TelecomValley, profile picture
Uploaded byTelecomValley
PDF, PPTX537 views

Linux kernel vs user space - Hervé Nicol (GFI)

This document discusses the Linux kernel vs user space and provides examples of BPF and FUSE. It begins by explaining that the kernel manages hardware resources like the CPU, memory, storage and devices, while libraries and applications run in user space. It then discusses system calls as the interface between applications and the kernel, and how BPF and FUSE allow user space programs to interact with the kernel. It also briefly mentions some related projects like Gvisor and Cilium that use BPF.

Embed presentation

Download as PDF, PPTX
Linux: kernel vs user space BPF and FUSE as examples Hervé Nicol - GFI @hervenicol
What is an OS kernel? HWCPU(s) RAM Storage Devices Whatever Kernel Libs Apps 2 SW
Linux syscalls http://man7.org/linux/man-pages/man2/syscalls.2.html “The system call is the fundamental interface between an application and the Linux kernel.” ● 123 in kernel 1.0 ● 400+ in kernel 4.11
What can I do with syscalls? ● You don’t need to know it to code or use linux ● You may use it for perf analysis and debug (strace, perf, trace, sysdig) ○ See http://www.brendangregg.com/linuxperf.html ● You can filter them with seccomp (ie in containers) ○ Docker filters: https://docs.docker.com/engine/security/seccomp/ ○ https://blog.yadutaf.fr/2014/05/29/introduction-to-seccomp-bpf-linux-s yscall-filter/
Managed by the kernel ● CPU and memory = allocations, storage, OOM… ● Storage = block devices, volumes, filesystems… ● Devices = video, sound, usb, network… HWCPU(s) RAM Storage Devices Whatever Kernel Libs Apps SW
Introducing FUSE ● File System in Userspace https://en.wikipedia.org/wiki/Filesystem_in_Userspace ○ Sshfs ○ Ntfs ○ gmailfs
Prototype use case When eBPF meets FUSE - Improving performance of user file systems https://events.linuxfoundation.org/wp-content/uploads/2017/11/When-eBPF-Meets-FUSE-Improving-Performance-of-User-File-Sys tems-Ashish-Bijlani-Georgia-Tech.pdf
Other interesting projects ● Gvisor - https://github.com/google/gvisor “Userland kernel” ● Cilium - https://cilium.io/ “Bringing the BPF Revolution to Kubernetes Networking and Security” ● Brendan Gregg’s blog - http://www.brendangregg.com/ebpf.html Linux Performance at Netflix

More Related Content

PDF
Ubuntu 16.04 LTS Security Features
byDustin Kirkland
 
PDF
Linux Containers From Scratch
byjoshuasoundcloud
 
PDF
redis-benchmark with AMD RYZEN 1800X Intel Kaby Lake (i7-7700K) memo
byNaoto MATSUMOTO
 
PPTX
Linux 开源操作系统发展新趋势
byAnthony Wong
 
ODP
LSA2 - 02 Namespaces
byMarian Marinov
 
PDF
Low fat virtualization for embedded systems
byJacques Supcik
 
DOCX
What is open source
byKumar
 
PDF
Anıl kurmuş pacsec3
byPacSecJP
 
Ubuntu 16.04 LTS Security Features
byDustin Kirkland
 
Linux Containers From Scratch
byjoshuasoundcloud
 
redis-benchmark with AMD RYZEN 1800X Intel Kaby Lake (i7-7700K) memo
byNaoto MATSUMOTO
 
Linux 开源操作系统发展新趋势
byAnthony Wong
 
LSA2 - 02 Namespaces
byMarian Marinov
 
Low fat virtualization for embedded systems
byJacques Supcik
 
What is open source
byKumar
 
Anıl kurmuş pacsec3
byPacSecJP
 

What's hot

PDF
[ArabBSD] Unix Basics
byMohammed Farrag
 
ODP
Moscow virtualization meetup 2014: CRIU 1.0 What is next?
byAndrey Vagin
 
PDF
NetBSD workshop
byJun Ebihara
 
PDF
3 manual installation of open vpn
byAshwajit Maske
 
PDF
My First F-Stack
byNaoto MATSUMOTO
 
ODP
BlankOn Server - Lesson Learned
byAndika Triwidada
 
PDF
pkgsrc 2010 - the record of the past year
byAkio OBATA
 
PPTX
Windows 7 installation ppt
byNagarajan Kamalakannan
 
PPTX
Linux Opearating System
byAshvini Jangid
 
PPTX
Flex pod driven by Openstack
byMarton Kiss
 
PDF
Modern Linux Desktop Stack
byRex Tsai
 
PDF
Ha opensuse
byKenny (netman)
 
PDF
UP Board AI Core Configuration memo
byNaoto MATSUMOTO
 
ODP
testing-nfs
byguest4e525f
 
PDF
OSS AWS 핸즈온 강의
byJuhong Jung
 
PDF
Kernel Recipes 2013 - Crosstool-NG, a cross-toolchain generator
byAnne Nicolas
 
PDF
My First AMD EPYC 7251 memo
byNaoto MATSUMOTO
 
PDF
Docker on Windows
byCarl Su
 
PDF
My First BCC
byNaoto MATSUMOTO
 
DOCX
Recent projects
byStan Schekall
 
[ArabBSD] Unix Basics
byMohammed Farrag
 
Moscow virtualization meetup 2014: CRIU 1.0 What is next?
byAndrey Vagin
 
NetBSD workshop
byJun Ebihara
 
3 manual installation of open vpn
byAshwajit Maske
 
My First F-Stack
byNaoto MATSUMOTO
 
BlankOn Server - Lesson Learned
byAndika Triwidada
 
pkgsrc 2010 - the record of the past year
byAkio OBATA
 
Windows 7 installation ppt
byNagarajan Kamalakannan
 
Linux Opearating System
byAshvini Jangid
 
Flex pod driven by Openstack
byMarton Kiss
 
Modern Linux Desktop Stack
byRex Tsai
 
Ha opensuse
byKenny (netman)
 
UP Board AI Core Configuration memo
byNaoto MATSUMOTO
 
testing-nfs
byguest4e525f
 
OSS AWS 핸즈온 강의
byJuhong Jung
 
Kernel Recipes 2013 - Crosstool-NG, a cross-toolchain generator
byAnne Nicolas
 
My First AMD EPYC 7251 memo
byNaoto MATSUMOTO
 
Docker on Windows
byCarl Su
 
My First BCC
byNaoto MATSUMOTO
 
Recent projects
byStan Schekall
 

Similar to Linux kernel vs user space - Hervé Nicol (GFI)

PPT
Basic Linux Internals
bymukul bhardwaj
 
PPTX
Linux kernel debugging
byHao-Ran Liu
 
PDF
Fun with FUSE
byKernel TLV
 
PDF
Kernel bug hunting
byAndrea Righi
 
PPSX
linux kernel overview 2013
byRohit Pratap Singh
 
PDF
Part 04 Creating a System Call in Linux
byTushar B Kute
 
PDF
An Introduction to User Space Filesystem Development
byMatt Turner
 
PDF
eBPF - Rethinking the Linux Kernel
byThomas Graf
 
PPTX
Linux kernel system call
byRamin Farajpour Cami
 
PDF
FUSE and beyond: bridging filesystems slides by Emmanuel Dreyfus
byeurobsdcon
 
PDF
FUSE and beyond: bridging filesystems paper by Emmanuel Dreyfus
byeurobsdcon
 
PDF
Linux kernel bug hunting
byAndrea Righi
 
PDF
FUSE (Filesystem in Userspace) on OpenSolaris
byelliando dias
 
PDF
Fuse'ing python for rapid development of storage efficient
byVishal Kanaujia
 
PPTX
First steps on CentOs7
byMarc Cortinas Val
 
PDF
BPF & Cilium - Turning Linux into a Microservices-aware Operating System
byThomas Graf
 
PDF
Operating Systems 1 (5/12) - Architectures (Unix)
byPeter Tröger
 
PDF
Деградация производительности при использовании FUSE
byAnatol Alizar
 
ODP
guadec_rlove_fuse_2006
bywebuploader
 
PDF
Lcj pg sql-lt-kaigai
byKohei KaiGai
 
Basic Linux Internals
bymukul bhardwaj
 
Linux kernel debugging
byHao-Ran Liu
 
Fun with FUSE
byKernel TLV
 
Kernel bug hunting
byAndrea Righi
 
linux kernel overview 2013
byRohit Pratap Singh
 
Part 04 Creating a System Call in Linux
byTushar B Kute
 
An Introduction to User Space Filesystem Development
byMatt Turner
 
eBPF - Rethinking the Linux Kernel
byThomas Graf
 
Linux kernel system call
byRamin Farajpour Cami
 
FUSE and beyond: bridging filesystems slides by Emmanuel Dreyfus
byeurobsdcon
 
FUSE and beyond: bridging filesystems paper by Emmanuel Dreyfus
byeurobsdcon
 
Linux kernel bug hunting
byAndrea Righi
 
FUSE (Filesystem in Userspace) on OpenSolaris
byelliando dias
 
Fuse'ing python for rapid development of storage efficient
byVishal Kanaujia
 
First steps on CentOs7
byMarc Cortinas Val
 
BPF & Cilium - Turning Linux into a Microservices-aware Operating System
byThomas Graf
 
Operating Systems 1 (5/12) - Architectures (Unix)
byPeter Tröger
 
Деградация производительности при использовании FUSE
byAnatol Alizar
 
guadec_rlove_fuse_2006
bywebuploader
 
Lcj pg sql-lt-kaigai
byKohei KaiGai
 

More from TelecomValley

PDF
2019 - NOURI - ALL4TEST- Le BDD pour decouvrir et specifier les besoins metie...
byTelecomValley
 
PDF
Rapport d'activité SoFAB 2019
byTelecomValley
 
PDF
Rapport d'activité SoFAB 2022
byTelecomValley
 
PDF
Présentation Team France Export régionale - 29/11/19
byTelecomValley
 
PDF
Rapport d'activité 2022
byTelecomValley
 
PDF
Livre blanc "Les métamorphoses de l'entreprise face à l'imprévu - Tome 1 : la...
byTelecomValley
 
PDF
Rapport d'activité Telecom Valley 2020
byTelecomValley
 
PDF
A la poursuite du bug perdu - 2019 - THEAULT - DI GIORGIO - ACPQUALIFE
byTelecomValley
 
PPSX
Et si mon test était la spécification de mon application ? - JACOB - iWE - So...
byTelecomValley
 
PDF
2019 - HAGE CHAHINE - ALTRAN - Presentation-DecouverteMondeAgile_V1.1
byTelecomValley
 
PDF
Rapport d'activité SoFAB 2020
byTelecomValley
 
PDF
Revue de presse Telecom Valley - Décembre 2019
byTelecomValley
 
PDF
Tester c'est bien, monitorer c'est mieux - 2019 - KISSI - Soirée du Test Logi...
byTelecomValley
 
PDF
Revue de presse Telecom Valley - Octobre 2019
byTelecomValley
 
PDF
Revue de presse Telecom Valley - Février 2020
byTelecomValley
 
PDF
Revue de presse Telecom Valley - Novembre 2019
byTelecomValley
 
PDF
Rapport d'activité 2021 - Telecom Valley
byTelecomValley
 
PDF
Rapport d'activité Telecom Valley 2019
byTelecomValley
 
PDF
Revue de presse Telecom Valley - Septembre 2019
byTelecomValley
 
PDF
Revue de presse Telecom Valley - Janvier 2020
byTelecomValley
 
2019 - NOURI - ALL4TEST- Le BDD pour decouvrir et specifier les besoins metie...
byTelecomValley
 
Rapport d'activité SoFAB 2019
byTelecomValley
 
Rapport d'activité SoFAB 2022
byTelecomValley
 
Présentation Team France Export régionale - 29/11/19
byTelecomValley
 
Rapport d'activité 2022
byTelecomValley
 
Livre blanc "Les métamorphoses de l'entreprise face à l'imprévu - Tome 1 : la...
byTelecomValley
 
Rapport d'activité Telecom Valley 2020
byTelecomValley
 
A la poursuite du bug perdu - 2019 - THEAULT - DI GIORGIO - ACPQUALIFE
byTelecomValley
 
Et si mon test était la spécification de mon application ? - JACOB - iWE - So...
byTelecomValley
 
2019 - HAGE CHAHINE - ALTRAN - Presentation-DecouverteMondeAgile_V1.1
byTelecomValley
 
Rapport d'activité SoFAB 2020
byTelecomValley
 
Revue de presse Telecom Valley - Décembre 2019
byTelecomValley
 
Tester c'est bien, monitorer c'est mieux - 2019 - KISSI - Soirée du Test Logi...
byTelecomValley
 
Revue de presse Telecom Valley - Octobre 2019
byTelecomValley
 
Revue de presse Telecom Valley - Février 2020
byTelecomValley
 
Revue de presse Telecom Valley - Novembre 2019
byTelecomValley
 
Rapport d'activité 2021 - Telecom Valley
byTelecomValley
 
Rapport d'activité Telecom Valley 2019
byTelecomValley
 
Revue de presse Telecom Valley - Septembre 2019
byTelecomValley
 
Revue de presse Telecom Valley - Janvier 2020
byTelecomValley
 

Recently uploaded

PDF
Data Virtualization in Action: Scaling APIs and Apps with FME
bySafe Software
 
DOCX
iRobot Post‑Mortem and Alternative Paths - Discussion Document for Boards and...
byDave Litwiller
 
PPTX
Conversational Agents – Building Intelligent Assistants [Virtual Hands-on Wor...
byUiPathCommunity
 
PPTX
Coded Agents – with UiPath SDK + LangGraph [Virtual Hands-on Workshop]
byUiPathCommunity
 
PDF
December Patch Tuesday
byIvanti
 
PDF
Eredità digitale sugli smartphone: cosa resta di noi nei dispositivi mobili
bySpeck&Tech
 
PDF
Dev Dives: AI that builds with you - UiPath Autopilot for effortless RPA & AP...
byUiPathCommunity
 
PDF
GPUS and How to Program Them by Manya Bansal
byScyllaDB
 
PPTX
THIS IS CYBER SECURITY NOTES USED IN CLASS ON VARIOUS TOPICS USED IN CYBERSEC...
byMelissaGblinwon
 
PDF
Internet_of_Things_IoT_for_Next_Generation_Smart_Systems_Utilizing.pdf
byRoshanSyed12
 
PDF
Access Control 2025: From Security Silo to Software-Defined Ecosystem
byMemoori
 
PPTX
Cloud-and-AI-Platform-FY26-Partner-Playbook.pptx
byiuiuiuiu1
 
PDF
Day 1 - Cloud Security Strategy and Planning ~ 2nd Sight Lab ~ Cloud Security...
by2nd Sight Lab
 
PDF
Session 1 - Solving Semi-Structured Documents with Document Understanding
byDianaGray10
 
PDF
Usage Control for Process Discovery through a Trusted Execution Environment
byValerioGoretti
 
PDF
Unser Jahresrückblick – MarvelClient in 2025
bypanagenda
 
PPTX
Building Cyber Resilience for 2026: Best Practices for a Secure, AI-Driven Bu...
byYasir Naveed Riaz
 
PDF
Energy Storage Landscape Clean Energy Ministerial
bySurajitBanerjee38
 
PPTX
AI in Cybersecurity: Digital Defense by Yasir Naveed Riaz
byYasir Naveed Riaz
 
PPTX
Chapter 3 Introduction to number system.pptx
byGetachewAbera9
 
Data Virtualization in Action: Scaling APIs and Apps with FME
bySafe Software
 
iRobot Post‑Mortem and Alternative Paths - Discussion Document for Boards and...
byDave Litwiller
 
Conversational Agents – Building Intelligent Assistants [Virtual Hands-on Wor...
byUiPathCommunity
 
Coded Agents – with UiPath SDK + LangGraph [Virtual Hands-on Workshop]
byUiPathCommunity
 
December Patch Tuesday
byIvanti
 
Eredità digitale sugli smartphone: cosa resta di noi nei dispositivi mobili
bySpeck&Tech
 
Dev Dives: AI that builds with you - UiPath Autopilot for effortless RPA & AP...
byUiPathCommunity
 
GPUS and How to Program Them by Manya Bansal
byScyllaDB
 
THIS IS CYBER SECURITY NOTES USED IN CLASS ON VARIOUS TOPICS USED IN CYBERSEC...
byMelissaGblinwon
 
Internet_of_Things_IoT_for_Next_Generation_Smart_Systems_Utilizing.pdf
byRoshanSyed12
 
Access Control 2025: From Security Silo to Software-Defined Ecosystem
byMemoori
 
Cloud-and-AI-Platform-FY26-Partner-Playbook.pptx
byiuiuiuiu1
 
Day 1 - Cloud Security Strategy and Planning ~ 2nd Sight Lab ~ Cloud Security...
by2nd Sight Lab
 
Session 1 - Solving Semi-Structured Documents with Document Understanding
byDianaGray10
 
Usage Control for Process Discovery through a Trusted Execution Environment
byValerioGoretti
 
Unser Jahresrückblick – MarvelClient in 2025
bypanagenda
 
Building Cyber Resilience for 2026: Best Practices for a Secure, AI-Driven Bu...
byYasir Naveed Riaz
 
Energy Storage Landscape Clean Energy Ministerial
bySurajitBanerjee38
 
AI in Cybersecurity: Digital Defense by Yasir Naveed Riaz
byYasir Naveed Riaz
 
Chapter 3 Introduction to number system.pptx
byGetachewAbera9
 

Linux kernel vs user space - Hervé Nicol (GFI)

  • 1.
    Linux: kernel vsuser space BPF and FUSE as examples Hervé Nicol - GFI @hervenicol
  • 2.
    What is anOS kernel? HWCPU(s) RAM Storage Devices Whatever Kernel Libs Apps 2 SW
  • 3.
    Linux syscalls http://man7.org/linux/man-pages/man2/syscalls.2.html “The systemcall is the fundamental interface between an application and the Linux kernel.” ● 123 in kernel 1.0 ● 400+ in kernel 4.11
  • 4.
    What can Ido with syscalls? ● You don’t need to know it to code or use linux ● You may use it for perf analysis and debug (strace, perf, trace, sysdig) ○ See http://www.brendangregg.com/linuxperf.html ● You can filter them with seccomp (ie in containers) ○ Docker filters: https://docs.docker.com/engine/security/seccomp/ ○ https://blog.yadutaf.fr/2014/05/29/introduction-to-seccomp-bpf-linux-s yscall-filter/
  • 5.
    Managed by thekernel ● CPU and memory = allocations, storage, OOM… ● Storage = block devices, volumes, filesystems… ● Devices = video, sound, usb, network… HWCPU(s) RAM Storage Devices Whatever Kernel Libs Apps SW
  • 6.
    Introducing FUSE ● FileSystem in Userspace https://en.wikipedia.org/wiki/Filesystem_in_Userspace ○ Sshfs ○ Ntfs ○ gmailfs
  • 7.
    Prototype use case WheneBPF meets FUSE - Improving performance of user file systems https://events.linuxfoundation.org/wp-content/uploads/2017/11/When-eBPF-Meets-FUSE-Improving-Performance-of-User-File-Sys tems-Ashish-Bijlani-Georgia-Tech.pdf
  • 8.
    Other interesting projects ●Gvisor - https://github.com/google/gvisor “Userland kernel” ● Cilium - https://cilium.io/ “Bringing the BPF Revolution to Kubernetes Networking and Security” ● Brendan Gregg’s blog - http://www.brendangregg.com/ebpf.html Linux Performance at Netflix