Simple and precise static analysis of untrusted Linux kernel extensions

Elazar Gershuni

Nadav Amit

Arie Gurfinkel

[0]

[0]

[0]

[0]

[0]

[0]

Proceedings of the 40th ACM SIGPLAN Conference on Programming Language Design and Implementation, pp. 1069-1084, 2019.

Cited by: 11|Bibtex|Views52|DOI:https://doi.org/10.1145/3314221.3314590

Other Links: dl.acm.org|dblp.uni-trier.de|academic.microsoft.com

Keywords:

ebpf kernel extensions linux static analysis

Abstract:

Extended Berkeley Packet Filter (eBPF) is a Linux subsystem that allows safely executing untrusted user-defined extensions inside the kernel. It relies on static analysis to protect the kernel against buggy and malicious extensions. As the eBPF ecosystem evolves to support more complex and diverse extensions, the limitations of its curren...More

Code:

Data:

Full Text (Upload PDF)

PPT (Upload PPT)

Your rating :