Anyone writing eBPF programs for long enough will eventually have a conversation with the verifier. While developing several eBPF programs, I ran into a number of verifier rejections that were not immediately obvious from the source code. In this article I discuss two examples that required looking beyond the Rust source and into the generated BPF bytecode.

The verifier’s contract

The kernel verifier performs static analysis on every BPF program before it is loaded. Its job is to prove that the program is safe to execute under the rules of the eBPF execution model.

I have been working through the implementation of the Raft consensus algorithm in Rust. Part of doing that properly is being able to test it: you need to throw concurrent histories at your implementation and ask whether they are consistent with what a correct register (or log, or key-value store) is supposed to do. That question has a precise name — linearizability — and answering it algorithmically turns out to be a genuinely interesting problem.

Elliptic curves are an essential part in modern day cryptography. But what are they? And how do they work? Although the theory behind Elliptic Curves is very complex, I try to delve into this subject here. I’m not a mathematician, so I do not know all the ins and out, nor do I know all the details. However, I try to write down the things I know about this matter hoping this is useful to you.