October 31 - November 1 - Co-Located Events
October 28-30 - Conference
Lyon Convention Centre - Lyon, France
More information for Open Source Summit + Embedded Linux Conference Europe 2019
Back To Schedule
Monday, October 28 • 11:30 - 12:05
Address Space Separation Inside the Linux Kernel - Mike Rapoport, IBM

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Address space isolation has been used to protect the kernel and userspace programs from each other since the invention of the virtual memory. Assuming that kernel bugs and therefore exploits are inevitable
it might be worth isolating parts of the kernel to minimize the damage that these exploits can cause.

Mike is going to present a mechanism for "system call isolation" that allows running a system call with largely reduced page tables and provides the kernel with the ability to inspect the memory accesses and verify their safety based on a pre-defined policy.

Another topic is assigning an address spaces to the Linux namespaces. For instance, by keeping all the objects in a network namespace private, we can achieve levels of isolation equivalent to running a separated network stack.

This idea has already been posted to the linux kernel email list as aset of RFC patches so we'll discuss both the current state of the patchset as well as potential future enhancements.


Mike Rapoport

Researcher, IBM
Mike has lots of programming experience in different areas ranging from medical equipment to visual simulation, but most of all he likes hacking on Linux kernel and low level stuff. Throughout his career Mike promoted use of free and open source software and made quite a few contributions... Read More →

Monday October 28, 2019 11:30 - 12:05 CET
Lumiere Auditortium
  Linux Systems
  • Session Slides Included Yes