Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Combining kTLS and BPF for Introspection and Policy Enforcement

Linux Plumbers Conference via YouTube

Start learning Write review
DataCamp Ad

AI Engineer - Learn how to integrate AI into software applications

Learn More → Corporate Finance Institute Ad

Finance Certifications Goldman Sachs & Amazon Teams Trust

Learn More →

Overview

Google, IBM & Meta Certificates — All 10,000+ Courses at 40% Off
One annual plan covers every course and certificate on Coursera. 40% off for a limited time.
Get Full Access
Explore a technical talk from the Linux Plumbers Conference that delves into combining kernel TLS (kTLS) and Berkeley Packet Filter (BPF) for introspection and policy enforcement. Learn about the current kernel's sockmap BPF architecture for L7 policy enforcement, as well as the ULP and strparser framework used for socket callbacks and message boundary determination. Discover the challenges faced when integrating kTLS with BPF to enable in-kernel introspection and policy enforcement of application data before encryption. Gain insights into various approaches to address ULP layer shortcomings, optimizations for strparser, and the consolidation of scatter/gather processing for kTLS and sockmap. Understand the potential future developments in this area of kernel networking and security.

Syllabus

LPC2018 - Combining kTLS and BPF for Introspection and Policy Enforcement

Taught by

Linux Plumbers Conference

Reviews

Start your review of Combining kTLS and BPF for Introspection and Policy Enforcement

Start learning

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.