Explore an innovative mechanism for protecting the Linux kernel from memory exploitation during vulnerability disclosure windows. Learn about HotBPF, a solution that offers on-the-fly protection without system recompilation or rebooting, operates independently of hardware features and hypervisors, and maintains lightweight performance with only 2-3% overhead. Discover the design and evaluation process, including static analysis for identifying vulnerable structures, extensions to eBPF and virtual memory allocation for on-demand isolation, and systematic performance and security assessments using real-world attack scenarios. Gain insights into this versatile approach applicable to various environments, from embedded systems to cloud servers.
HotBPF - On-demand and On-the-fly Memory Protection for the Linux Kernel
Overview
Syllabus
HotBPF - An On-demand and On-the-fly Memory Protection for the Linux Ker... Yueqi Chen & Zhenpeng Li
Taught by
Linux Foundation
Tags
Related Courses
-
HotBPF++ - A More Powerful Memory Protection for the Linux Kernel
-
MPK/PKS Linux Kernel Compartmentalization
-
Understanding Page Spray in Linux Kernel Exploitation
-
Thwarting Unknown Bugs - Hardening Features in the Mainline Linux Kernel
-
FetchBPF - Customizable Prefetching Policies in Linux with eBPF
-
Inspecting and Optimizing Memory Usage in Linux
