Brown Digital Repository | Item

Full Metadata

Overview

Year:: 2019
Contributor:: Guerrant, Elisa (creator); Kemerlis, Vasileios (thesis advisor); Benson, Theophilus (reader); Brown University. Computer Science (sponsor)
Genre:: theses
Subject:: Linux; Computer science; Computer security; Operating systems (Computers)
DOI: https://doi.org/10.26300/rrkw-dp30

Files

Description

Abstract:: This thesis addresses the problem of memory safety in the Linux kernel. Despite many memory isolation, control-flow integrity, and code diversification techniques existing both in user space and kernel space, many of these techniques have been proven to be less effective in the kernel and can often be bypassed using memory disclosure vulnerabilities. This thesis describes a way in which critical data, such as keyrings that hold authentication keys, encryption keys, etc., can be moved to an isolated memory location so that, in conjunction with the kernel hardening scheme kR^X, they are protected from vulnerabilities like memory leaks. The techniques described in this paper can be generalized and used with other sensitive data in the kernel like user credentials.
Notes:: Senior thesis (ScB)--Brown University, 2019; Concentration: Computer Science

Content

Access Conditions

Rights: In Copyright
Restrictions on Use: Collection is open for research.

Citation

Guerrant, Elisa, "Hardening the Linux Kernel Key Retention Service against Information Disclosure Vulnerabilities" (2019). Computer Science Theses and Dissertations. Brown Digital Repository. Brown University Library. https://doi.org/10.26300/rrkw-dp30

Relations

Collection:

Computer Science Theses and Dissertations

Theses and Dissertations for the Computer Science department.
...

Hardening the Linux Kernel Key Retention Service against Information Disclosure Vulnerabilities