[HN Gopher] Kernel Pwning with eBPF: A Love Story
       ___________________________________________________________________
        
       Kernel Pwning with eBPF: A Love Story
        
       Author : arkadiyt
       Score  : 96 points
       Date   : 2021-08-08 14:21 UTC (8 hours ago)
        
 (HTM) web link (www.graplsecurity.com)
 (TXT) w3m dump (www.graplsecurity.com)
        
       | infogulch wrote:
       | How does eBPF compare to WebAsm? I'm a bit more familiar with the
       | latter (thanks to some great articles) and I know that they use
       | the same general approach of safety via linear-time verification
       | and translation to machine code+buffer overflow checks, but I'm
       | curious about the differences.
        
         | tptacek wrote:
         | BPF has a _much_ more limited execution model (in general, eBPF
         | programs aren 't even allowed to loop, though the verifier may
         | allow some loops that it can prove are bounded), but freer
         | access to the underlying machine (by design, your programs are
         | usually handling live kernel memory directly).
        
       | ericbarrett wrote:
       | This is about CVE-2021-3490: https://cve.mitre.org/cgi-
       | bin/cvename.cgi?name=CVE-2021-3490
        
       ___________________________________________________________________
       (page generated 2021-08-08 23:00 UTC)