Validating the eBPF Verifier via State Embedding
Offered By: USENIX via YouTube
Course Description
Overview
Explore a groundbreaking technique for validating the eBPF verifier's correctness in this 15-minute conference talk from OSDI '24. Discover how researchers from ETH Zurich developed state embedding, a novel approach to detect logic bugs in this critical component of Linux kernel security. Learn about the innovative method of embedding concrete states as correctness checks within eBPF programs, allowing the verifier to validate its own approximations. Understand the significant impact of this research, which uncovered 15 previously unknown logic bugs in the extensively scrutinized eBPF verifier within just one month. Gain insights into the severity of these bugs, including two exploitable vulnerabilities that could lead to local privilege escalation. Delve into the technical details of this highly effective validation technique and its potential implications for improving Linux kernel security.
Syllabus
OSDI '24 - Validating the eBPF Verifier via State Embedding
Taught by
USENIX
Related Courses
Analyzing Postgres Performance Problems Using Perf and eBPFMicrosoft via YouTube Citus Con - An Event for Postgres - Americas Livestream
Microsoft via YouTube EBPF - The Next Power Tool of SREs
USENIX via YouTube Kernel Tracing With EBPF
media.ccc.de via YouTube Building Observability for 99% Developers
Docker via YouTube