With this second excerpt, Abbott discusses kernel modules and device drivers in Part 1, Part 2, Part 3, Part 4, Part 5 and Part 6. In this final installment of the excerpt, Abbott continues this ...

This approach would allow different security models to work without modifying the main kernel code. Out of this discussion grew the Linux Security Module Project (LSM). A number of developers worked ...

The kernel, however, including modules, has no such restriction. That can make debugging modules tricky because you can easily bring the system to its knees.

When you program in the kernel, there is no operating system to step in and safely stop your code from running and tell you that you have a problem. The Linux kernel is pretty nice to its own code.

What superpowers? eBPF gives you the power to run programs in the Linux kernel without changing the kernel source code or adding additional modules. In effect, it acts as a lightweight (VM) inside ...

The Linux kernel is a monolithic kernel. It’s mainly one large program, but it closely interacts with other, distinct, programs such as drivers and kernel modules.

Members of the open source community are working on a new security-focused project for the Linux kernel. Named Linux Kernel Runtime Guard (LKRG), this is a loadable kernel module that will perform ...