Microsoft Is Back To Working On "Hornet" Security For eBPF Programs On Linux
Earlier in the year Microsoft proposed the "Hornet" Linux security module to provide signature verification capabilities for eBPF programs to provide for better system security. It's been months since hearing anything more about it and not being merged, but yesterday they "reintroduced" it to the Linux kernel community.
Blaise Boscaccy of Microsoft's Linux team posted the latest iteration of their Hornet Linux security module for providing signature verification on eBPF programs. Their focus is on providing better security and audit integrity as well as TOCTOU attack prevention.
The cover letter on the new RFC patch series explains:
We'll see if Microsoft's Hornet LSM manages to make it into the mainline Linux kernel in 2026 for providing these enhancements around eBPF programs.
Blaise Boscaccy of Microsoft's Linux team posted the latest iteration of their Hornet Linux security module for providing signature verification on eBPF programs. Their focus is on providing better security and audit integrity as well as TOCTOU attack prevention.
The cover letter on the new RFC patch series explains:
"This patch series introduces the next iteration of the Hornet LSM. Hornet’s goal is to provide a secure and extensible in-kernel signature verification mechanism for eBPF programs. The purpose of this RFC is to gather feedback on the LSM design and the newly added downstream LSM hooks, as well as gauge community sentiment. The userspace tooling still needs some refinement. The currently accepted loader-plus-map signature verification scheme, mandated by Alexei and KP, is simple to implement and generally acceptable if users and administrators are satisfied with it. However, verifying both the loader and the maps offers additional benefits beyond verifying the loader alone:
1. Security and Audit Integrity
A key advantage is that the LSM hook for authorizing BPF program loads can operate after signature verification. This ensures:
* Access control decisions are based on verified signature status.
* Accurate system state measurement and logging.
* Log entries claiming a verified signature are truthful, avoiding misleading records where only the loader was verified while the actual BPF program verification occurs later without logging.
2. TOCTOU Attack Prevention
The current map hash implementation may be vulnerable to a TOCTOU attack because it allows unfrozen maps to cache a previously calculated hash. The accepted “trusted loader” scheme cannot detect this and may permit loading altered maps.
This approach addresses concerns from users who require strict audit trails and verification guarantees, especially in security-sensitive environments. Map hashes for extended verification are passed via the existing PKCS#7 UAPI and verified by the crypto subsystem. Hornet then calculates the program’s verification state (full, partial, bad, etc.) and invokes a new downstream LSM hook to delegate policy decisions."
We'll see if Microsoft's Hornet LSM manages to make it into the mainline Linux kernel in 2026 for providing these enhancements around eBPF programs.