FPSFI:一种基于LLVM架构的驱动错误隔离机制  被引量:2

FPSFI:a LLVM-based Software Fault Isolation Mechanism for Linux Drivers

在线阅读下载全文

作  者:甄凯[1] 白家驹[2] 刘虎球[1] 郭旭峰[1] 

机构地区:[1]清华大学计算机科学与技术系,北京100084 [2]西安电子科技大学计算机学院,西安710126

出  处:《小型微型计算机系统》2013年第10期2246-2250,共5页Journal of Chinese Computer Systems

基  金:国家"八六三"高技术研究发展计划项目(2011AAO1A203)资助

摘  要:内核安全维系着应用程序的正常运行,而内核错误却仍被周期性地发现,且多数错误是由模块加载机制将存在问题的设备驱动引入内核所致.基于LLVM编译器基础架构,提出FPSFI驱动错误运行时隔离机制,使驱动错误隔离机制分解为涉敏函数注册、驱动错误定位与检测函数的插装等三个模块,有效地阻止了由内核API完整性缺失所导致的权限非法提升以及内存空间被多次释放等常见驱动错误.相比于之前的方法,FPSFI将错误分析与定位实现在编译器后端,减少了人工添加检测代码的工作量,而检测函数的单独实现与编译,使得隔离机制对内核接口的依赖程度有所降低.基于Linux平台的测试结果表明,FPSFI能够有效阻止两类典型的驱动错误;FPSFI对后端编译器改动所造成的时间开销比为18.7%;对网络模块的压力测试结果显示,FPSFI不会显著影响CPU利用率以及TCP吞吐量,UDP吞吐量下降17%.The security of many applications relies on the kernel being secure, but history suggests that kernel vulnerabilities are rou- tinely discovered and exploited. In particular, exploitable vulnerabilities in kernel modules are common. This paper proposes FPSFI, a system based on LLVM compiler infrastructure, which isolates kernel modules from the core kernel so that vulnerabilities in kernel modules cannot lead to a privilege escalation attack. To dereference the dependency between system implementation and kernel inter- face, FPSFI decomposes the empirical isolation work into three sub-systems, with the FPSFI backend analyzer to instrument checking functions, and sensitive and checking function sets to manage operations on two types of functions respectively. An evaluation with Linux shows that the workloads required on kernel functions to support a new module are moderate, and that FPSFI is able to prevent two known privilege-escalation vulnerabilities. Stress tests of a network driver module also show that isolating this module'using FPS- FI does not hurt TCP throughput and CPU utilization but reduces UDP throughput by 17%.

关 键 词:操作系统 安全 驱动 软件错误隔离 

分 类 号:TP316[自动化与计算机技术—计算机软件与理论]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象