Design and implementation of a tool to improve error reporting for eBPF code

The eBPF technology is the uprising trend in the cloud computing world, allowing programs to run directly into the kernel space. This leads to having much more control over the system the program is run upon, especially in security and performance sensitive environments like the server operating system. For instance, it enables efficient monitoring and observability by tracking system performance, system calls, and recognising latency issues with minimal overhead, allowing easy implementation of those security policies that need to be enforced in the kernel space. Additionally, eBPF is highly effective in networking and packet filtering, facilitating the creation of custom firewalls, load balancers, and traffic optimizations. In order to load eBPF programs into the kernel space, they need to be severely scrutinized by the eBPF verifier, a set of deep checks that prevent it from crashing the kernel or, even worse, from escalating privileges and taking control of the system. The main drawback of this process is that error messages that the verifier produces are extremely difficult to read, and also detached from the language the developer writes the code in. This is because the common language used for this type of task is the C language (recently Rust is starting to be adopted), while the verifier performs the check on the eBPF bytecode, which is the result of the compilation process. Moreover, the checks are executed only during the loading of the program into the kernel space, and not during the compilation of the C code. The main goal of my thesis is to improve the developer’s experience by inserting into the eBPF compilation pipeline a set readability improvements, creating a tool that allows the developers to easily reach the line of C code that generated the error and adding a simple explanation of what happened, with some suggestion to fix it. The most common eBPF compilation pipeline at the moment uses the libbpf project and the Clang compiler, so this thesis aims to add the integrations using the error output of the libbpf load command. The tool will parse the error, the source and object files in order to inform the developer on the reason and the location. The python regex library re will be used, coupled with some bash script and the pipe command.