LFD440 – Linux Kernel Debugging and Security (BG)

Course: LFD440 Linux Kernel Debugging and Security

За Курса (About this Course):

- This instructor-led course focuses on the important tools used for debugging and monitoring the kernel, and how security features are implemented and controlled.

Цели – Какво ще научите (Course Goals/Skills):

This four day course includes extensive hands-on exercises and demonstrations designed to give you the necessary tools to develop and debug Linux kernel code.
Introduction
Preliminaries
How to Work in OSS Projects **
Kernel Features
Monitoring and Debugging
Printk
The proc Filesystem **
kprobes
Ftrace
Perf
eBPF
Crash
kexec
Kernel Core Dumps
Virtualization**
QEMU
Linux Kernel Debugging Tools
Embedded Linux**
Notifiers**
CPU Frequency Scaling**
Netlink Sockets**
Kernel Deprecated Interfaces
Introduction to Linux Kernel Security
Linux Security Modules (LSM)
SELinux
AppArmor
Netfilter
The Virtual File System
Filesystems in User-Space (FUSE)**
Journaling Filesystems**
Closing and Evaluation Survey
Kernel Architecture I
Kernel Programming Preview
Modules
Kernel Architecture II
Kernel Configuration and Compilation
Kernel Style and General Considerations
Race Conditions and Synchronization Methods
Memory Addressing
Memory Allocation

Курсът е предназначен за (Audience):

This course is for experienced developers who need to understand the methods and internal infrastructure of the Linux kernel.

Формат на курса

Присъствен Формат – Учебна Зала или Вашия Офис. Учебната зала е оборудвана с компютър за всеки участник.

Online Формат – Участвайте виртуално в обучението чрез телеконферентна връзка.

Език на курса (Course Language Option)

Може да изберете Език на който да се проведе обучението – български или английски. Всичките ни инструктори владеят свободно английски език.

Учебни Метериали: в електронен формат (Учебните материали са на английски), включени в цената с неограничен достъп.

Лабораторна среда: всеки курсист разполага със собствена лаб среда, където се провеждат упражненията, част от курса.

Продължителност (Course Duration):

4 работни дни (09:00 – 17:00)

или

32 уч.ч. обучение (теория и практика) в извънработно време с продължителност 3.5 седмици
събота и неделя 10:00 – 14:00, 14:00 – 18:00, 18:00 – 22:00
понеделник и сряда 19:00 – 23:00
вторник и четвъртък 19:00 – 23:00

Плащане (Payments):

Заявка за издаване на фактура се приема към момента на записването на съответния курс.

Фактура се издава в рамките на 7 дни от потвърждаване на плащането.

Предстоящи Курсове (Next Class):

За повече информация използвайте формата за контакт.

Ще се свържем с Вас за потвърждаване на датите.

Предпоставки (Изисквания) за Участие (Prerequisites):

- To make the most of this course, you should:
  - Be proficient in the C programming language.
  - Be familiar with basic Linux (UNIX) utilities such as ls, grep and tar.
  - Be comfortable using any of the available text editors (e.g. emacs, vi, etc.).
  - Experience with any major Linux distribution is helpful but not strictly required.
  - Have experience equivalent to having taken LFD420: Linux Kernel Internals and Development.
  Pre-class preparation material will be provided before class.

Курсът подготвя за следните сертификационни нива

Course Curriculum

1 Introduction
- Lecture1.1
  
  1.1 Objectives
- Lecture1.2
  
  1.3 The Linux Foundation
- Lecture1.3
  
  1.10 Using and Downloading a Virtual Machine
2 Preliminaries
- Lecture2.1
  
  2.1 Procedures
- Lecture2.2
  
  2.2 Kernel Versions
- Lecture2.3
  
  2.3 Kernel Sources and Use of git
- Lecture2.4
  
  2.4 Labs
3 How to Work in OSS Projects
- Lecture3.1
  
  3.1 Overview on How to Contribute Properly
- Lecture3.2
  
  3.2 Stay Close to Mainline for Security and Quality
- Lecture3.3
  
  3.3 Study and Understand the Project DNA
- Lecture3.4
  
  3.4 Figure Out What Itch You Want to Scratch
- Lecture3.5
  
  3.5 Identify Maintainers and Their Work Flows and Methods
- Lecture3.6
  
  3.6 Get Early Input and Work in the Open
- Lecture3.7
  
  3.7 Contribute Incremental Bits, Not Large Code Dumps
- Lecture3.8
  
  3.8 Leave Your Ego at the Door: Don’t Be Thin-Skinned
- Lecture3.9
  
  3.9 Be Patient, Develop Long Term Relationships, Be Helpful
4 Kernel Features
- Lecture4.1
  
  4.1 Components of the Kernel
- Lecture4.2
  
  4.2 User-Space vs. Kernel-Space
- Lecture4.3
  
  4.3 What are System Calls?
- Lecture4.4
  
  4.4 Available System Calls
- Lecture4.5
  
  4.5 Scheduling Algorithms and Task Structures
- Lecture4.6
  
  4.6 Process Context
- Lecture4.7
  
  4.7 Labs
5 Monitoring and Debugging
- Lecture5.1
  
  5.1 Debuginfo Packages
- Lecture5.2
  
  5.2 Tracing and Profiling
- Lecture5.3
  
  5.3 sysctl
- Lecture5.4
  
  5.4 SysRq Key
- Lecture5.5
  
  5.5 oops Messages
- Lecture5.6
  
  5.6 Kernel Debuggers
- Lecture5.7
  
  5.7 debugfs
- Lecture5.8
  
  5.8 Labs
6 Printk
- Lecture6.1
  
  6.1 Debugging with printk
- Lecture6.2
  
  6.2 Format Specifiers in printk
- Lecture6.3
  
  6.3 no hash pointers Command Line Option
- Lecture6.4
  
  6.4 Using early printk
- Lecture6.5
  
  6.5 Labs
7 The proc Filesystem
- Lecture7.1
  
  7.1 What is the proc Filesystem?
- Lecture7.2
  
  7.2 Creating and Removing Entries
- Lecture7.3
  
  7.3 Reading and Writing Entries
- Lecture7.4
  
  7.4 The seq file Interface
- Lecture7.5
  
  7.5 Labs
8 kprobes
- Lecture8.1
  
  8.1 kprobes
- Lecture8.2
  
  8.2 kretprobes
- Lecture8.3
  
  8.3 SystemTap
- Lecture8.4
  
  8.4 Labs
9 Ftrace
- Lecture9.1
  
  9.1 What is ftrace?
- Lecture9.2
  
  9.2 ftrace, trace-cmd and kernelshark
- Lecture9.3
  
  9.3 Available Tracers
- Lecture9.4
  
  9.4 Using ftrace
- Lecture9.5
  
  9.5 Files in the Tracing Directory
- Lecture9.6
  
  9.6 Tracing Options
- Lecture9.7
  
  9.7 Printing with trace printk()
- Lecture9.8
  
  9.8 Trace Markers
- Lecture9.9
  
  9.9 Dumping the Buffer
- Lecture9.10
  
  9.10 trace-cmd
- Lecture9.11
  
  9.11 Labs
10 Perf
- Lecture10.1
  
  10.1 What is perf?
- Lecture10.2
  
  10.2 perf stat
- Lecture10.3
  
  10.3 perf list
- Lecture10.4
  
  10.4 perf record
- Lecture10.5
  
  10.5 perf report
- Lecture10.6
  
  10.6 perf annotate
- Lecture10.7
  
  10.7 perf top
- Lecture10.8
  
  10.8 Labs
11 eBPF
- Lecture11.1
  
  11.1 BPF
- Lecture11.2
  
  11.2 eBPF
- Lecture11.3
  
  11.3 Installation
- Lecture11.4
  
  11.4 bcc Tools
- Lecture11.5
  
  11.5 bpftrace
- Lecture11.6
  
  11.6 Labs
12 Crash
- Lecture12.1
  
  12.1 Crash
- Lecture12.2
  
  12.2 Main Commands
- Lecture12.3
  
  12.3 Labs
13 kexec
- Lecture13.1
  
  13.1 kexec
- Lecture13.2
  
  13.2 Kernel Configuration
- Lecture13.3
  
  13.3 kexec-tools
- Lecture13.4
  
  13.4 Using kexec
- Lecture13.5
  
  13.5 Labs
14 Kernel Core Dumps
- Lecture14.1
  
  14.1 Producing and Analyzing Kernel Core Dumps
- Lecture14.2
  
  14.2 Labs
15 Virtualization
- Lecture15.1
  
  15.1 What is Virtualization?
- Lecture15.2
  
  15.2 Rings of Virtualization
- Lecture15.3
  
  15.3 Hypervisors
16 QEMU
- Lecture16.1
  
  16.1 What is QEMU?
- Lecture16.2
  
  16.2 Emulated Architectures
- Lecture16.3
  
  16.3 Image Formats
- Lecture16.4
  
  16.4 Third Party Hypervisor Integration
- Lecture16.5
  
  16.5 Labs
17 Linux Kernel Debugging Tools
- Lecture17.1
  
  17.1 Linux Kernel (built-in) tools and helpers
- Lecture17.2
  
  17.2 kdb
- Lecture17.3
  
  17.3 qemu+gdb
- Lecture17.4
  
  17.4 kgdb: hardware+serial+gdb
- Lecture17.5
  
  17.5 Labs
18 Embedded Linux
- Lecture18.1
  
  18.1 Embedded and Real Time Operating Systems
- Lecture18.2
  
  18.2 Why Use Linux?
- Lecture18.3
  
  18.3 Making a Small Linux Environment
- Lecture18.4
  
  18.4 Real Time Linuxes
19 Notifiers
- Lecture19.1
  
  19.1 What are Notifiers?
- Lecture19.2
  
  19.2 Data Structures
- Lecture19.3
  
  19.3 Callbacks and Notifications
- Lecture19.4
  
  19.4 Creating Notifier Chains
- Lecture19.5
  
  19.5 Labs
20 CPU Frequency Scaling
- Lecture20.1
  
  20.1 What is Frequency and Voltage Scaling?
- Lecture20.2
  
  20.2 Notifiers
- Lecture20.3
  
  20.3 Drivers
- Lecture20.4
  
  20.4 Governors
- Lecture20.5
  
  20.5 Labs
21 Netlink Sockets
- Lecture21.1
  
  21.1 What are netlink Sockets?
- Lecture21.2
  
  21.2 Opening a netlink Socket
- Lecture21.3
  
  21.3 netlink Messages
- Lecture21.4
  
  21.4 Labs
22 Kernel Deprecated Interfaces
- Lecture22.1
  
  22.1 Why Deprecated
- Lecture22.2
  
  22.2 deprecated
- Lecture22.3
  
  22.3 BUG() and BUG ON()
- Lecture22.4
  
  22.4 Computed Sizes for kmalloc()
- Lecture22.5
  
  22.5 simple strtol() Family of Routines
- Lecture22.6
  
  22.6 strcpy(), strncpy(), strlcpy()
- Lecture22.7
  
  22.7 printk() %p Format Specifier
- Lecture22.8
  
  22.8 Variable Length Arrays
- Lecture22.9
  
  22.9 Switch Case Fall-Through
- Lecture22.10
  
  22.10 Zero-Length and One-Element Arrays in Structs
23 Introduction to Linux Kernel Security
- Lecture23.1
  
  23.1 Linux Kernel Security Basics
- Lecture23.2
  
  23.2 Discretionary Access Control (DAC)
- Lecture23.3
  
  23.3 POSIX ACLs
- Lecture23.4
  
  23.4 POSIX Capabilities
- Lecture23.5
  
  23.5 Namespaces
- Lecture23.6
  
  23.6 Linux Security Modules (LSM)
- Lecture23.7
  
  23.7 Netfilter
- Lecture23.8
  
  23.8 Cryptographic Methods
- Lecture23.9
  
  23.9 The Kernel Self Protection Project
24 Linux Security Modules (LSM)
- Lecture24.1
  
  24.1 What are Linux Security Modules?
- Lecture24.2
  
  24.2 LSM Basics
- Lecture24.3
  
  24.3 LSM Choices
- Lecture24.4
  
  24.4 How LSM Works
- Lecture24.5
  
  24.5 An LSM Example: Tomoyo
25 SELinux
- Lecture25.1
  
  25.1 SELinux
- Lecture25.2
  
  25.2 SELinux Overview
- Lecture25.3
  
  25.3 SELinux Modes
- Lecture25.4
  
  25.4 SELinux Policies
- Lecture25.5
  
  25.5 Context Utilities
- Lecture25.6
  
  25.6 SELinux and Standard Command Line Tools
- Lecture25.7
  
  25.7 SELinux Context Inheritance and Preservation
- Lecture25.8
  
  25.8 restorecon
- Lecture25.9
  
  25.9 semanage fcontext
- Lecture25.10
  
  25.10 Using SELinux Booleans
- Lecture25.11
  
  25.11 getsebool and setsebool
- Lecture25.12
  
  25.12 Troubleshooting Tools
- Lecture25.13
  
  25.13 Labs
26 AppArmor
- Lecture26.1
  
  26.1 What is AppArmor?
- Lecture26.2
  
  26.2 Checking Status
- Lecture26.3
  
  26.3 Modes and Profiles
- Lecture26.4
  
  26.4 Profiles
- Lecture26.5
  
  26.5 Utilities
27 Netfilter
- Lecture27.1
  
  27.1 What is netfilter?
- Lecture27.2
  
  27.2 Netfilter Hooks
- Lecture27.3
  
  27.3 Netfilter Implementation
- Lecture27.4
  
  27.4 Hooking into Netfilter
- Lecture27.5
  
  27.5 Iptables
- Lecture27.6
  
  27.6 Labs
28 The Virtual File System
- Lecture28.1
  
  28.1 What is the Virtual File System?
- Lecture28.2
  
  28.2 Available Filesystems
- Lecture28.3
  
  28.3 Special Filesystems
- Lecture28.4
  
  28.4 The tmpfs Filesystem
- Lecture28.5
  
  28.5 The ext2/ext3 Filesystem
- Lecture28.6
  
  28.6 The ext4 Filesystem
- Lecture28.7
  
  28.7 The btrfs Filesystem
- Lecture28.8
  
  28.8 Common File Model
- Lecture28.9
  
  28.9 VFS System Calls
- Lecture28.10
  
  28.10 Files and Processes
- Lecture28.11
  
  28.11 Mounting Filesystems
29 Filesystems in User-Space (FUSE)
- Lecture29.1
  
  29.1 What is FUSE?
- Lecture29.2
  
  29.2 Writing a Filesystem
- Lecture29.3
  
  29.3 Labs
30 Journaling Filesystems
- Lecture30.1
  
  30.1 What are Journaling Filesystems?
- Lecture30.2
  
  30.2 Available Journaling Filesystems
- Lecture30.3
  
  30.3 Contrasting Features
- Lecture30.4
  
  30.4 Labs
31 Closing and Evaluation Survey
- Lecture31.1
  
  31.1 Evaluation Survey

Target audiences

This course is for experienced developers who need to understand the methods and internal infrastructure of the Linux kernel.

Instructors

IT-Training.pro

Vladimir Simeonov

Microsoft Certified Trainer, Amazon Authorized Instructor, LPI Authorized Trainer, Cisco, VMware, Juniper -- I've been Teaching Linux, Microsoft, Cloud and Networking Classes over more than 10 years. I've trained more than 4000 people in person from all around the world - US, UK, Ireland, Belgium, France, Italy, Spain, Nederlands, Germany, Sweden, Poland, Dubai, Sri Lanka, Ukraine, Bulgaria and many more. I've delivered courses at UN, NATO, US Army. I've trained delegates from most of the fortune 1000 companies. I have more than 80 technical certifications and I've been working with all the pleada of technologies and vendors. -- It will be honor for me to see you in my class.

Reviews

0 rating

5 stars

4 stars

3 stars

2 stars

1 star

IT-Training.pro

LFS300 – Linux Foundation – Fundamentals of Linux

€ 1200,00

0 Students

IT-Training.pro

Certified Kubernetes Security Specialist (CKS)

€ 450,00

0 Students

IT-Training.pro

LFS460 – Kubernetes Security Fundamentals

€ 1400,00

0 Students

LFD440 – Linux Kernel Debugging and Security (BG)

Course: LFD440 Linux Kernel Debugging and Security

За Курса (About this Course):

Цели – Какво ще научите (Course Goals/Skills):

Курсът е предназначен за (Audience):

Формат на курса

Присъствен Формат – Учебна Зала или Вашия Офис. Учебната зала е оборудвана с компютър за всеки участник.

Online Формат – Участвайте виртуално в обучението чрез телеконферентна връзка.

Език на курса (Course Language Option)

Продължителност (Course Duration):

4 работни дни (09:00 – 17:00)

Плащане (Payments):

Предстоящи Курсове (Next Class):

Предпоставки (Изисквания) за Участие (Prerequisites):

Курсът подготвя за следните сертификационни нива

Course Curriculum

1 Introduction

2 Preliminaries

3 How to Work in OSS Projects

4 Kernel Features

5 Monitoring and Debugging

6 Printk

7 The proc Filesystem

8 kprobes

9 Ftrace

10 Perf

11 eBPF

12 Crash

13 kexec

14 Kernel Core Dumps

15 Virtualization

16 QEMU

17 Linux Kernel Debugging Tools

18 Embedded Linux

19 Notifiers

20 CPU Frequency Scaling

21 Netlink Sockets

22 Kernel Deprecated Interfaces

23 Introduction to Linux Kernel Security

24 Linux Security Modules (LSM)

25 SELinux

26 AppArmor

27 Netfilter

28 The Virtual File System

29 Filesystems in User-Space (FUSE)

30 Journaling Filesystems

31 Closing and Evaluation Survey

Target audiences

Instructors

Reviews

Related Courses

Курсът Включва

New Customer

Returning Customer

Modal title