| To improve the extensibility and maintainablility of the kernel,Linux allows developers to use the kernel module mechanism to implement their own functions,such as device drivers,file systems,etc.,and dynamically loads them into the kernel.In this way,those kernel modules enjoy the same high privileges as the main kernel.From mobile to Io T devices,more and more modules are developed to support their functionality.These third-party modules,however,do not count with the same code robustness,security-check rigorousness,and maturity enjoyed by the main kernel,which is developed by experts.As such,these modules pose an increased threat to computer systems0.While there have been many efforts directed to protect the kernel or sanitize it to eliminate vulnerabilities before release,current solutions either rely only on the source code,introduce too much overhead(e.g.,2-3x),or have too many requirements(e.g.,substantial kernel modifications).Based on the above problems,this paper proposes a modular and dynamic tracing framework enabled by the Embedded Trace Macrocell(ETM)debugging feature in ARM processors.The primary contributions of this paper are highlighted as follows:(1)We propose a modular and dynamic tracing framework enabled by the Embedded Trace Macrocell(ETM)debugging feature,named HART.Powered by even the minimum supports of ETM,HART can trace binary-only modules without any modification to the main kernel efficiently,and plug and play on any module at any time.(2)Based on the convenient interfaces that HART provides for users to further build tracing-based security solutions,we demonstrate a modular Address Sanitizer HASAN to interpret the extensibility of HART.HASAN can effectively detect the memory corruptions without the aforementioned limitations.(3)We implement HART and HASAN with Freescale i.MX53 Quick Start Boaard.(4)We evaluate HART and HASAN from the effectiveness and the performance overhead,and compare them with the state-of-the-art work,showing their superiority. |
PDF Full Text Request