Validating the eBPF Verifier via State Embedding
Offered By: USENIX via YouTube
Course Description
Overview
Explore a groundbreaking technique for validating the eBPF verifier's correctness in this 15-minute conference talk from OSDI '24. Discover how researchers from ETH Zurich developed state embedding, a novel approach to detect logic bugs in this critical component of Linux kernel security. Learn about the innovative method of embedding concrete states as correctness checks within eBPF programs, allowing the verifier to validate its own approximations. Understand the significant impact of this research, which uncovered 15 previously unknown logic bugs in the extensively scrutinized eBPF verifier within just one month. Gain insights into the severity of these bugs, including two exploitable vulnerabilities that could lead to local privilege escalation. Delve into the technical details of this highly effective validation technique and its potential implications for improving Linux kernel security.
Syllabus
OSDI '24 - Validating the eBPF Verifier via State Embedding
Taught by
USENIX
Related Courses
Achieving Linux Kernel Code Execution Through a Malicious USB DeviceBlack Hat via YouTube LBM - A Security Framework for Peripherals within the Linux Kernel
IEEE via YouTube Kernel Runtime Security Instrumentation
Linux Foundation via YouTube Deep Analysis of Exploitable Linux Kernel Vulnerabilities 2017-2019
Linux Foundation via YouTube The Why and How of libseccomp
Linux Foundation via YouTube