Architecture Of Device Driver Based On Proxy Modules In Kernel And Function Library In User-space

With the development of computer science and the improving of hardware performance, the stability and security of operating systems become the main challenge now. The safety of the operating system determines the security of the entire computer system. The kernel, which is the core of the operating system, its stability and security are vital to the operating system. According to that70%codes in kernel are driver’s codes, device drivers are the main source of operating system vulnerabilities. The codes in kernel are considered as trustable codes, device drivers are running in kernel as a loadable kernel module with kernel privileges. If device drivers in kernel have vulnerabilities or malicious codes, the stability and security of the operating system will be under threat. In addition, as device driver programmers are not all familiar with kernel, the quality of driver codes is different. In order to secure the operating system, a method based on driver isolation implementing user-space drivers is presented.Based on the research of the network device driver model in Linux and the analyzation of the key technology, a user driver framework based on factorization of driver codes is designed and implemented. The driver can be divided into the user space function library part in user mode and kernel proxy module part in kernel mode. The specific functions and the principle of dividing codes are proposed after analyzing the driver codes by using cflow. The codes in user-space are less called and independent of performance, the codes in kernel driver proxy module are the key part remained. Taking network driver PCnet32as an example, the isolation of driver is implemented based on the factorization of network driver between user-space and kernel-space. To a certain extent, the driver isolation is implemented and the possibility of crash caused by driver bug is reduced, as well as the amount of codes in kernel. The factorization of Pcnet32driver achieves the goal of ensuring the security and the performance of operating systems.At the same time, the correctness and performance of this user-space driver prototype have been proved. The results show that this method guarantees the effectiveness and the performance of operating systems.