Course: LFD440 Linux Kernel Debugging and Security
About this Course:
-
- This instructor-led course focuses on the important tools used for debugging and monitoring the kernel, and how security features are implemented and controlled.
Course Goals/Skills:
- This four day course includes extensive hands-on exercises and demonstrations designed to give you the necessary tools to develop and debug Linux kernel code.
- Introduction
Preliminaries
How to Work in OSS Projects **
Kernel Features
Monitoring and Debugging
Printk
The proc Filesystem **
kprobes
Ftrace
Perf
eBPF
Crash
kexec
Kernel Core Dumps
Virtualization**
QEMU
Linux Kernel Debugging Tools
Embedded Linux**
Notifiers**
CPU Frequency Scaling**
Netlink Sockets**
Kernel Deprecated Interfaces
Introduction to Linux Kernel Security
Linux Security Modules (LSM)
SELinux
AppArmor
Netfilter
The Virtual File System
Filesystems in User-Space (FUSE)**
Journaling Filesystems**
Closing and Evaluation Survey
Kernel Architecture I
Kernel Programming Preview
Modules
Kernel Architecture II
Kernel Configuration and Compilation
Kernel Style and General Considerations
Race Conditions and Synchronization Methods
Memory Addressing
Memory Allocation
Audience:
- This course is for experienced developers who need to understand the methods and internal infrastructure of the Linux kernel.
Course Format:
Присъствен (Classroom) Курс в Учебната ни зала или В Офис на Клиент | Онлайн (Online/Virtual) Курс във виртуална зала с инструктор |
Course Language Option
Български (Bulgarian) | Английски (English) |
You can choose the language in which the training will be conducted – Bulgarian or English. All our instructors are fluent in English.
Student Guides:
The training materials are available in electronic format. They can be used online / offline on any device. Lifetime access.
Lab Environment:
Each student has their own lab environment where the exercises are conducted, part of the course. You do not need to install software on a computer or special hardware requirements.
Participants in a face-to-face format in our Training Center have an individual computer during the training.
At Course Completion:
Lifetime Access - Video Archive 24/7 | Certificate of Course Completion |
Lifetime access to a video archive with recording of each individual lecture.
Official internationally recognized certificate for completed training course.
Course Duration:
- 4 working days (09:00 – 17:00)
or - 32 hours training (theory and practice) in non-working hours lasting 4 weeks
Saturday and Sunday 10:00 – 14:00, 14:00 – 18:00, 18:00 – 22:00
Monday and Wednesday 19:00 – 23:00
Tuesday and Thursday 19:00 – 23:00
Payments:
An application for an invoice is accepted at the time of enrollment in the respective course.
An invoice is issued within 7 days of confirming the payment.
Next Class:
For more information, use the contact format. We will contact you to confirm the data.
Prerequisites:
-
- To make the most of this course, you should:
- Be proficient in the C programming language.
- Be familiar with basic Linux (UNIX) utilities such as ls, grep and tar.
- Be comfortable using any of the available text editors (e.g. emacs, vi, etc.).
- Experience with any major Linux distribution is helpful but not strictly required.
- Have experience equivalent to having taken LFD420: Linux Kernel Internals and Development.
Pre-class preparation material will be provided before class.
- To make the most of this course, you should:
This Class will teach you how to pass the following exams:
Course Curriculum
-
1 Introduction
-
2 Preliminaries
-
3 How to Work in OSS Projects
- 3.1 Overview on How to Contribute Properly
- 3.2 Stay Close to Mainline for Security and Quality
- 3.3 Study and Understand the Project DNA
- 3.4 Figure Out What Itch You Want to Scratch
- 3.5 Identify Maintainers and Their Work Flows and Methods
- 3.6 Get Early Input and Work in the Open
- 3.7 Contribute Incremental Bits, Not Large Code Dumps
- 3.8 Leave Your Ego at the Door: Don’t Be Thin-Skinned
- 3.9 Be Patient, Develop Long Term Relationships, Be Helpful
-
4 Kernel Features
-
5 Monitoring and Debugging
-
6 Printk
-
7 The proc Filesystem
-
8 kprobes
-
9 Ftrace
-
10 Perf
-
11 eBPF
-
12 Crash
-
13 kexec
-
14 Kernel Core Dumps
-
15 Virtualization
-
16 QEMU
-
17 Linux Kernel Debugging Tools
-
18 Embedded Linux*
-
19 Notifiers
-
20 CPU Frequency Scaling
-
21 Netlink Sockets
-
22 Kernel Deprecated Interfaces
- 22.1 Why Deprecated
- 22.2 deprecated
- 22.3 BUG() and BUG ON()
- 22.4 Computed Sizes for kmalloc()
- 22.5 simple strtol() Family of Routines
- 22.6 strcpy(), strncpy(), strlcpy()
- 22.7 printk() %p Format Specifier
- 22.8 Variable Length Arrays
- 22.9 Switch Case Fall-Through
- 22.10 Zero-Length and One-Element Arrays in Structs
-
23 Introduction to Linux Kernel Security
-
24 Linux Security Modules (LSM)
-
25 SELinux
- 25.1 SELinux
- 25.2 SELinux Overview
- 25.3 SELinux Modes
- 25.4 SELinux Policies
- 25.5 Context Utilities
- 25.6 SELinux and Standard Command Line Tools
- 25.7 SELinux Context Inheritance and Preservation
- 25.8 restorecon
- 25.9 semanage fcontext
- 25.10 Using SELinux Booleans
- 25.11 getsebool and setsebool
- 25.12 Troubleshooting Tools
- 25.13 Labs
-
26 AppArmor
-
27 Netfilter
-
28 The Virtual File System
-
29 Filesystems in User-Space (FUSE)
-
30 Journaling Filesystems
-
31 Closing and Evaluation Survey
Target audiences
- This course is for experienced developers who need to understand the methods and internal infrastructure of the Linux kernel.