Skip to content

Platform Compatibility

cloudtaser runs on any Kubernetes cluster with Linux nodes. The protection score and the synchronous-vs-reactive enforcement posture both vary by node distribution due to kernel-config differences in CONFIG_BPF_KPROBE_OVERRIDE and the ALLOW_ERROR_INJECTION allow-list. The matrix below summarises the kernel-team-endorsed posture per managed-K8s offering and per common self-managed distro.

Synchronous-blocking eBPF security: per-distro matrix

Distro / runtime BPF_KPROBE_OVERRIDE BPF_LSM Synchronous-blocking eBPF security? Recommendation
GKE COS (5.15 / 6.1 / 6.6) No Yes LSM-only (post-#174); detect+kill on the kprobe path today Supported; pair with Ubuntu nodes for double-coverage today
GKE Ubuntu (linux-gke 6.8+) Yes Yes Full (LSM + kprobe override on the override-allowed subset; perf_event_open migrates via #175) Recommended for highest assurance today
EKS Bottlerocket No Yes LSM-only (post-#174); detect+kill on the kprobe path today Same posture as GKE COS
EKS Amazon Linux 2023 Yes Yes Full Closer to upstream default; same posture as Ubuntu
AKS Azure Linux 3.0+ Yes Yes Full BPF_KPROBE_OVERRIDE recently added; same posture as Ubuntu
AKS Ubuntu 22.04 Yes Yes Full Baseline
k3s on Ubuntu Yes Yes Full Full control over kernel config
Talos Linux No (lockdown) Yes LSM-only (post-#174) COS-philosophy: production-hardened distro that disables error_injection

Reading the matrix:

  • BPF_KPROBE_OVERRIDE = Yes means bpf_override_return() works on this kernel — eBPF programs can synchronously prevent a syscall from executing. cloudtaser uses this for ~15 of 16 enforced syscalls on Ubuntu / AL2023 / AKS Azure Linux today.
  • BPF_LSM = Yes means CONFIG_BPF_LSM=y is compiled into the kernel and bpf_lsm_* hook attach is available. This is the kernel-team-endorsed path for synchronous policy in production and is supported across both Ubuntu and COS / Bottlerocket / Talos.
  • Synchronous-blocking eBPF security? is the user-visible enforcement posture. "Full" means cloudtaser's syscall-blocking programs return the deny verdict before the syscall completes. "LSM-only (post-#174)" means the kprobe path is unavailable and the LSM-hook re-route is the path forward; today, those distros run in detect+kill mode on the kprobe path while the wrapper's dumpable=0 (+5) provides the synchronous baseline.

Why some distros disable BPF_KPROBE_OVERRIDE

bpf_override_return() was originally designed for kernel-developer error-injection testing and depends on a per-syscall ALLOW_ERROR_INJECTION allow-list that is intentionally narrow. Production-hardened distros (COS, Bottlerocket, Talos) treat error-injection as a debug-only feature and ship with CONFIG_BPF_KPROBE_OVERRIDE=n. The kernel-team-endorsed alternative is BPF LSM, which is supported across all of them — that's why cloudtaser-ebpf#174 is a strategic migration rather than a tactical workaround.

Protection score by platform

The matrix below shows the achievable protection score today and the post-migration target. See Protection Score Reference for the per-check breakdown.

Platform Achievable Today Target (post-#175) Path to Maximum
GKE Ubuntu + Confidential Nodes 100 115 Already on the recommended path
GKE Ubuntu (non-confidential) 90 105 Add --enable-confidential-nodes
GKE COS + Confidential Nodes 85 100 (post-#174) Switch to --image-type UBUNTU_CONTAINERD for full kprobe today
GKE COS (non-confidential) 75 90 (post-#174) Switch to Ubuntu + Confidential
EKS Amazon Linux 2023 90 105 No AWS confidential equivalent yet
EKS Bottlerocket 75 90 (post-#174) Same posture as GKE COS — pair with Ubuntu nodes for double-coverage
AKS Ubuntu 22.04 90 105 Use DCasv5 / ECasv5 Confidential VMs
AKS Azure Linux 3.0+ 90 105 Newly supports BPF_KPROBE_OVERRIDE; same posture as Ubuntu
k3s on Ubuntu 90 105 Full control — pick the kernel and hardware
Talos Linux 75 90 (post-#174) Same posture as COS / Bottlerocket

For the highest protection score available today (100/115), use GKE with Ubuntu node images and Confidential Nodes:

gcloud container node-pools create cloudtaser-pool \
  --cluster=my-cluster \
  --image-type=UBUNTU_CONTAINERD \
  --enable-confidential-nodes \
  --machine-type=n2d-standard-4

This is the only managed-Kubernetes option that combines memfd_secret (kernel-invisible memory, +15), CONFIG_BPF_KPROBE_OVERRIDE=y on the override-allowed subset (synchronous block on 15 of 16 enforced syscalls, +15 once perf_event_open migrates), and AMD SEV-SNP confidential compute (+10).

See GKE Deployment Guide for a step-by-step walkthrough.

Why scores differ — feature drilldown

memfd_secret (15 points)

memfd_secret() creates memory regions invisible to the kernel itself. Requires CONFIG_SECRETMEM=y in the kernel.

  • Available on: GKE (COS + Ubuntu), AKS Azure Linux, EKS AL2023, kernels 5.14+ with CONFIG_SECRETMEM
  • Missing on: AKS Ubuntu 22.04 (Azure kernel disables CONFIG_SECRETMEM despite 5.14+ kernel)
  • Fallback: memfd_create + mlock — secrets still protected from swap and core dumps but visible to kernel modules

kprobe override enforcement (15 points)

bpf_override_return() allows the eBPF agent to synchronously block syscalls (for example, prevent /proc/PID/environ reads from sibling cgroups). Requires both:

  1. CONFIG_BPF_KPROBE_OVERRIDE=y in the running kernel, and
  2. The target syscall function present in the upstream kernel's ALLOW_ERROR_INJECTION allow-list.

Both gates are necessary. kprobe_perf_event_open will never load on stock kernels because do_sys_perf_event_open is not in the allow-list upstream — see cloudtaser-ebpf#175 for the migration to bpf_lsm_perf_event_open.

  • Available on: Ubuntu kernels (Canonical enables this by default), AL2023, AKS Azure Linux 3.0+, k3s on Ubuntu
  • Missing on: COS, Bottlerocket, Talos (production-hardened distros disable error-injection)
  • Fallback: Reactive kill — the agent detects the violation via tracepoint and SIGKILLs the process. The wrapper's dumpable=0 (+5) provides a synchronous baseline that is independent of kprobe override.

BPF LSM — the strategic path forward

CONFIG_BPF_LSM=y is supported across all the distros in the matrix above, including COS / Bottlerocket / Talos. BPF LSM hooks (bpf_lsm_*) are the kernel-team-endorsed mechanism for synchronous BPF policy in production. cloudtaser-ebpf#174 tracks the strategic migration of cloudtaser's enforcement programs from kprobe override to BPF LSM hooks. Once that ships, all distros in the matrix reach synchronous-block parity on the cloudtaser-enforced syscalls.

Composing with other BPF LSM tools

cloudtaser-ebpf does not occupy the entire BPF LSM stack. BPF LSM-based tools compose cleanly with cloudtaser — they hook different LSM call sites and do not conflict with cloudtaser's syscall-blocking programs:

  • Tetragon — Cilium's runtime security observability and enforcement. Synchronous policy via BPF LSM hooks; fully supported on COS / Bottlerocket / Talos.
  • KubeArmor — runtime policy via BPF LSM and AppArmor / SELinux fallback. Strong on file-path policy and process whitelisting per container.

A forthcoming comparison page on cloudtaser.io will document recommended pairings and threat-model overlap — see cloudtaser-io-website#277.

Remaining 15 points

Two checks require infrastructure changes not always available on standard managed Kubernetes:

  • cpu_mitigations (5 pts) — kernel boot parameters for CPU vulnerability mitigations. Not configurable on most managed K8s offerings.
  • confidential_vm (10 pts) — AMD SEV-SNP / Intel TDX hardware memory encryption. Requires specific VM types (GKE: --enable-confidential-nodes; AKS: DCasv5 / ECasv5; AWS: no managed equivalent yet).

References