Linux Security Summit North America 2023

The large time window between the disclosure and patching of kernel vulnerabilities leaves the system open for exploitation. In the LSS Europe 2022, we presented HotBPF designed against heap exploitation during this time window. While HotBPF received wide interest from industry leaders including Huawei and Meta, its capability is restricted to heap corruption without considering other error types. As such, we designed a more powerful protection - HotBPF++. It inherits all advantages that HotBPF has: automatic deployment, on-the-fly enabling, hardware-independence, and lightweight design. However, HotBPF++ goes beyond HotBPF by not only preventing corruptions in memory regions other than heap but also detecting the root cause of corruptions. In this talk, we will describe the core idea of HotBPF++. After this, we will delve into more details of protection policies already integrated into HotBPF++, which cover five most common errors that can be reported by state-of-the-art sanitizers. Finally, we will evaluate the performance/memory overhead and scalability of HotBPF++ using various benchmarks and demonstrate its security improvement using real-world vulnerabilities.