LLVM-Based Fortification for Kernel Drivers
(2016) In LU-CS-EX 2016-28 EDA920 20161Department of Computer Science
- Abstract
- In today’s operating systems, drivers are linked with the kernel where handling pointers and performing memory accesses must be considered with much more care than in application user space.
This thesis focuses on two issues. First, memory access to user space must never be done directly, because the access may fault due to insufficient access permissions or unmapped pages. Second, pointers entering via system calls must be checked prior to their use to prevent a malevolent user from exploiting kernel drivers to access kernel space for them.
The proposed solution uses the type system of Clang combined with analyzes on the generated LLVM intermediate representation, both in the purpose of performing static analyzes to produce valuable... (More) - In today’s operating systems, drivers are linked with the kernel where handling pointers and performing memory accesses must be considered with much more care than in application user space.
This thesis focuses on two issues. First, memory access to user space must never be done directly, because the access may fault due to insufficient access permissions or unmapped pages. Second, pointers entering via system calls must be checked prior to their use to prevent a malevolent user from exploiting kernel drivers to access kernel space for them.
The proposed solution uses the type system of Clang combined with analyzes on the generated LLVM intermediate representation, both in the purpose of performing static analyzes to produce valuable messages to developers during compile time, but also to insert robustness assertions and perform code transformations. With these precautions we were able to identify four bugs in a single device driver. (Less)
Please use this url to cite or link to this publication:
http://lup.lub.lu.se/student-papers/record/8888221
- author
- Brandberg, Caroline LU
- supervisor
- organization
- course
- EDA920 20161
- year
- 2016
- type
- H3 - Professional qualifications (4 Years - )
- subject
- keywords
- LLVM, Device Drivers, Kernel Memory Access, Pointer bugs
- publication/series
- LU-CS-EX 2016-28
- report number
- LU-CS-EX 2016-28
- ISSN
- 1650-2884
- language
- English
- id
- 8888221
- date added to LUP
- 2016-08-15 10:50:42
- date last changed
- 2016-08-15 10:50:42
@misc{8888221, abstract = {{In today’s operating systems, drivers are linked with the kernel where handling pointers and performing memory accesses must be considered with much more care than in application user space. This thesis focuses on two issues. First, memory access to user space must never be done directly, because the access may fault due to insufficient access permissions or unmapped pages. Second, pointers entering via system calls must be checked prior to their use to prevent a malevolent user from exploiting kernel drivers to access kernel space for them. The proposed solution uses the type system of Clang combined with analyzes on the generated LLVM intermediate representation, both in the purpose of performing static analyzes to produce valuable messages to developers during compile time, but also to insert robustness assertions and perform code transformations. With these precautions we were able to identify four bugs in a single device driver.}}, author = {{Brandberg, Caroline}}, issn = {{1650-2884}}, language = {{eng}}, note = {{Student Paper}}, series = {{LU-CS-EX 2016-28}}, title = {{LLVM-Based Fortification for Kernel Drivers}}, year = {{2016}}, }