Forwarding Syscalls to Userspace
Offered By: linux.conf.au via YouTube
Course Description
Overview
Explore a kernel patchset for forwarding syscalls to userspace in this 23-minute conference talk from linux.conf.au. Learn how this development allows containers to safely perform actions previously restricted to root on the host, such as loading kernel modules and mounting arbitrary filesystems. Discover the implementation details, including the use of ptrace and the Fineman algorithm, and understand the potential impact on container security and functionality. Gain insights into the challenges and issues faced during implementation, and see practical examples of how this technology can bridge the gap between container and host capabilities.
Syllabus
Intro
Load kernel modules
Mounting from inside containers
File systems
Ptrace
Fineman algorithm
P trace
Do stuff
Example
Implementation Issues
Taught by
linux.conf.au
Related Courses
Listen to Your Engine - Unearthing Security Signals from the Modern Linux KernelSecurity BSides San Francisco via YouTube Linux Tracing Techniques
Linux Foundation via YouTube An Introduction to Linux Tracing and its Concepts
Linux Foundation via YouTube Seecomp: Understanding Linux Kernel Security Features
Linux Foundation via YouTube Introduction to Low-Level Profiling and Tracing
EuroPython Conference via YouTube