Skip to content
Snippets Groups Projects
Select Git revision
  • vf-250219
  • vf-250219-refactor
  • verifence default protected
  • verifence-v2
  • bpf-next-250227-refactor
  • verifence-v2-rc1
  • vf-baseline
  • vf-baseline-v6.14-rc4
  • vf-eval-v2
  • bpf-next-master
  • verifence-v1-rfc
  • verifence-v6.14-rc4
  • by-value-v6.14
  • verifence-v6.14-rc3
  • vf-eval-nosan
  • vf-eval-v6.14
  • master
  • by-value
  • verifence-eval-for-v6.14-rc1
  • archive-250219-1919
20 results

linux

  • Clone with SSH
  • Clone with HTTPS
    • Luis Gerhorst's avatar
    bpf: Cut speculative path verification short
    Luis Gerhorst authored 
    This trades verification complexity for runtime overheads due to the
nospec inserted because of the EINVAL.

With increased limits this allows applying mitigations to large BPF
progs such as the Parca Continuous Profiler's prog. However, this
requires a jump-seq limit of 256k. In any case, the same principle
should apply to smaller programs therefore include it even if the limit
stays at 8k for now. Most programs in "VeriFence: Lightweight and
Precise Spectre Defenses for Untrusted Linux Kernel
Extensions" (https://arxiv.org/pdf/2405.00078

) only require a limit of
32k.

Signed-off-by: default avatarLuis Gerhorst <luis.gerhorst@fau.de>
Acked-by: default avatarHenriette Herzog <henriette.herzog@rub.de>
Cc: Maximilian Ott <ott@cs.fau.de>
Cc: Milan Stephan <milan.stephan@fau.de>
    e4b81845
    History
    Luis Gerhorst's avatar e4b81845
    History
    Name Last commit Last update