Jesse Larrew
Lakeway,TX
Summary
Hardware background and expert-level software experience are the foundation for defensive security engineering and offensive security research. More than 16 years of software development experience and 8 years of security experience.
Overview
17
17
years of professional experience
1
1
Certification
Work History
Security Architecture R&D
AMD
Austin, TX
03.2015 - Current
- Secure Encrypted Virtualization (SEV): Wrote prototype PSP firmware on an FPGA along with a Linux kernel driver to simulate SEV key management operations prior to hardware availability.
- Co-invented the SEV Key Management API and developed the PSP firmware implementation for the EPYC “Naples” server product.
- This firmware made use of a custom hardware cryptography engine.
- From my 2016 performance review: “Jesse has stepped in and provided excellent development results, including very quality level SEV API logic and code. He certainly is one of the top MTS level developers at AMD for software/firmware projects.”
- Researched a go-to-market strategy for using Secure Encrypted Virtualization (SEV) with containers on Windows and Linux and presented to the Server business unit.
- Created a prototype implementation of SEV-protected containers using Kata Containers as a base.
- Created an SEV demo for use by AMD Field Application Engineers to demonstrate the memory encryption feature to customers.
- Dynamic Root of Trust for Measurement (DRTM): Created a prototype implementation of DRTM on AMD platforms by adding support for the SKINIT x86-64 instruction to the open source tboot project.
- Served as the main point of contact at AMD for both partners and open source projects (e.g. TrenchBoot) regarding DRTM topics.
- Incident response: Created an exploit for the SPOILER attack on Intel CPUs to confirm that AMD CPUs were not vulnerable.
- Leveraged the DRAMA and HammerSuite tools to mount Row Hammer attacks on the AMD memory controller to investigate whether it was vulnerable to the TRResspass vulnerability.
KVM/QEMU Team
IBM
Austin, TX
10.2012 - 07.2013
- Authored a patch set for virtio to emulate PIO operations with less costly hypercalls resulting in a measured performance improvement of 3% for networking.
Linux on Power Kernel Team
IBM
Austin, TX
07.2009 - 10.2012
- Updated the Linux kernel to take advantage of new hardware features of IBM PowerPC CPUs.
- Designed, implemented, tested, and submitted a complete patch set to enable the Linux kernel to take advantage of the Virtual Processor Home Node (VPHN) firmware feature on Power7 platforms.
- This feature allows the Linux kernel to adapt to platforms with a dynamic NUMA CPU topology.
- Worked closely with Red Hat and SuSE engineers to ensure that kernel features were backported to distro kernels, tested, and verified.
- Quickly resolved any defects opened against IBM features in distro kernels.
- Contributed to the success of the Watson Jeopardy-playing supercomputer by collaborating with the NFS maintainer to fix a crash bug and backported his patch to distro kernels.
- Became an honorary member of the Watson team for the remainder of the project
- Developed a process to allow the Manufacturing department to automate RHEL and SLES installs on customer machines including all necessary kernel updates for the platform.
- Designed, implemented, tested, and delivered a system to allow Manufacturing to translate a location code for a specific disk in the CEC to a logical (kernel) device name, and produce the required changes to the installation processes on both RHEL and SLES to install to the selected disk.
- Authored a comprehensive guide on proper console configuration and troubleshooting procedures for support personnel entitled 'Configuring The Linux Console'.
On-Site Partner at Red Hat
IBM
Westford, MA
10.2008 - 07.2009
- Volunteered for a year-long rotational assignment at Red Hat as the IBM on-site partner in support of the System X (x86-64) and System P (ppc64) brands.
- Ensured that upstream kernel features and bug fixes of strategic importance to the System X and P brands were back-ported, merged, and verified for the RHEL 4.8, 5.3, 5.4, and 6.0 kernel releases.
- Ensured that Red Hat engineers always had access to IBM hardware for development and testing of IBM-desired features.
- Installed and serviced pre-GA IBM hardware in the Red Hat testing grid.
- Visited a local customer site to solve a critical support issue. Provided on-site troubleshooting, data gathering, and solution verification on behalf of the assigned 'crit-sit' team at IBM.
- This crit-sit had been open for several months, but the support representative assigned to this customer had made little progress toward a resolution. After the System X team asked me to go on-site and assist, we were able to produce a solution within 10 days.
- Received an IBM 'Thanks!' award for 'outstanding work with a customer.'
Linux on Cell Broadband Engine
IBM
Austin, TX
06.2007 - 10.2008
- Designed, implemented, and delivered a hybrid architecture (x86_64/Cell BE) debugger (the DaCS GDB Manager) for use in the Road Runner supercomputing cluster environment.
- This was a key deliverable in support of a multi-million dollar deal between IBM and Los Alamos National Lab (LANL).
Education
Bachelor of Science - Electrical Engineering
Wayne State University
Detroit, MI05.2007
Skills
- Secure Coding
- Vulnerability Research
- Fuzzing
- Exploit Development
- Applied Cryptography
- Code Review
- System Development
- Firmware Development
- Embedded System Development
- C/C
- Assembly (ARMv7, Intel x86/x86-64, Power7)
- Rust
Blackhat Education
- Exploit Laboratory: Blackbelt
- Exploit Laboratory: Master
Professional Development
- Linux Kernel Internals Overview
- Linux Kernel Internals II
- Linux Kernel Debugging
- Agile Development Workshop
Certification
- Exploit Development: Master (Aug 2015)
- Exploit Development: Blackbelt (Aug 2015)
Timeline
Security Architecture R&D
AMD
03.2015 - Current
KVM/QEMU Team
IBM
10.2012 - 07.2013
Linux on Power Kernel Team
IBM
07.2009 - 10.2012
On-Site Partner at Red Hat
IBM
10.2008 - 07.2009
Linux on Cell Broadband Engine
IBM
06.2007 - 10.2008
Bachelor of Science - Electrical Engineering
Wayne State University
Similar Profiles
Danish MasoodDanish Masood
Application Test Engineer (Contractor) at AMDApplication Test Engineer (Contractor) at AMD
Swapnil RastogiSwapnil Rastogi
Staff/Lead Operations Engineer at AMDStaff/Lead Operations Engineer at AMD
Sumer ShendeSumer Shende
MTS Design Verification Engineer at AMDMTS Design Verification Engineer at AMD
Richard GarciaRichard Garcia
Sr. Test Manager at AMDSr. Test Manager at AMD
Megan BrownMegan Brown
Nanny/House Manager at Marietta FamilyNanny/House Manager at Marietta Family