News [LWN.net] [$] No hardware memory isolation for BPF programs

News
LinuxBot

LinuxBot

Member
Joined
Apr 25, 2017
Messages
5,740
Reaction score
74
Credits
-1,257
On February 12, Yeoreum Yun posted a suggestion for an improvement to the security of the kernel's BPF implementation: use memory protection keys to prevent unauthorized access to memory by BPF programs. Yun wanted to put the topic on the list for discussion at the Linux Storage, Filesystem, Memory Management, and BPF Summit in May, but the lack of engagement makes that unlikely. They also have a patch set implementing some of the proposed changes, but has not yet shared that with the mailing list. Yun's proposal does not seem likely to be accepted in its current form, but the kernel has added hardware-based hardening options in the past, sometimes after substantial discussion.

Source: https://lwn.net/Articles/1059218/

Aggregated via Linux News
 
You must log in or register to reply here.

Similar threads

LinuxBot
News [LWN.net] [$] Controlling memory-management with BPF
Replies
0
Views
104
LinuxBot
LinuxBot
LinuxBot
News [LWN.net] [$] Support for private memory nodes
Replies
0
Views
73
LinuxBot
LinuxBot
LinuxBot
News [LWN.net] [$] Famfs, FUSE, and BPF
Replies
0
Views
122
LinuxBot
LinuxBot
LinuxBot
News [LWN.net] [$] BPF support in GCC 16 and beyond
Replies
0
Views
62
LinuxBot
LinuxBot
LinuxBot
News [LWN.net] [$] Custom page-cache policies with BPF
Replies
0
Views
85
LinuxBot
LinuxBot


Follow Linux.org

Staff online

Members online

Total: 5,037 (members: 5, guests: 5,032)

Latest posts

Top