Operating system kernels are fundamental components of computing systems. Kernels interface on the one hand with computer hardware (e.g., memories, processors, and input/output devices), and on the other hand with applications that are configured to perform certain software operations. Kernels are configured to manage memory usage on a computing system, application operations, network communications, and input/output interface communications.
Existing usage of operating system kernels, however, is in many instances insecure. For example, credentials and other secrets are vulnerable to copying by malicious users when they are stored in system memory. Credential theft may also occur when credentials or other secrets are in transit from one process to another. In addition, privilege escalation attacks are significant vulnerabilities. For example, when a user or process is granted higher-level privileges (e.g., administrator privileges, such as through an IT task), the higher-level privileges may become vulnerable to theft.
In view of these vulnerabilities in existing usages of operating system kernels, it may be advantageous to modify the kernel to enhance security. For example, one option may be to build an entirely new operating system kernel with security enhancements built into it. While this theoretically may sound attractive, in practice it is not feasible. Developing and maintaining a large volume of code, as would be required for many different kernels, is not practical. Merging kernel changes into a kernel's code (e.g., the Linux kernel's code) may be another approach, but this would take many months or even years, if the code is incorporated at all. Similarly, it may be possible to use Berkeley Packet Filters (BPFs) or extended BPFs (eBPFs) to modify the operation of kernels. For example, an eBPF may operate as a virtual machine that has special commands, resources, and restrictions. Nevertheless, eBPFs often have strict restrictions and are not easily usable for purposes of security enhancement. A further approach may involve using kernel modules that are dynamically loaded into an operating system kernel (e.g., just as hardware drivers are loaded and executed in the context of a kernel). Nevertheless, because such modules would essentially be code executed inside the kernel, they would be extremely susceptible to destabilize the kernel (e.g., cause the kernel to crash). Indeed, software modules may be flawed in terms of bad programming (e.g., endless loops, stack overflow, memory issues, etc.) that lead to errors or crashes by the kernel.
In view of the deficiencies in existing usage of operating system kernels, technological solutions are needed for enhancing security in kernel-based computing environments. Advantageously, technological solutions should allow for a kernel module to serve as a virtual machine sandbox for incoming scrips. The module may implement a defined set of executable commands and memory locations available for scripts running inside the sandbox. The executable commands and memory locations may be rigorously tested in terms of kernel stability before the module is deployed. Through these techniques, as further discussed below, kernel security may be enhanced and credentials that are stored on or passed through a computing system may be much more securely managed. Accordingly, the disclosed techniques may significantly reduce threats of credential theft and misuse, while at the same time being deployed in an efficient manner that does not up the proper functioning of a kernel.