Somaraju, Sai Roop2024-07-112024-07-112024-06-10vt_gsexam:40912https://hdl.handle.net/10919/120634In the era of Linux being omnipresent, the demand for dynamically extending kernel capabil- ities without requiring changes to kernel source code or loading kernel modules at runtime is increasing. This is driven by numerous use cases such as observability, security, and network- ing, which can be efficiently addressed at the system level, underscoring the importance of such extensions. Any extension requires programmers to possess high levels of skill and thor- ough testing to ensure complete safety. The eBPF subsystem in the Linux kernel addresses this challenge by allowing applications to enhance the kernel's capabilities at runtime, while ensuring stability and security. This guaranteed safety is facilitated by the verifier engine, which statically verifies BPF code. In this thesis, we identify that the verifier implicitly relies on safety assumptions about its runtime execution environment, which are not being upheld in certain scenarios. One such critical aspect of the execution environment is the availability of stack space for use while executing the BPF program. Specifically, we high- light this fundamental issue in certain configuration of the BPF runtime environment within the Linux kernel and how this unsafe composition allowed for kernel stack overflow, thus violating safety guarantees. To tackle this problem, we propose a stack switching approach to ensure stack safety and evaluate its effectiveness.ETDenIn CopyrightExtended Berkeley Packet FilterLinuxStack OverflowThesis