Full Program
Summary:
eBPF is a rising trend in cloud computing, enablinguser-defined programs to run in kernel space. This allows
greater system control, especially in security and performance
sensitive environments, like server operative systems, enhancing
monitoring and observability. However, running user-defined
programs into the kernel is a security risk, which is attempted
to be mitigated by the eBPF verifier, a set of deep checks that
identify and reject dangerous programs, leading to the kernel
crash or, even worse, escalate privileges, leak sensitive data, or
take control of the system. However, messages produced by the
verifier are difficult to understand, and usually detached from the
source code. This paper presents a tool designed to improve the
developer’s experience by introducing readability improvements
and explanations into the eBPF compilation pipeline, allowing
developers to easily identify the line of C code that caused the
error, to understand the issue and how to fix it.
Author(s):
Rosario Rizza
Politecnico di Torino
Italy
Riccardo Sisto
Politecnico di Torino
Italy
Fulvio Valenza
Politecnico di Torino
Italy