Security and safety of Linux systems in a BPF-powered hybrid user space/kernel world
The digitalisation of society has led to a constant pursuit of better performance. Waiting for changes in the major operating systems Linux and Windows is time-consuming. Research is now turning to new technologies that enable ways of getting around this issue.
With the introduction of BPF into the Linux kernel, we are seeing a change in the traditional application model. With BPF it is now possible to execute parts of the application logic in kernel space, leading to a novel hybrid model. This rings with it many opportunities such as performance and flexibility improvements, but also some challenges especially in the area of security.
This project, "Security and safety of Linux systems in a BPF-powered hybrid user space / kernel world", is carried out together with the company Red Hat, and aims to help increase the security of technologies such as BPF.
Problems the project seeks to solve:
- Defining a coherent threat model for Linux and BPF
- Exploring the security guarantees offered by the BPF verifier
- Defining a framework for how to think about BPF and security
- Analysing kernel resource constraint mechanisms in relation to BPF
- Exploring memory safety issues for BPF code
- Integrating BPF in safety-critical Linux applications
- Exploring cryptographic signatures as a security mechanism for BPF programs