Address Space Isolation for Enhanced Safety of the Linux Kernel

When:
Tuesday, September 27, 2022
3:00pm to 4:00pm
(UTC+00:00) UTC

Where:
ttps://zoom.us/j/99213654157?pwd=VGxmOVVqbHNoSG9NbGE3SktYYzMxUT09

Organizer: Igor Stoppa

View Event

Description:
Topic: Address Space Isolation for Enhanced Safety of the Linux Kernel
Speaker: Igor Stoppa, NVIDIA
Abstract: Linux is entering fields dominated by specialised embedded OS, like Safety applications. However, Linux was not designed to pass the safety qualification process, where claims about system safety need the backing of both argumentation and objective evidence. In a system with components having different levels of Safety, the less-safe components cannot generate undetected interference in safer ones. The kernel-space memory management is not helping, though. For example, a buggy device driver can interfere with any other non-write protected component, including scheduling metadata, execution stacks, etc. The proposal identifies a strategy for functional partitioning of the system, identification of critical elements, and various mechanisms to increase their safety. It will describe changes to the Linux kernel, both for memory management, creating an opt-in level of address space isolation, and also other specific tweaks, for hardening critical aspects, like the kernel stack, against interference. The goal is to expand both the prevention and the detection of interferences that external monitoring alone would not detect easily. Participants will learn both a methodology for the safety analysis of a Linux system, and mechanism for improving the safety of selected components.

Join Zoom Meeting https://zoom.us/j/99213654157?pwd=VGxmOVVqbHNoSG9NbGE3SktYYzMxUT09
Meeting ID: 992 1365 4157
Passcode: 571481