Puranam, Ananta Srikar2025-10-132025-10-132025-08-15https://hdl.handle.net/10919/138146The extended Berkeley Packet Filter (eBPF) framework has revolutionized the way developers interact with the Linux kernel by enabling safe, dynamic programmability. However, this flexibility comes at a cost. The new kernel functions (kfuncs) exposed to eBPF programs are rapidly proliferating, often without adequate testing. While prior work has addressed verifier and helper function fuzzing, the kfuncs remain a largely unexplored attack surface. This thesis presents EKFuzz, a Syzkaller-based fuzzing extension that systematically targets kfuncs used by eBPF programs. EKFuzz incorporates type-aware generation of verifier-compliant programs, automatically generates dependent syscalls (e.g., for maps), and employs a mutation-driven feedback loop. Our evaluation demonstrates that EKFuzz achieves deeper runtime coverage than Syzkaller and uncovers latent bugs within the kfunc execution paths.ETDapplication/pdfenCC0 1.0 UniversalLinuxFuzzingeBPFsyzkallerEKFuzzThesis