all InfoSec news
Mitigating Spectre-PHT using Speculation Barriers in Linux BPF
May 2, 2024, 4:11 a.m. | Luis Gerhorst, Henriette Herzog, Peter W\"agemann, Maximilian Ott, R\"udiger Kapitza, Timo H\"onig
cs.CR updates on arXiv.org arxiv.org
Abstract: High-performance IO demands low-overhead communication between user- and kernel space. This demand can no longer be fulfilled by traditional system calls. Linux's extended Berkeley Packet Filter (BPF) avoids user-/kernel transitions by just-in-time compiling user-provided bytecode and executing it in kernel mode with near-native speed. To still isolate BPF programs from the kernel, they are statically analyzed for memory- and type-safety, which imposes some restrictions but allows for good expressiveness and high performance. However, to mitigate …
arxiv berkeley berkeley packet filter bpf bytecode can communication cs.cr csos demand demands extended berkeley packet filter filter high just-in-time kernel linux low mode near packet performance space spectre speed system transitions
More from arxiv.org / cs.CR updates on arXiv.org
Jobs in InfoSec / Cybersecurity
Information Security Engineers
@ D. E. Shaw Research | New York City
Technology Security Analyst
@ Halton Region | Oakville, Ontario, Canada
Senior Cyber Security Analyst
@ Valley Water | San Jose, CA
Security Operations Manager-West Coast
@ The Walt Disney Company | USA - CA - 2500 Broadway Street
Vulnerability Analyst - Remote (WFH)
@ Cognitive Medical Systems | Phoenix, AZ, US | Oak Ridge, TN, US | Austin, TX, US | Oregon, US | Austin, TX, US
Senior Mainframe Security Administrator
@ Danske Bank | Copenhagen V, Denmark