eBPF’s kernel-level flexibility introduces security risks as untrusted programs gain unrestricted access to sensitive data structures. We propose Runtime Type-Based Access Control (RTBAC), a compiler-driven framework that automatically enforces security policies on eBPF programs. By integrating a custom LLVM pass, RTBAC injects runtime checks into the Intermediate Representation (IR) to validate pointer types during dereferencing against kernel-defined policies. This approach leverages Linux’s BPF Type Format (BTF) to resolve nested structures and pointers, while kernel modifications isolate type metadata per program. The solution requires no developer intervention, mitigates risks of third-party eBPF code, and integrates with existing workflows via an out-of-tree LLVM pass.
Runtime Type-Based Access Control for eBPF
Giovannoni, Leonardo;Lettieri, Giuseppe;Procissi, Gregorio
2025-01-01
Abstract
eBPF’s kernel-level flexibility introduces security risks as untrusted programs gain unrestricted access to sensitive data structures. We propose Runtime Type-Based Access Control (RTBAC), a compiler-driven framework that automatically enforces security policies on eBPF programs. By integrating a custom LLVM pass, RTBAC injects runtime checks into the Intermediate Representation (IR) to validate pointer types during dereferencing against kernel-defined policies. This approach leverages Linux’s BPF Type Format (BTF) to resolve nested structures and pointers, while kernel modifications isolate type metadata per program. The solution requires no developer intervention, mitigates risks of third-party eBPF code, and integrates with existing workflows via an out-of-tree LLVM pass.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
