Don’t miss out! Join us at the next Open Source Summit in Hyderabad, India (August 5); Amsterdam, Netherland (August 25-29); Seoul, South Korea (November 4-5). Join us at the premier vendor-neutral open source conference, where developers and technologists come together to collaborate, share knowledge, and explore the latest innovations and advancements in open source technology. Learn more at https://events.linuxfoundation.org/
SeaBee: Defense for the Defense – Alan Wandke & Jacob Satterfield, National Security Agency
In recent years, security researchers and companies have looked to eBPF to build innovative security mechanisms with kernel independent bytecode and a soft guarantee of runtime safety. eBPF and the eBPF LSM in particular are especially useful in environments with bespoke security requirements where other LSMs cannot be or are not used, or kernel rebooting/recompilation is undesirable.
However, eBPF programs, but their nature, present a unique security challenge: any privileged process can fully manipulate the inner workings of all eBPF objects. While SELinux provides a level of coarse-grained access control over eBPF, it is difficult for eBPF developers to tailor SELinux policy to protect their individual tools.
This talk attempts to fill the gap by presenting an eBPF-based mandatory access control framework for protecting eBPF-based tools. The framework uses a configurable policy and no code change required for other tools to opt-in. We will present the design, implementation, and a policy example. We will also highlight areas for future work in the eBPF and LSM subsystems to provide more granular access controls.
