A Practical Approach of Tailoring Linux Kernel
Today Linux Kernel is being used on various devices & platforms. So there are a lot of features in Linux kernel to support them, more than 30 architectures, 300 feature groups, 20,000 configuration op …
| Talk Title | A Practical Approach of Tailoring Linux Kernel |
| Speakers | Junghwan Kang (Cyber Security Researcher, The Affiliated Institute of ETRI) |
| Conference | Open Source Summit North America |
| Conf Tag | |
| Location | Los Angeles, CA, United States |
| Date | Sep 10-14, 2017 |
| URL | Talk Page |
| Slides | Talk Slides |
| Video | |
Today Linux Kernel is being used on various devices & platforms. So there are a lot of features in Linux kernel to support them, more than 30 architectures, 300 feature groups, 20,000 configuration options. The variety of features widens attack surface of Linux kernel, e.g. CVE-2016-3955: Buffer overflow in USB/IP, CVE-2017-6074: a double-free in DCCP. As a result, Linux kernel is needed to tailor as its intended use. However, the configuration is hard due to the excessive number & choices. Although there are also preceding methods like undertaker-tailor, kernel make option (localmodconfig) that are unpractical & insufficient. In this presentation, we introduce a improved approach that is a fully automatic system to tailor Linux kernel. First, we go through pros & cons of related works, and then we describe a design of our system, demonstrate how our system works and minimize Linux kernel.
