VTechWorks staff will be away for the Independence Day holiday from July 4-7. We will respond to email inquiries on Monday, July 8. Thank you for your patience.
 

Verified Programs Can Party: Optimizing Kernel Extensions via Post-Verification In-Kernel Merging

Simple item page
dc.contributor.authorKuo, Hsuan-Chien
dc.contributor.authorChen, Kai-Hsunen
dc.contributor.authorLu, Yichengen
dc.contributor.authorWilliams, Danen
dc.contributor.authorMohan, Sibinen
dc.contributor.authorXu, Tianyinen
dc.date.accessioned2022-10-19T16:58:54Zen
dc.date.available2022-10-19T16:58:54Zen
dc.date.issued2022-03-28en
dc.date.updated2022-10-19T15:08:34Zen
dc.description.abstractOperating system (OS) extensions are more popular than ever. For example, Linux BPF is marketed as a “superpower” that allows user programs to be downloaded into the kernel, verified to be safe and executed at kernel hook points. So, BPF extensions have high performance and are often placed at performance-critical paths for tracing and filtering. However, although BPF extension programs execute in a shared kernel environment and are already individually verified, they are often executed independently in chains.We observe that the chain pattern has large performance overhead, due to indirect jumps penalized by security mitigations (e.g., Spectre), loops, and memory accesses. In this paper, we argue for a separation of concerns. We propose to decouple the execution of BPF extensions from their verification requirements—BPF extension programs can be collectively optimized, after each BPF extension program is individually verified and loaded into the shared kernel. We present KFuse, a framework that dynamically and automatically merges chains of BPF programs by transforming indirect jumps into direct jumps, unrolling loops, and saving memory accesses, without loss of security or flexibility. KFuse can merge BPF programs that are (1) installed by multiple principals, (2) maintained to be modular and separate, (3) installed at different points of time, and (4) split into smaller, verifiable programs via BPF tail calls. KFuse demonstrates 85% performance improvement of BPF chain execution and 7% of application performance improvement over existing BPF use cases (systemd’s Seccomp BPF filters). It achieves more significant benefits for longer chains.en
dc.description.versionPublished versionen
dc.format.mimetypeapplication/pdfen
dc.identifier.doihttps://doi.org/10.1145/3492321.3519562en
dc.identifier.urihttp://hdl.handle.net/10919/112228en
dc.language.isoenen
dc.publisherACMen
dc.rightsIn Copyrighten
dc.rights.holderThe author(s)en
dc.rights.urihttp://rightsstatements.org/vocab/InC/1.0/en
dc.titleVerified Programs Can Party: Optimizing Kernel Extensions via Post-Verification In-Kernel Mergingen
dc.typeArticle - Refereeden
dc.type.dcmitypeTexten

Files

Original bundle
Now showing 1 - 1 of 1
Thumbnail Image
Name:
3492321.3519562.pdf
Size:
784.38 KB
Format:
Adobe Portable Document Format
Description:
Published version
Download
License bundle
Now showing 1 - 1 of 1
Name:
license.txt
Size:
0 B
Format:
Item-specific license agreed upon to submission
Description:
Download

Collections

Journal Articles, Association for Computing Machinery (ACM)
Scholarly Works, Computer Science