Extending Non-Repudiable Logs with eBPF
Offered By: Linux Plumbers Conference via YouTube
Course Description
Overview
Explore how eBPF can enhance non-repudiable logging in the Linux kernel to improve system integrity attestation. Learn about an extensible interface that allows user-defined programs to leverage TPM-based non-repudiable logging for any kernel data accessible to eBPF programs. Discover how this approach enables more granular system integrity verification through the wide variety of eBPF hook locations. Examine a practical application of this technique in measuring and storing container image digests to verify and attest container integrity. Gain insights into the exciting future of eBPF in security and trust, and its potential for various use cases.
Syllabus
Extending Non-Repudiable Logs with eBPF - Avery Blanchard, George Almasi
Taught by
Linux Plumbers Conference
Related Courses
Overview and Recent Developments in TPM - Kernel Space UpdatesLinux Foundation via YouTube Updating Linux with TUX: Trust Update for Linux Kernel
Linux Foundation via YouTube Abusing Linux as a Trusted Bootloader
Linux Foundation via YouTube Where Are Your Images Running? Stop Worrying and Start Encrypting!
CNCF [Cloud Native Computing Foundation] via YouTube Securing Firmware - Secure and Trusted Boot in OpenBMC
linux.conf.au via YouTube