Checkpoint and Restore of processes within kernel security mechanisms

Session information has not yet been published for this event.

*

One Line Summary

A discussion about what to do for c/r of LSMs, selinux, and user namespaces.

Abstract

In this time slot we’ll talk about what’s needed to checkpoint and
restore processes using kernel security features like LSMs (AppArmor,
SELinux), seccomp (both STRICT and FILTER modes), and user namespaces.
We have initial basic support for some LSMs, but kernel work will be
needed to support seccomp and user namespaces.

Tags

containers, CRIU

Speaker

  • Tycho Andersen

    Canonical Ltd.

    Biography

    Tycho is a software engineer at Canonical actively working on several
    cloud-related projects. He holds degrees from the University of
    Wisconsin—Madison and Iowa State University, and has co-authored several
    peer-reviewed papers. In his spare time he collects programming languages, rides
    bicycles, and climbs mountains.