| Most of the security risks in Linux system are caused by kernel,and device drivers occupy an important position in the kernel source code.Therefore,the security vulnerabilities involved in device drivers are highly likely to cause embarrassment to the entire operating system.Since the driver's design logic and workflow are fundamentally different from other programs in the kernel,and most of the device drivers'working scene involves not only the interaction with kernel,but also the interaction with hardware,this adds to the extent that it is difficult to analyze the driver.Since the device driver of the Linux system works in the kernel mode,in this specific work scenario,the vulnerability caused by the device driver can easily affect the stability and security of the operating system.At present,the most proportion of various types of device driver vulnerabilities is resource operation vulnerability.In this case,a vulnerability device detection method of device drivers based on pair functions' calling context is proposed.This paper offers a summary of the latest trends of device drivers' security vulnerabilities and related research methods,takes the widely used drivers such as sound,network and USB as the analysis object.In-depth research is conducted on the analysis methods and techniques for detecting security vulnerabilities related to memory resources.This paper establish the corresponding vulnerability detection prototype based on pair function.First,we systematically preprocess the driver source code;extract the function prototype information,dependent interface function of device drivers and other information for further analysis.The concept of pair function and calling context is introduced,according to this,the specific driver code is automatically extracted and optimized,and the execution path is used to construct the calling context of the pair function.Pair check is performed in each calling context to detect memory resources'hierarchical match between request and release.Finally,we detect and verify whether there are security bugs related to the memory resource in the automatically generated exception result report.In order to verify the effectiveness of this method,the experimental results of the vulnerability detection prototype designed by the relevant functional test and performance test show that this method can achieve high source code coverage.Compared with other research work,this method does not depend on the drivers' compiling intermediate results and hardware devices,so it has better portability and scalability.According to the various functional indicators and performance indicators in the experiment,the results also reflect the high accuracy of this method and low load characteristics.This method can be used as a device drivers' auxiliary detection scheme to help drive developers to maintain drivers' code more efficiently and to troubleshoot related security vulnerabilities. |
PDF Full Text Request