Simple and precise static analysis of untrusted Linux kernel extensions
Proceedings of the 40th ACM SIGPLAN Conference on Programming Language Design and Implementation, pp. 1069-1084, 2019.
Extended Berkeley Packet Filter (eBPF) is a Linux subsystem that allows safely executing untrusted user-defined extensions inside the kernel. It relies on static analysis to protect the kernel against buggy and malicious extensions. As the eBPF ecosystem evolves to support more complex and diverse extensions, the limitations of its curren...More
Full Text (Upload PDF)
PPT (Upload PPT)