About Me

Woojin Ji / 지우진

  • A university student in South Korea
  • Job hunting with the goal of becoming a kernel developer
  • I used to study systems hacking, mostly pwn, and was a DEFCON 33 Finalist
  • Recently I have been reading Linux kernel BPF/eBPF code and sending verifier patches and selftests

Interests

  • eBPF
  • Linux kernel
  • BPF verifier internals
  • Verifier state pruning and precision tracking
  • Reading kernel code and turning small findings into patches
  • Following mailing list review flows

I still care about security, but these days kernel work is just more fun.

This blog is for

  • eBPF-related kernel code analysis
  • Notes on kernel mailing lists
  • Study logs on BPF and the kernel
  • Write-ups on patches I send, review iterations, and selftests
  • Notes on safely expanding what the verifier can accept

I run this blog mostly to write things down in my own words, so I do not end up pretending I understood something after skimming it once.

What I have been working on

  • Systems hacking, especially pwn
  • Not just solving things, but digging into why they break and why they work
  • Getting pulled deeper into the kernel through eBPF
  • Preferring code and internal flow over surface-level usage
  • Sending patches to the Linux kernel BPF subsystem, with work accepted into bpf-next
  • Digging into eBPF verifier behavior around stack reads, scalar spills, precision backtracking, and state pruning
  • Writing verifier selftests that cover not only positive cases, but also negative cases that must not be wrongly accepted

In short, I tend to care more about how internal state changes and why a decision is sound than how nice the interface looks from above.

Contact

Goal

To keep contributing upstream, starting from small bug fixes and precision improvements while understanding the code and review context around them.

Still learning, but I am at least keeping a log of what I read and what evidence led me to each conclusion.