Interactive Kernel Map:
Linux Kernel Documentation:
Linux Insides:
Compilation of Resources:
Netfilter:
LARTC (Linux Advanced Routing & Traffic Control (doesn't talk about the kernel specifically)
Performance / Analysis / Tracing / Monitoring:
Linux Device Drivers 3rd Edition:
Lots of really good articles written by Tom Jones on the Linux Kernel facilities:
You will want to learn the concept of "intrusive" data structures, offsetof, and containerof. This will be explained in the articles below:
A very versatile and useful data structure is called skbuff which is short for "socket buffer." This is used all over the Linux kernel networking stack and similar to the mbuf from *BSD (if you read the Stevens books I think he uses mbuf all over the place since all his examples were demonstrated on *BSD machines).
- http://www.linuxjournal.com/article/1312 (by Alan Cox)
- https://people.cs.clemson.edu/~westall/853/notes/skbuff.pdf
- http://www.skbuff.net/skbuff.html
You will also want to familiarise yourself with the synchronisation primitives of the kernel. The state-of-the-art that people are trying to use is RCU (read-copy-update) but there's the traditional spin locks, semaphores, mutexes, etc.
- https://0xax.gitbooks.io/linux-insides/content/SyncPrim/
- https://lwn.net/Articles/262464/ (read-copy-update)
- http://liburcu.org/
Timers are always useful for triggering events etc. You should aim to learn the definition of a jiffie, know what a timer wheel is, and what compile time HZ means.
So Linux has had 3 types of packet filtering systems in its lifetime (that i recall). The first being ipfw(adm), followed by ipchains, and since 2.4.x we have iptables / netfilter, and in recent years "nftables" which still falls under the netfilter umbrella.
Netfilter is a cool (and clumsy) packet filtering system that can do a lot of things. Just google around for the laundry list of shit it can do, but it hooks in a lot of places in the kernel where packet handling is concerned. It is good to keep in mind that iptables is the userspace frontend to the netfilter backend in the kernel.
Most useful documentation about netfilter can be found on their website, scattered all over the place. You will also want to spend the time reading the kernel code about the subsystem and maybe the mailing lists. But for now, I leave you with one simple link:
So the kernel provides facilities to "virtualize" the process tree, filesystem mountpoints, UID/GIDs, cgroups, SysV IPC / message queues, and network devices/stacks/ports/etc.
This falls under "namespaces", see: http://man7.org/linux/man-pages/man7/namespaces.7.html
Also worth reading: https://lwn.net/Articles/531114/
Although kind of stupid, sometimes you want to do userspace actions such as executing userland programs from the kernel. While it might be ways to get the stars aligned, the kernel provides a helpful API called usermode-helper.
Worth reading is this IBM DeveloperWorks article on it: https://www.ibm.com/developerworks/library/l-user-space-apps/