Kernel Runtime Security Instrumentation
Offered By: Linux Foundation via YouTube
Course Description
Overview
Explore the concept of Kernel Runtime Security Instrumentation (KRSI) in this 33-minute conference talk by KP Singh from Google. Dive into the extensible Linux Security Module that allows userspace programs and system owners to attach eBPF programs to security hooks. Learn about the need for KRSI, its representative use cases, and how it compares to existing alternatives like Landlock, custom LSMs, and kprobes+eBPF. Examine the proposed design and interfaces, and witness a live demonstration of KRSI in action. Gain insights into signaling, mitigation strategies, and other relevant signals in kernel security. Understand the underlying structure of LSM and explore various alternatives through case studies and discussions.
Syllabus
Introduction
Signaling and Mitigation
Other Signals
Medications
How does it work
VNeck
LSM
Structure
Alternatives
Case Study
Discussion
Taught by
Linux Foundation
Tags
Related Courses
Analyzing Postgres Performance Problems Using Perf and eBPFMicrosoft via YouTube Citus Con - An Event for Postgres - Americas Livestream
Microsoft via YouTube EBPF - The Next Power Tool of SREs
USENIX via YouTube Kernel Tracing With EBPF
media.ccc.de via YouTube Building Observability for 99% Developers
Docker via YouTube