BPF is a rising trend in cloud computing, enabling user-defined programs to run in kernel space. This allows greater system control, especially in security and performance sensitive environments, like server operating systems, enhancing monitoring and observability. However, running user-defined programs into the kernel is a security risk, which is attempted to be mitigated by the eBPF verifier, a set of deep checks that identify and reject dangerous programs, leading to the kernel crash or, even worse, escalate privileges, leak sensitive data, or take control of the system. However, messages produced by the verifier are difficult to understand, and usually detached from the source code. This paper presents a tool designed to improve the developer’s experience by introducing readability improvements and explanations into the eBPF compilation pipeline, allowing developers to easily identify the line of C code that caused the error, to understand the issue and how to fix it.
Design and implementation of a tool to improve error reporting for eBPF code / Rizza, Rosario; Sisto, Riccardo; Valenza, Fulvio. - ELETTRONICO. - (2025), pp. 214-219. (Intervento presentato al convegno 2025 IEEE International Conference on Cyber Security and Resilience (CSR) tenutosi a Crete (GR) nel 04-06 August 2025) [10.1109/csr64739.2025.11130075].
Design and implementation of a tool to improve error reporting for eBPF code
Rizza, Rosario;Sisto, Riccardo;Valenza, Fulvio
2025
Abstract
BPF is a rising trend in cloud computing, enabling user-defined programs to run in kernel space. This allows greater system control, especially in security and performance sensitive environments, like server operating systems, enhancing monitoring and observability. However, running user-defined programs into the kernel is a security risk, which is attempted to be mitigated by the eBPF verifier, a set of deep checks that identify and reject dangerous programs, leading to the kernel crash or, even worse, escalate privileges, leak sensitive data, or take control of the system. However, messages produced by the verifier are difficult to understand, and usually detached from the source code. This paper presents a tool designed to improve the developer’s experience by introducing readability improvements and explanations into the eBPF compilation pipeline, allowing developers to easily identify the line of C code that caused the error, to understand the issue and how to fix it.File | Dimensione | Formato | |
---|---|---|---|
Design_and_implementation_of_a_tool_to_improve_error_reporting_for_eBPF_code.pdf
accesso riservato
Tipologia:
2a Post-print versione editoriale / Version of Record
Licenza:
Non Pubblico - Accesso privato/ristretto
Dimensione
297.34 kB
Formato
Adobe PDF
|
297.34 kB | Adobe PDF | Visualizza/Apri Richiedi una copia |
p0214_csr-cs_641511268.pdf
accesso aperto
Tipologia:
2. Post-print / Author's Accepted Manuscript
Licenza:
Pubblico - Tutti i diritti riservati
Dimensione
244.18 kB
Formato
Adobe PDF
|
244.18 kB | Adobe PDF | Visualizza/Apri |
Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
https://hdl.handle.net/11583/3002569