English
Related papers

Related papers: Synthesizing Safe and Efficient Kernel Extensions …

200 papers

Extended Berkeley Packet Filter (eBPF) is a runtime that enables users to load programs into the operating system (OS) kernel, like Linux or Windows, and execute them safely and efficiently at designated kernel hooks. Each program passes…

High-performance IO demands low-overhead communication between user- and kernel space. This demand can no longer be fulfilled by traditional system calls. Linux's extended Berkeley Packet Filter (BPF) avoids user-/kernel transitions by…

Cryptography and Security · Computer Science 2025-01-09 Luis Gerhorst , Henriette Herzog , Peter Wägemann , Maximilian Ott , Rüdiger Kapitza , Timo Hönig

The ability to modify and extend an operating system is an important feature for improving a system's security, reliability, and performance. The extended Berkeley Packet Filters (eBPF) ecosystem has emerged as the standard mechanism for…

Artificial Intelligence · Computer Science 2023-12-12 Yusheng Zheng , Yiwei Yang , Maolin Chen , Andrew Quinn

Extended Berkeley Packet Filter (eBPF) allows developers to extend Linux kernel functionality without modifying its source code. To ensure system safety, an in-kernel safety checker, the verifier, enforces strict safety constraints (for…

Software Engineering · Computer Science 2025-11-24 Qian Zhu , Yuxuan Liu , Ziyuan Zhu , Shangqing Liu , Lei Bu

The Linux kernel extensively uses the Berkeley Packet Filter (BPF) to allow user-written BPF applications to execute in the kernel space. The BPF employs a verifier to check the security of user-supplied BPF code statically. Recent attacks…

Cryptography and Security · Computer Science 2024-06-10 Hongyi Lu , Shuai Wang , Yechang Wu , Wanning He , Fengwei Zhang

Extended Berkeley Packet Filter (eBPF) programs are kernel extensions used for networking, observability, and security enforcement in the Linux kernel. The in-kernel eBPF verifier checks low-level memory safety and termination on eBPF…

Cryptography and Security · Computer Science 2026-05-26 Vishnu Asutosh Dasu , Monika Santra , Md Rafi Ur Rashid , Ashish Kumar , Saeid Tizpaz-Niari , Gang Tan

eBPF is a technology that allows developers to safely extend kernel functionality without modifying kernel source code or developing loadable kernel modules. Since the kernel governs critical system operations and enforces isolation…

Programming Languages · Computer Science 2025-07-15 Swarn Priya , Frédéric Besson , Connor Sughrue , Tim Steenvoorden , Jamie Fulford , Freek Verbeek , Binoy Ravindran

Extended Berkeley Packet Filter (BPF) is a language and run-time system that allows non-superusers to extend the Linux and Windows operating systems by downloading user code into the kernel. To ensure that user code is safe to run in kernel…

Programming Languages · Computer Science 2021-12-17 Harishankar Vishwanathan , Matan Shachnai , Srinivas Narayana , Santosh Nagarakatte

For safety reasons, unprivileged users today have only limited ways to customize the kernel through the extended Berkeley Packet Filter (eBPF). This is unfortunate, especially since the eBPF framework itself has seen an increase in scope…

Operating Systems · Computer Science 2023-08-16 Soo Yee Lim , Xueyuan Han , Thomas Pasquier

The eBPF technology in the Linux kernel has been widely adopted for different applications, such as networking, tracing, and security, thanks to the programmability it provides. By allowing user-supplied eBPF programs to be executed…

Cryptography and Security · Computer Science 2023-05-16 Hsin-Wei Hung , Ardalan Amiri Sani

System call filtering is a widely used security mechanism for protecting a shared OS kernel against untrusted user applications. However, existing system call filtering techniques either are too expensive due to the context switch overhead…

The extended Berkeley Packet Filter (eBPF) is useful for faster packet processing and network monitoring in softwarized deployments. Similarly, softwarized deployments of 5G core network services adopted eBPF to meet the stringent latency…

Networking and Internet Architecture · Computer Science 2026-03-23 Yash Deshpande , Samaresh Bera

Safe kernel extensions have gained significant traction, evolving from simple packet filters to large, complex programs that customize storage, networking, and scheduling. Existing kernel extension mechanisms like eBPF rely on in-kernel…

With the advent of Software Defined Networks (SDN), Network Function Virtualisation (NFV) or Service Function Chaining (SFC), operators expect networks to support flexible services beyond the mere forwarding of packets. The network…

Networking and Internet Architecture · Computer Science 2018-10-25 Mathieu Xhonneux , Fabien Duchene , Olivier Bonaventure

The eBPF framework enables execution of user-provided code in the Linux kernel. In the last few years, a large ecosystem of cloud services has leveraged eBPF to enhance container security, system observability, and network management.…

Cryptography and Security · Computer Science 2024-09-13 Soo Yee Lim , Tanya Prasad , Xueyuan Han , Thomas Pasquier

Inaccuracies in conventional dependency-tracking methods frequently undermine the security and integrity of modern software supply chains. This paper introduces a kernel-level framework leveraging extended Berkeley Packet Filter (eBPF) to…

Cryptography and Security · Computer Science 2025-03-05 Naveen Srinivasan , Nathan Naveen , Neil Naveen

eBPF is a new technology which allows dynamically loading pieces of code into the Linux kernel. It can greatly speed up networking since it enables the kernel to process certain packets without the involvement of a userspace program. So far…

Cryptography and Security · Computer Science 2022-03-07 Maximilian Bachl , Joachim Fabini , Tanja Zseby

The overhead of the kernel storage path accounts for half of the access latency for new NVMe storage devices. We explore using BPF to reduce this overhead, by injecting user-defined functions deep in the kernel's I/O processing stack. When…

Operating Systems · Computer Science 2021-02-26 Yu Jian Wu , Hongyi Wang , Yuhong Zhong , Asaf Cidon , Ryan Stutsman , Amy Tai , Junfeng Yang

Linux-based cloud environments have become lucrative targets for ransomware attacks, employing various encryption schemes at unprecedented speeds. Addressing the urgency for real-time ransomware protection, we propose leveraging the…

Cryptography and Security · Computer Science 2024-09-11 Adrian Brodzik , Tomasz Malec-Kruszyński , Wojciech Niewolski , Mikołaj Tkaczyk , Krzysztof Bocianiak , Sok-Yen Loui

Protected user-level libraries have been proposed as a way to allow mutually distrusting applications to safely share kernel-bypass services. In this paper, we identify and solve several previously unaddressed obstacles to realizing this…

Operating Systems · Computer Science 2025-09-04 Alan Beadle , Michael L. Scott , John Criswell
‹ Prev 1 2 3 10 Next ›