Conference Paper

Sentry: A Binary-Level Interposition Mechanism for Trusted Kernel Extension

Korea University, Korea
DOI: 10.1109/CIT.2006.165 Conference: Computer and Information Technology, 2006. CIT '06. The Sixth IEEE International Conference on
Source: IEEE Xplore

ABSTRACT Several commodity operating systems have used kernel extensions to extend or replace their functionalities. Generally, since the kernel extensions are executed in the same address space with the kernel, a mere fault in the extensions may lead the whole system to be corrupted. So naturally, studies on the kernel extension are mainly proposed with the goal of isolating extension faults from the system. However, previous schemes require the static analysis of the extension module and the modification of kernel source code. The goal of this paper is to remove such overhead stages. This paper proposes Sentry; a lightweight kernel subsystem that provides dependable execution environment for the kernel extensions. We show the efficiency of Sentry through practical implementation on Linux.

Download full-text


Available from: Jaehyun Hwang, Jul 17, 2014
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: From a software-technology point of view, the µ-kernel concept is superior to large integrated kernels. On the other hand, it is widely believed that (a) µ-kernel based systems are inherently inefficient and (b) they are not sufficiently flexible. Contradictory to this belief, we show and support by documentary evidence that inefficiency and inflexibility of current µ-kernels is not inherited from the basic idea but mostly from overloading the kernel and/or from improper implementation. Based on functional reasons, we describe some concepts which must be implemented by a µ-kernel and illustrate their flexibility. Then, we analyze the performance critical points. We show what performance is achievable, that the efficiency is sufficient with respect to macro-kernels and why some published contradictory measurements are not evident. Furthermore, we describe some implementation techniques and illustrate why µ-kernels are inherently not portable, although they improve portability of the whole system.
  • Source
    [Show abstract] [Hide abstract]
    ABSTRACT: Despite decades of research in extensible operating system technology, extensions such as device drivers remain a significant cause of system failures. In Windows XP, for example, drivers account for 85 % of recently reported failures. This paper describes Nooks, a reliability subsystem that seeks to greatly enhance OS reliability by isolating the OS from driver failures. The Nooks approach is practical: rather than guaranteeing complete fault tolerance through a new (and incompatible) OS or driver architecture, our goal is to prevent the vast majority of driver-caused crashes with little or no change to existing driver and system code. To achieve this, Nooks isolates drivers within lightweight protection domains inside the kernel address space, where hardware and software prevent them from corrupting the kernel. Nooks
    ACM Transactions on Computer Systems 09/2003; 23(1). DOI:10.1145/1165389.945466 · 0.62 Impact Factor
  • [Show abstract] [Hide abstract]
    ABSTRACT: We present a study of operating system errors found by automatic, static, compiler analysis applied to the Linux and OpenBSD kernels. Our approach differs from previous studies that consider errors found by manual inspection of logs, testing, and surveys because static analysis is applied uniformly to the entire kernel source, though our approach necessarily considers a less comprehensive variety of errors than previous studies. In addition, automation allows us to track errors over multiple versions of the kernel source to estimate how long errors remain in the system before they are fixed.We found that device drivers have error rates up to three to seven times higher than the rest of the kernel. We found that the largest quartile of functions have error rates two to six times higher than the smallest quartile. We found that the newest quartile of files have error rates up to twice that of the oldest quartile, which provides evidence that code "hardens" over time. Finally, we found that bugs remain in the Linux kernel an average of 1.8 years before being fixed.
Show more