lf logo
8177  Reviews star_rate star_rate star_rate star_rate star_half

Security and the Linux Kernel

This instructor-led course provides an understanding of the Linux kernel security model and the mechanisms used to secure the operating system. Skills Gained The course covers the fundamentals of...

Read More
$3,250 USD
Course Code LFD441
Duration 4 days
Available Formats Classroom

This instructor-led course provides an understanding of the Linux kernel security model and the mechanisms used to secure the operating system.

Skills Gained

The course covers the fundamentals of Linux kernel security, including memory protection, process management, system calls, and filesystem security. Students will learn about various security mechanisms in the Linux kernel, such as Mandatory Access Control (MAC), Linux Security Modules (LSM), and secureboot. Throughout the course, students will gain hands-on experience in securing both userspace and the Linux kernel through various security mechanisms.

Who Can Benefit

This course is designed for systems level programmers or kernel engineers who want to learn more about the security options provided by the Linux kernel, as well as userspace developers who want to learn more about Linux kernel security mitigations. Learners should know how to build a Linux kernel, write and use Linux kernel modules, as well as have basic Linux command line and system administration skills.

Prerequisites

To make the most of this course, you should:

  • Be proficient in the C programming language.
  • Be familiar with basic Linux (UNIX) utilities such as ls, grep and tar.
  • Be comfortable using any of the available text editors (e.g. emacs, vi, etc.).
  • Experience with any major Linux distribution is helpful but not strictly required.
  • Have experience equivalent to having taken LFD420: Linux Kernel Internals and Development.

Course Details

Course Outline

  • Introduction
  • Preliminaries
  • Secure Boot VM Setup
  • How to Work in OSS Projects **
  • ReducingAttack Surfaces
  • Kernel Features
  • Kernel Deprecated Interfaces
  • Address Space Layout Randomization (ASLR)
  • Kernel Structure Layout Randomization
  • Introduction to Linux Kernel Security
  • CGroups
  • Secure Boot
  • Module Signing
  • Integrity MeasurementArchitecture (IMA)
  • DM-Verity
  • Linux Security Modules(LSM)
  • SELinux
  • AppArmor
  • LoadPin (LSM)
  • Lockdown
  • Safesetid
  • Netfilter
  • Netlink Sockets**
  • Closing and Evaluation Survey
  • KernelArchitecture I
  • Kernel Programming Preview
  • Modules
  • KernelArchitecture II
  • Kernel Configuration and Compilation
  • Kernel Style and General Considerations
  • Race Conditions and Synchronization Methods
  • Memory Addressing
  • Memory Allocation