Tracing: The Bane of Security Folks - Understanding Kernel Tracing Techniques
Offered By: Linux Foundation via YouTube
Course Description
Overview
Explore the complex relationship between tracing and security in this 34-minute conference talk by Steven Rostedt from VMware Inc. Delve into the conflicting goals of tracing and security in the Linux kernel, examining how tracing aims to provide maximum information while security strives to conceal it. Learn about the tactics employed by tracing mechanisms, including live text modification and call redirection, which mirror techniques used by rootkits. Gain insights into the challenges of balancing tracing functionality with security concerns, and understand why security professionals must be well-versed in tracing methodologies. Discover topics such as isolation, lockdown, function tracing, and FTrace, concluding with a Q&A session to address audience inquiries.
Syllabus
Intro
What is your goal
Isolation
Lockdown
Conflicting agendas
Security folks must know tracing
Live kernel patching
Function Tracing
Peters
FTrace
FTrace Direct
Conclusion
Questions
Taught by
Linux Foundation
Tags
Related Courses
KernelShark 1.0 is Here - What Does that Mean?Linux Foundation via YouTube Cloud Performance Root Cause Analysis at Netflix
GOTO Conferences via YouTube Investigating C++ Applications in Production on Linux and Windows
NDC Conferences via YouTube How Much Is Tracing? Measuring the Overhead Caused by the Tracing Infrastructure
Linux Foundation via YouTube Mentorship Session - Tools and Techniques to Debug an Embedded Linux System
Linux Foundation via YouTube