ubpf icon indicating copy to clipboard operation
ubpf copied to clipboard

Published 20 hours ago verified publisher icon iovisor

uBPF jitter is should have option to apply constant blinding

Open Alan-Jowett opened this issue 3 years ago • 2 comments

uBPF jitter is should have option to apply constant blinding

Code generated by the uBPF jitter is susceptible to JIT spray attacks. See: https://www.usenix.org/sites/default/files/conference/protected-files/woot18_slides_gawlik.pdf

For a good description of the attack.

Proposed fix: https://samsung.github.io/kspp-study/bpf.html#hardening-hostile-code-in-ebpf

Alan-Jowett avatar May 19 '21 22:05 Alan-Jowett

SGTM

rlane avatar May 24 '21 05:05 rlane

This is primarily needed when jitting code from untrusted sources. This and issue #73 are needed when loading code from untrusted users.

Alan-Jowett avatar May 24 '21 15:05 Alan-Jowett