HotBPF - On-demand and On-the-fly Memory Protection for the Linux Kernel

Explore an innovative mechanism for protecting the Linux kernel from memory exploitation during vulnerability disclosure windows. Learn about HotBPF, a solution that offers on-the-fly protection without system recompilation or rebooting, operates independently of hardware features and hypervisors, and maintains lightweight performance with only 2-3% overhead. Discover the design and evaluation process, including static analysis for identifying vulnerable structures, extensions to eBPF and virtual memory allocation for on-demand isolation, and systematic performance and security assessments using real-world attack scenarios. Gain insights into this versatile approach applicable to various environments, from embedded systems to cloud servers.

HotBPF - An On-demand and On-the-fly Memory Protection for the Linux Ker... Yueqi Chen & Zhenpeng Li