From f3a834785af1afe5aeb6514d23fb66282bad661f Mon Sep 17 00:00:00 2001 From: jet Date: Tue, 14 Jun 2022 11:36:57 +0200 Subject: [PATCH] minor change in ch2 --- docs/chapters/chapter2.tex | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/docs/chapters/chapter2.tex b/docs/chapters/chapter2.tex index a284b0b..80f22f3 100644 --- a/docs/chapters/chapter2.tex +++ b/docs/chapters/chapter2.tex @@ -1,5 +1,6 @@ \chapter{Background} -This chapter is dedicated to an study of all the background needed for our research into offensive eBPF applications. Although our rootkit has been developed using a library that will provide us with a layer of abstraction over the underlying operations, this background is needed to understand how eBPF is embedded in the kernel and which capabilities and limits we can expect to achieve with it. +This chapter introduces all the background needed for our research into offensive eBPF applications. Although our rootkit has been developed using a library that will provide us with a layer of abstraction over the underlying operations, this background is needed to understand how eBPF is embedded in the kernel and which capabilities and limits we can expect to achieve with it. + Firstly, we will analyse the origins of the eBPF technology, understanding what it is and how it works, and discuss the reasons why it is a necessary component of the Linux kernel today. Afterwards, we will cover the main features of eBPF in detail and discuss the security features incorporated in the system, together with an study of the currently existing alternatives for developing eBPF applications.