Linux Security Summit North America 2019: Kernel Runtime Security Instrumentation...

Kernel Runtime Security Instrumentation - KP Singh, Google

Kernel Runtime Security Instrumentation (KRSI) [1] aims to provide an extensible Linux Security Module (LSM) by allowing userspace programs and system owners to attach eBPF (extended Berkeley Packet Filter) programs to security hooks. This makes the LSM framework extensible without needing to rebuild/re-write and enables a new class of security and auditing software.

The talk discusses the need for such an LSM (with representative use cases) and compares it to some existing alternatives, such as Landlock, a separate custom LSM, kprobes+eBPF etc. The second half of the talk outlines the proposed design and interfaces, and includes a live demo.

[1] https://github.com/sinkap/linux-krsi

Speakers

KP Singh

Senior Software Engineer, Google

KP Singh is a Senior Software Engineer with Google based in Zürich and is the Tech Lead for a project to improve the Security features in the Linux Kernel. Prior to working at Google he has worked with ARM on Linux Kernel Projects like Energy Aware Scheduling [1] and Intelligent... Read More →

Monday August 19, 2019 11:35am - 12:15pm
Sapphire D

Refereed Presentation

Feedback form isn't open yet.

Linux Security Summit North America 2019

KP Singh

Attendees (1)

Recently Active Attendees

Linux Security Summit North America 2019

Sign up or log in to save this to your schedule and see who's attending!

KP Singh

Attendees (1)

Recently Active Attendees