Course Overview
Learn the methods and internal infrastructure of the Linux kernel. This course focuses on the important tools used for debugging and monitoring the kernel, and how security features are implemented and controlled.
Who should attend
This course is for those interested in learning how to write Linux kernel code and understand security aspects of the Linux kernel.
Prerequisites
Knowledge of basic kernel interfaces and methods such as how to write, compile, load and unload modules, use synchronization primitives, and the basics of memory allocation and management, such as is provided by Linux Kernel Internals and Development (LFD420).
Course Content
- Introduction
- Preliminaries
- Kernel Features
- Monitoring and Debugging
- The proc Filesystem **
- kprobes
- Ftrace
- Perf
- Crash
- Kernel Core Dumps
- Virtualization**
- QEMU
- Linux Kernel Debugging Tools
- Embedded Linux**
- Notifiers**
- CPU Frequency Scaling**
- Netlink Sockets**
- Introduction to Linux Kernel Security
- Linux Security Modules (LSM)
- SELinux
- AppArmor
- Netfilter
- The Virtual File System
- Flash Memory Filesystems
- Filesystems in User-Space (FUSE)**
- Journaling Filesystems**
** These sections may be considered in part or in whole as optional. They contain either background reference material, specialized topics, or advanced subjects. The instructor may choose to cover or not cover them depending on classroom experience and time constraints.