Tesi etd-04032023-165316 |
Link copiato negli appunti
Tipo di tesi
Tesi di laurea magistrale
Autore
BURLON, TOMMASO
Indirizzo email
t.burlon@studenti.unipi.it, tommaso.burlon@gmail.com
URN
etd-04032023-165316
Titolo
Designing and developing methods to ensure confidentiality to untrusted eBPF programs
Dipartimento
INGEGNERIA DELL'INFORMAZIONE
Corso di studi
COMPUTER ENGINEERING
Relatori
relatore Prof. Lettieri, Giuseppe
correlatore Prof. Procissi, Gregorio
correlatore Leonardi, Luigi
correlatore Prof. Procissi, Gregorio
correlatore Leonardi, Luigi
Parole chiave
- bpf
- virtualization
- security
Data inizio appello
28/04/2023
Consultabilità
Tesi non consultabile
Riassunto
The modern approach to collect statistics and events of the kernel is by using eBPF programs. These programs can be written and loaded in
user-mode and securely executed in kernel-mode (the kernel's memory will remain coherent and the kernel's execution will not block). After it has been loaded, the eBPF program is
attached to an "hook", when the execution of the kernel pass through the hook the program starts and when it ends the kernel continues the normal execution flow.
Usually an eBPF program can read any part of the kernel and user memory. In some applications an OS could load and attach an untrusted eBPF program to collect and send statistics to a different system, in these situations the eBPF program could read sensitive information about the OS. In this cases it is necessary to give to the application a way to control which memory parts a certain eBPF program can and cannot read.
user-mode and securely executed in kernel-mode (the kernel's memory will remain coherent and the kernel's execution will not block). After it has been loaded, the eBPF program is
attached to an "hook", when the execution of the kernel pass through the hook the program starts and when it ends the kernel continues the normal execution flow.
Usually an eBPF program can read any part of the kernel and user memory. In some applications an OS could load and attach an untrusted eBPF program to collect and send statistics to a different system, in these situations the eBPF program could read sensitive information about the OS. In this cases it is necessary to give to the application a way to control which memory parts a certain eBPF program can and cannot read.
File
| Nome file | Dimensione |
|---|---|
Tesi non consultabile. |
|