Home > Speakers >

Vandana Salve

Vandana Salve has been working with Linux and embedded systems for more than 18 years. She is a Linux open source professional, Linux trainer at Linux foundations and founder of Prasme Systems, where she does product development and gives trainings in Linux systems software, device drivers, kernel programming, FreeRTOS and embedded systems. She is linux kernel experts and has broad exposure to various Linux kernel subsystems including board bring-ups, embedded device driver development, networking, memory/DMA management and kernel security.

Linux Kernel Security - Inside the Linux Security Modules (LSMs)

The Linux Security Module (LSM) framework provides a mechanism for various security checks to be hooked by new kernel extensions.

The primary users of the LSM interface are Mandatory Access Control (MAC) extensions which provide a comprehensive security policy. Examples include SELinux, Smack, Tomoyo, and AppArmor. In addition to the larger MAC extensions, other extensions can be built using the LSM to provide specific changes to system operation when these tweaks are not available in the core functionality of Linux itself.

The topic deep dives into the

  • Understanding LSMs,
  • Types of LSMs,
  • Architecture of LSM,
  • The various hooks and the functionality provided by these hooks

Go to Session