2019 | Kernel Recipe Archives

Analyzing changes to the binary interface exposed by the Kernel to its modules

Operating system distributors often face challenges that are somewhat different from that of upstream kernel developers. For instance, some kernel updates often need to stay at least binary compatible with modules that might be “out of tree” for some time. In that...

Suricata and XDP

Suricata is a network threat detection engine using network packets capture to reconstruct the traffic till the application layer and find threats on the network using rules that define behavior to detect. This task is really CPU intensive and discarding non...

BPF at Facebook

This talk will provide several examples of how Facebook engineers use BPF to scale the networking, prevent denial of service, secure containers, analyze performance. It’s suitable for BPF newbies and...

The Next Steps toward Software Freedom for Linux

Linux is likely the most important software project ever undertaken; it is essential to the future of freedom for users and developers alike. Many in our community believe that Linux’s continued success and certainty of collaborative shared development depends on its...

CVEs are dead long live the CVE!

For the Linux kernel, CVEs do not work at all given the rate of fixes being applied and rapidly backported and pushed to users through a huge variety of different ways. The average “request to fix” date for Linux CVEs is -100 days, showing that either no one cares...

Analyzing changes to the binary interface exposed by the Kernel to its modules

Suricata and XDP

BPF at Facebook

The Next Steps toward Software Freedom for Linux

CVEs are dead long live the CVE!

Recent Posts

Recent Comments

Archives

Categories