Coursera Spring Sale
40% Off Coursera Plus Annual!
Grab it
Explore a conference talk that introduces "revocable," a new kernel mechanism designed to prevent classic use-after-free (UAF) bugs in Linux systems. Learn how UAF vulnerabilities occur when resources tied to hot-pluggable devices are accessed after device removal, such as when file operations are performed on descriptors after device unplugging. Discover how the revocable mechanism differs from the existing devres framework by specifically addressing access invalidation rather than just resource lifetime management. Understand the design and implementation details of this resource management approach that allows device drivers to invalidate consumer access to resources when underlying devices become unavailable, ensuring graceful failure instead of UAF conditions. Examine a real-world application of this mechanism in ChromeOS Embedded Controller drivers and consider how this generic solution could be adopted across other drivers facing similar resource lifecycle challenges.
