Using Seccomp to Limit the Kernel Attack Surface

Using Seccomp to Limit the Kernel Attack Surface

Linux Foundation via YouTube Direct link

Filter Program Structure

21 of 31

21 of 31

Filter Program Structure

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

Using Seccomp to Limit the Kernel Attack Surface

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Introduction
  2. 2 History of Seccomp
  3. 3 Seccomp Filtering
  4. 4 Seccomp Filtering History
  5. 5 How Seccomp Works
  6. 6 Berkeley Packet Filter
  7. 7 BPF Virtual Machine
  8. 8 Conditional Jump Instructions
  9. 9 Relative Offsets
  10. 10 The Kernel
  11. 11 System Call Data
  12. 12 Example Load Instruction
  13. 13 Example Conditional Jump
  14. 14 Example Return Statement
  15. 15 Architecture Field
  16. 16 Answer the Filter
  17. 17 Kill the Process
  18. 18 Attacker
  19. 19 Unprivileged User
  20. 20 Example Program
  21. 21 Filter Program Structure
  22. 22 Running the Program
  23. 23 BPA Filter Example
  24. 24 A Word of Warning
  25. 25 LibSetComp
  26. 26 Multiple filters
  27. 27 Two microphones
  28. 28 Contacts
  29. 29 SOC Camera
  30. 30 SOC Glossary
  31. 31 Seccomp Camera

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.