Linux Kernel Debugging and Security (LFD440)


Course Overview

Learn the methods and internal infrastructure of the Linux kernel. This course focuses on the important tools used for debugging and monitoring the kernel, and how security features are implemented and controlled.

Who should attend

This course is for those interested in learning how to write Linux kernel code and understand security aspects of the Linux kernel.


Knowledge of basic kernel interfaces and methods such as how to write, compile, load and unload modules, use synchronization primitives, and the basics of memory allocation and management, such as is provided by Linux Kernel Internals and Development (LFD420).

Course Content

  • Introduction
  • Preliminaries
  • Kernel Features
  • Monitoring and Debugging
  • The proc Filesystem **
  • kprobes
  • Ftrace
  • Perf
  • Crash
  • Kernel Core Dumps
  • Virtualization**
  • QEMU
  • Linux Kernel Debugging Tools
  • Embedded Linux**
  • Notifiers**
  • CPU Frequency Scaling**
  • Netlink Sockets**
  • Introduction to Linux Kernel Security
  • Linux Security Modules (LSM)
  • SELinux
  • AppArmor
  • Netfilter
  • The Virtual File System
  • Flash Memory Filesystems
  • Filesystems in User-Space (FUSE)**
  • Journaling Filesystems**

** These sections may be considered in part or in whole as optional. They contain either background reference material, specialized topics, or advanced subjects. The instructor may choose to cover or not cover them depending on classroom experience and time constraints.

Classroom Training

Duration 4 days

Click on town name to book Schedule
Middle East
25/11/2019 - 28/11/2019 Düsseldorf
16/12/2019 - 19/12/2019 Berlin
13/01/2020 - 16/01/2020 Munich
03/02/2020 - 06/02/2020 Münster
02/03/2020 - 05/03/2020 Hamburg
30/03/2020 - 02/04/2020 Düsseldorf
04/05/2020 - 07/05/2020 Berlin
25/05/2020 - 28/05/2020 Stuttgart
16/12/2019 - 19/12/2019 Vienna (iTLS)