BPF is a rising trend in cloud computing, enabling user-defined programs to run in kernel space. This allows greater system control, especially in security and performance sensitive environments, like server operating systems, enhancing monitoring and observability. However, running user-defined programs into the kernel is a security risk, which is attempted to be mitigated by the eBPF verifier, a set of deep checks that identify and reject dangerous programs, leading to the kernel crash or, even worse, escalate privileges, leak sensitive data, or take control of the system. However, messages produced by the verifier are difficult to understand, and usually detached from the source code. This paper presents a tool designed to improve the developer’s experience by introducing readability improvements and explanations into the eBPF compilation pipeline, allowing developers to easily identify the line of C code that caused the error, to understand the issue and how to fix it.

Design and implementation of a tool to improve error reporting for eBPF code / Rizza, Rosario; Sisto, Riccardo; Valenza, Fulvio. - ELETTRONICO. - (2025), pp. 214-219. (Intervento presentato al convegno 2025 IEEE International Conference on Cyber Security and Resilience (CSR) tenutosi a Crete (GR) nel 04-06 August 2025) [10.1109/csr64739.2025.11130075].

Design and implementation of a tool to improve error reporting for eBPF code

Rizza, Rosario;Sisto, Riccardo;Valenza, Fulvio
2025

Abstract

BPF is a rising trend in cloud computing, enabling user-defined programs to run in kernel space. This allows greater system control, especially in security and performance sensitive environments, like server operating systems, enhancing monitoring and observability. However, running user-defined programs into the kernel is a security risk, which is attempted to be mitigated by the eBPF verifier, a set of deep checks that identify and reject dangerous programs, leading to the kernel crash or, even worse, escalate privileges, leak sensitive data, or take control of the system. However, messages produced by the verifier are difficult to understand, and usually detached from the source code. This paper presents a tool designed to improve the developer’s experience by introducing readability improvements and explanations into the eBPF compilation pipeline, allowing developers to easily identify the line of C code that caused the error, to understand the issue and how to fix it.
2025
979-8-3315-3591-9
File in questo prodotto:
File Dimensione Formato  
Design_and_implementation_of_a_tool_to_improve_error_reporting_for_eBPF_code.pdf

accesso riservato

Tipologia: 2a Post-print versione editoriale / Version of Record
Licenza: Non Pubblico - Accesso privato/ristretto
Dimensione 297.34 kB
Formato Adobe PDF
297.34 kB Adobe PDF   Visualizza/Apri   Richiedi una copia
p0214_csr-cs_641511268.pdf

accesso aperto

Tipologia: 2. Post-print / Author's Accepted Manuscript
Licenza: Pubblico - Tutti i diritti riservati
Dimensione 244.18 kB
Formato Adobe PDF
244.18 kB Adobe PDF Visualizza/Apri
Pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11583/3002569