• Classroom
  • Online, Instructor-Led

Linux Kernel Internals covers the internals of the Linux kernel and kernel module development with emphasis on security. The course covers the internal algorithms, data structures, programming interfaces, relevant parts of the latest Linux kernel source code and real world use cases to provide a holistic view of the topics.

Attendees learn about the basics of the Linux kernel, kernel development toolchain, kernel module development, kernel execution contexts, memory management, user-kernel interfaces, device drivers, virtual file system interface, kernel synchronization mechanisms and kernel debugging.
In the hands-on labs attendees use built-in tools to peek into the kernel and use kernel programming interfaces to implement various functionality as loadable kernel modules (LKM). Attendees build, deploy, test and debug these LKMs on the latest 64-bit Linux kernel.

Learning Objectives

  • Describe the different components of the Linux kernel.
  • Develop, build, test and debug Linux kernel modules.
  • Implement security related functionality in kernel modules.
  • Identify the kernel programming interfaces to solve a given development task.
  • Retrieve information from the kernel using various commands.
  • Examine crash dumps and identify the cause of the crash.
  • Build the foundation to attend the Linux Kernel Exploitation and Rootkit training (LKXR).

Framework Connections

The materials within this course focus on the NICE Framework Task, Knowledge, and Skill statements identified within the indicated NICE Framework component(s):