Secure the Linux Kernel with eBPF Linux Security Module

Explore the powerful capabilities of eBPF Linux Security Module in this 38-minute conference talk by Vandana Salve, an Independent Consultant. Dive into the world of Linux security modules (LSM) and discover how the hook-based framework implements security policies and Mandatory Access Control in the Linux kernel. Learn about the evolution of security policy implementation, from configuring existing modules like AppArmor or SELinux to writing custom kernel modules. Understand the game-changing potential of LSM-BPF, which enables developers to create granular policies without configuration or loading kernel modules. Examine the process of BPF LSM program verification and execution within LSM hooks. Gain insights into identifying and leveraging BPF LSM security hooks for implementing MAC or DAC policies in the Linux kernel, enhancing your ability to secure Linux systems effectively.