Program verification for the Linux kernel: Potential costs and benefits (tentative)

BPF enables the user to implement policies safely in BPF programs. Over the years, the best practice of extending the kernel with BPF has evolved significantly. In this talk, we will go over the state-of-the-art best practice to “BPFize” a kernel subsystem with the fanotify example. Specifically, we will talk about: 1) implementing the hook points with struct_ops; 2) adding kfuncs for critical functionalities, and 3) suggestions on how to work with the BPF community.