From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <prvs=06840dc7fd=mjg59@cavan.codon.org.uk>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
	[172.17.192.35])
	by mail.linuxfoundation.org (Postfix) with ESMTPS id 6D003E0A
	for <ksummit-discuss@lists.linuxfoundation.org>;
	Sun, 30 Aug 2015 00:41:08 +0000 (UTC)
Received: from cavan.codon.org.uk (cavan.codon.org.uk [93.93.128.6])
	by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 8471710D
	for <ksummit-discuss@lists.linuxfoundation.org>;
	Sun, 30 Aug 2015 00:41:07 +0000 (UTC)
Date: Sun, 30 Aug 2015 01:41:04 +0100
From: Matthew Garrett <mjg59@srcf.ucam.org>
To: Kees Cook <keescook@chromium.org>
Message-ID: <20150830004103.GA24295@srcf.ucam.org>
References: <alpine.LRH.2.20.1508241335370.1294@namei.org>
	<alpine.LNX.2.00.1508241343430.25821@pobox.suse.cz>
	<alpine.LRH.2.20.1508242150310.27693@namei.org>
	<CAGXu5jLxzAtNPc_M+kPTZw6YqD1Op6Mvb-NHnJTewFanuVsqLQ@mail.gmail.com>
	<CAGXu5jKLd=9y2=r21fKrN9tK6=TCPBqzZgBiqWqOqYnw5uj2tA@mail.gmail.com>
	<CAPeXnHsTMY+s4Qdj5JJTtLE1jyM6_THsLnpHrSUSpDWWpO2qeg@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <CAPeXnHsTMY+s4Qdj5JJTtLE1jyM6_THsLnpHrSUSpDWWpO2qeg@mail.gmail.com>
Cc: ksummit-discuss@lists.linuxfoundation.org
Subject: [Ksummit-discuss] Self nomination
List-Id: <ksummit-discuss.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/ksummit-discuss>,
	<mailto:ksummit-discuss-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/ksummit-discuss/>
List-Post: <mailto:ksummit-discuss@lists.linuxfoundation.org>
List-Help: <mailto:ksummit-discuss-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/ksummit-discuss>,
	<mailto:ksummit-discuss-request@lists.linuxfoundation.org?subject=subscribe>

Unsure whether Kees suggesting me is sufficient, so:

I'd like to be involved if we're going to have a meaningful discussion 
about more proactively mitigating attacks on the kernel. I've been 
working full-time in the security field for about the past three years, 
and it's certainly resulted in a fairly strong shift in attitude towards 
how well we're doing here. At this point even Microsoft are showing more 
aggressive security development than we are, and when the only person 
who appears to be doing meaningful work in adding mitigation features to 
the kernel is Kees, that's kind of a bad sign.

I've been doing development in this field for some time now - the secure 
boot patchset is an attempt to avoid allowing userspace privilege 
escalations to turn into persistent kernel compromises, for instance. As 
a member of the SFC's kernel copyright enforcement group, I'm also 
interested in being involved in any legal discussions that come up. Even 
if I don't make the invite list, I'd hope that these both end up as high 
priority topics.

-- 
Matthew Garrett | mjg59@srcf.ucam.org