist flags. Learn about recent Clang developments in slab isolation that leverage allocated type properties to strengthen memory safety and make exploitation more difficult, including insights into the -fsanitize=alloc-partition RFC. Gain practical knowledge about implementing these cutting-edge compiler security measures in production kernel environments.
