设备驱动非内核化通信架构的研究与实现

doi:10.3969/j.issn.1671-1122.2016.11.010

信息网络安全 ›› 2016, Vol. 16 ›› Issue (11): 57-65.doi: 10.3969/j.issn.1671-1122.2016.11.010

设备驱动非内核化通信架构的研究与实现

谭茁, 翟高寿

北京交通大学计算机与信息技术学院,北京100044

收稿日期:2016-08-30 出版日期:2016-11-20 发布日期:2020-05-13
作者简介:
作者简介：谭茁（1992—）,女,山西,硕士研究生,主要研究方向为操作系统安全;翟高寿（1971—）,男,山西,副教授,博士,主要研究方向为操作系统与系统安全、系统软件设计、算法分析与设计。
基金资助:
国家自然科学基金[61672092];国家留学基金委青年骨干教师出国研修项目[201307095025]

Study and Implementation of Communication Mechanism for Non-kernel Device Drivers

Zhuo TAN, Gaoshou ZHAI

School of Computer and Information Technology, Beijing Jiaotong University, Beijing 100044, China

Received:2016-08-30 Online:2016-11-20 Published:2020-05-13

摘要/Abstract

摘要：

操作系统内核安全是整个计算机及信息系统安全的基石,而拥有50%以上份额内核代码的设备驱动程序则被认为是内核漏洞的主要来源。设备驱动程序通常以系统级权限运行在内核空间,而操作系统对运行在内核空间的程序是完全信任的。所以,一旦设备驱动程序存在漏洞或恶意代码,往往会影响操作系统安全,甚至导致整个系统的崩溃。为解决此类安全问题,设备驱动程序非内核化成为可选的有效途径之一。考虑到设备驱动程序的复杂性及其与操作系统其他内核模块之间的密切关联性,设备驱动程序的非内核化迁移是一项耗时耗力的工作。立足于自动化迁移的最终目标,文章试图构建一种规范的通信架构,探索选择设备驱动函数迁移的科学依据、迁出函数与用户空间函数的设计框架以及典型的非内核化迁移操作过程。相关原型测试结果表明,文章给出的设备驱动非内核化通信机制在有效隔离设备驱动安全问题的同时,并未过多增加系统开销,对系统性能没有造成太大影响。

关键词: 操作系统安全, 非内核化设备驱动程序, 内核空间, 用户空间, 通信机制

Abstract:

The kernel security of operating systems is the foundation of the security of computer and information systems. Device drivers are considered to be the main source of kernel bugs because they account for more than 50% of kernel codes. Moreover, device drivers always run in kernel-space with system level permission, and the system completely trusts the codes running in kernel-space. So, if some bugs or malicious codes exist in device drivers, it could affect the safety of operating systems, and even render the whole system collapse. In order to prevent such failure caused by device drivers, moving part or whole codes of device drivers to user space becomes one of the effective ways to limit and isolate the vulnerability of device drivers. However, it will be a time consuming task because device drivers are various and complicated and closely related to other modules of kernels. Based on the final goal of automated split and migration, this paper attempts to construct unified and standardized communication architecture, to explore scientific policies about migrated functions within device drivers, to design framework for both user space part and kernel space part of the migrated functions, and to extract basic non-kernel migration operations. Corresponding prototypes are implemented and test results show that communication mechanisms and non-kernel solutions for device drivers in this paper are effective and less overloaded.

Key words: security of operating systems, non-kernel device drivers, kernel space, user space, communication mechanism

中图分类号:

TP309

谭茁, 翟高寿. 设备驱动非内核化通信架构的研究与实现[J]. 信息网络安全, 2016, 16(11): 57-65.

Zhuo TAN, Gaoshou ZHAI. Study and Implementation of Communication Mechanism for Non-kernel Device Drivers[J]. Netinfo Security, 2016, 16(11): 57-65.

图/表 10

图1

图2

图3

图4

图5

图6

图7

图8

图9

图10

参考文献 19

[1]	MATIAS R, PRINCE M, BORGES L, et al.An Empirical Exploratory Study on Operating System Reliability[C]// ACM. The 29th Annual ACM Symposium on Applied Computing, March 24-28, 2014, Gyeongju, Republic of Korea. New York: ACM, 2014: 1523-1528.
[2]	ZHAI Gaoshou, GUO Tao, HUANG Jie.SCIATool: A Tool for Analyzing SELinux Policies Based on Access Control Spaces, Information Flows and CPNs[M]. AG Switzerland: Springer, 2015: 294-309.
[3]	ALEXEY K, VADIM M,ALEXANDER P, et al.Establishing Linux Driver Verification Process[C]// Springer-Verlag Berlin. The 7th international Andrei Ershov Memorial conference on Perspectives of Systems Informatics, June 15-19, 2009, Novosibirsk, Russia. Springer-Verlag Berlin Heidelberg, 2010: 165-176.
[4]	BALAKRISHNAN A, KRISHNAN S. Factorization of Device Driver Code between Kernel and User Spaces, Technical Report [EB/OL]. , 2016-8-1.
[5]	HERDER J N, BOS H, GRAS B, et al.Fault Isolation for Device Drivers[C]// IEEE Computer Society. 2009 IEEE/IFIP International Conference on Dependable Systems & Networks, June 29-July 2, 2009, Lisbon, Portugal. Washington: IEEE Computer Society, 2009: 33-42.
[6]	LESLIE B, FITZROY-DALE N, HEISER G.Encapsulated User-Level Device Drivers in the Mungi Operating System[C]// University of Adelaide. Workshop on Object Systems and Software Architectures, January 11-14, 2004, Victor Harbor, South Australia. South Australia: The University of Adelaide, 2004: 16-30.
[7]	SWIFT M M, MARTIN S, LEVY H M, et al.Nooks: An Architecture for Reliable Device Drivers[C]//ACM. The 10th workshop on ACM SIGOPS European workshop, July 01, 2002, Saint-Emilion, France. New York: ACM, 2002: 102-107.
[8]	WANG X, CHENG C.Access Control Using Trusted Virtual Machine Based on Xen[M]//Applied Informatics and Communication. Berlin: Springer Berlin Heidelberg, 2011: 94-101.
[9]	ZHOU F, CONDIT J, ANDERSON Z, et al.SafeDrive: Safe and Recoverable Extensions Using Language-Based Techniques[C]// USENIX Association. The 7th symposium on Operating systems design and implementation, November 6-8, 2006, Washington, USA. Berkeley: USENIX Association, 2006: 45-60.
[10]	TSIGKOGIANNIS I. Introduction to the User-Mode Driver Framework [EB/OL]. , 2006-10-10.
[11]	HERDER J N, BOS H, GRAS B, et al.MINIX 3: A Highly Reliable, Self-Repairing Operating System[J]. ACM SIGOPS Operating Systems Review, 2006, 40(3): 80-89.
[12]	GANAPATHY V, RENZELMANN M, BALAKRISHNAN A, et al.The Design and Implementation of Microdrivers[J]. ACM SIGARCH Computer Architecture News, 2008, 36(1):168-178.
[13]	PROVOS N.Improving Host Security with System Call Policies[C]// USENIX Association. The 12th conference on USENIX Security Symposium, August 04 - 08, 2003, Washington, DC. Berkeley: USENIX Association, 2003:257-272.
[14]	NEIRA-AYUSO P, GASCA R M, LEFEVRE L.Communicating between the Kernel and User-Space in Linux Using Netlink Sockets[J]. Software: Practice and Experience, 2010, 40(9): 797-810.
[15]	ZHOU Li, TAN Fangyong, GAO Xiaohui.Research on Application of Netlink Socket Communication in Linux IPSec Support Mechanism[C]// IEEE. ICCSE 2010: 5th International Conference on Computer Science and Education, August 24-27, 2010, Hefei, China. IEEE, 2010: 933-936.
[16]	卿斯汉. 关键基础设施安全防护[J]. 信息网络安全,2015(2):1-6.
[17]	王永娟, 郝家宝. 网络信息安全的威胁与防范技术研究[J]. 中国管理信息化,2015,18(20):146.
[18]	文伟平,郭荣华,孟正,等. 信息安全风险评估关键技术研究与实现[J]. 信息网络安全,2015(2):7-14.
[19]	杨宁学, 诸昌钤, 聂爱丽. 内存映射文件及其在大数据量文件快速存取中的应用[J]. 计算机应用研究, 2004, 21(8): 187-188.

设备驱动非内核化通信架构的研究与实现

Study and Implementation of Communication Mechanism for Non-kernel Device Drivers

RichHTML

可视化

摘要/Abstract

引用本文

使用本文

图/表 10

参考文献 19

相关文章 3

编辑推荐

Metrics

本文评价

[1]	翟高寿, 刘晨, 向勇. 基于内核函数监控的Linux系统防护方法的研究与实现[J]. 信息网络安全, 2018, 18(3): 26-38.
[2]	卿斯汉. 关键基础设施安全防护[J]. 信息网络安全, 2015, 15(2): 1-6.
[3]	李科. 服务器操作系统的测评方法[J]. , 2012, 12(Z): 0-0.