• Title/Summary/Keyword: operating system kernel

Search Result 161, Processing Time 0.04 seconds

AIT: A method for operating system kernel function call graph generation with a virtualization technique

  • Jiao, Longlong;Luo, Senlin;Liu, Wangtong;Pan, Limin
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.14 no.5
    • /
    • pp.2084-2100
    • /
    • 2020
  • Operating system (OS) kernel function call graphs have been widely used in OS analysis and defense. However, most existing methods and tools for generating function call graphs are designed for application programs, and cannot be used for generating OS kernel function call graphs. This paper proposes a virtualization-based call graph generation method called Acquire in Trap (AIT). When target kernel functions are called, AIT dynamically initiates a system trap with the help of a virtualization technique. It then analyzes and records the calling relationships for trap handling by traversing the kernel stacks and the code space. Our experimental results show that the proposed method is feasible for both Linux and Windows OSs, including 32 and 64-bit versions, with high recall and precision rates. AIT is independent of the source code, compiler and OS kernel architecture, and is a universal method for generating OS kernel function call graphs.

Design and Implementation of the USN kernel with Event-based Preemption (USN 위한 이벤트 중심의 선점형 커널의 디자인과 구현)

  • Han, Sang-Woo;Han, Sang-Eun;Kim, Joong-Heon
    • Proceedings of the KIEE Conference
    • /
    • 2007.10a
    • /
    • pp.499-500
    • /
    • 2007
  • The various sensor nodes operating in Ubiquitous Sensor Network environment require the tiny Operating System different from the existing pc-type operating system because of their characteristics. Also Sensor Network operating system needs to support the rapid event handling which sensor node must implement. In this paper, we overcome the drawbacks of the existing sensor network operating system and propose the new kernel which is designed to assist developer to construct event-central operating system entirely. We also evaluate the performance of the super tiny sensor network operating system based on proposed kernel, comparing with that of the existing sensor network operating system.

  • PDF

Fault Isolation for Linux Device Drivers

  • Son, Sunghoon
    • Journal of the Korea Society of Computer and Information
    • /
    • v.22 no.4
    • /
    • pp.1-8
    • /
    • 2017
  • In this paper, we propose a fault isolation system for device drivers of the Linux operating system. High availability systems impose stringent requirements upon Linux operating system. Especially device drivers can be a major source of operating system instability and many times contribute to system degradation and outages. The proposed fault isolation system identifies the occurrence of the memory-related faults in device driver and isolates it from the kernel. By operating at the early stage of the page fault handler in Linux kernel, the system detects which module causes fault and isolates it transparently from the remaining part of the kernel. By experiments, we show that the proposed system efficiently detects faults incurred by device driver, isolates the device driver and the process which accessed the driver module from the kernel.

Separation of Kernel Space and User Space in Zephyr Kernel (Zephyr 커널에서 커널 공간과 사용자 공간의 분리 구현)

  • Kim, Eunyoung;Shin, Dongha
    • IEMEK Journal of Embedded Systems and Applications
    • /
    • v.13 no.4
    • /
    • pp.187-194
    • /
    • 2018
  • The operating system for IoT should have a small memory footprint and provide low power state, real-time, multitasking, various network protocols, and security. Although the Zephyr kernel, an operating system for IoT, released by the Linux Foundation in February 2016, has these features but errors generated by the user code can generate fatal problems in the system because the Zephyr kernel adopts a single-space method that both the user code and kernel code execute in the same space. In this research, we propose a space separation method, which separates kernel space and user space, to solve this problem. The space separation that we propose consists of three modifications in Zephyr kernel. The first is the code separation that kernel code and user code execute in each space while using different stacks. The second is the kernel space protection that generates an exception by using the MPU (Memory Protection Unit) when the user code accesses the kernel space. The third is the SVC based system call that executes the system call using the SVC instruction that generates the exception. In this research, we implemented the space separation in Zephyr v1.8.0 and evaluated safety through abnormal execution of the user code. As the result, the kernel was not crashed by the errors generated by the user code and was normally executed.

Implementation of the Kernel Hardening Function in the Linux Kernel (리눅스 커널에서 하드닝 기능 구현)

  • Jang, Seung-Ju
    • The KIPS Transactions:PartA
    • /
    • v.11A no.4
    • /
    • pp.227-234
    • /
    • 2004
  • A panic state is often caused by careless computer control. It could be also caused by a kernel programmer's mistake. When panic is occurred, the process of the panic state has to be checked, then if it can be restored, operating system restores it, but if not, operating system runs the panic function to stop the system in the kernel hardening O.S. To decide recovery of the process, the type of the panic for the present process should be checked. The value type and the address type have to restore the process. If the system process has a panic state, the system should be designed to shutdown hardening function in the Linux operating system.

mSROS : Real-Time Operating System for Device Controller System in ATM Switching Systems (mSROS : ATM 교환기 장치 제어계를 위한 실시간 운영체제)

  • 김형환;정부금
    • Proceedings of the IEEK Conference
    • /
    • 1998.10a
    • /
    • pp.285-288
    • /
    • 1998
  • In this paper, we present mSROS(Micro-Scalable Realtime Operating System) to be applied commonly to the device controller systems in the HANbit ACE256 system. The device controller systems in HANbit ACE256 system are organized as many kinds of device controller. Applying modified PPOS(Peripheral Processor Operating System)which is an operating system for devices of the TDX-10 switching system to the firmwares for them, the inefficiency in development and maintenance exists inherently. To remove the inefficiency nd to improve the performqance of firmwares, we build a common operating system platform that including multi-tasking microkernel so that the firmwares among devices can acquire convenient development and cheap cost of maintencance. Especially, building a virtual machine as a development methodology, it is possible to remove dependency from the kernel so that any kinds of commercial real-time kernels can be used in mSROS as a basic kernel. The virtual machine in mSROS is compatible with the API of SROS(Scalable Realtime Operating System), PPOS, and CROS(Concurrent Realtime Operating System).

  • PDF

Design of the Kernel Hardening Function for Stability the Linux Operating System (리눅스 운영체제 안정화를 위한 커널 하드닝 기능 설계)

  • Jang Seung-Ju
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.9 no.6
    • /
    • pp.1333-1340
    • /
    • 2005
  • This paper is based on the study to reduce a system panic state. A panic state could be caused by a programmer or an administrator's careless mistake. The proposed hardening Operating System of this paper stops the process which is running in the kernel with an error. The error process for the value type and the address type of a certain variable have to be restored. Installed with kernel hardening, Operating System checks the recovery possibility of the process first and then restores the process which can be recovered. When it is possible to recover the kernel code with an error, it is to be recovered in ASSERT() function.

Design and Implementation of Kernel Resource Management Scheme (커널 자원 관리 기법 설계 및 구현)

  • Kim, Byung-Jin;Baek, Seung-Jae;Kim, Keun-Eun;Choi, Jong-Moo
    • Journal of KIISE:Computer Systems and Theory
    • /
    • v.36 no.3
    • /
    • pp.181-190
    • /
    • 2009
  • Module is an object file that can be loaded into operating system dynamically and has complete privileged access to all resources in kernel. Therefore trivial misuses in a module may cause critical system halts or deadlock situations. In this paper, we propose Kernel Resource Protector(KRP) scheme to reduce the various problems caused by module. KRP provides protections of a variety of kernel resources such as memory, major number and work queue resource. We implement the scheme onto linux kernel 2.6.18, and experimental results show that our scheme can protect kernel resources effectively.

Establishment of a secure networking between Secure OSs

  • Lim, Jae-Deok;Yu, Joon-Suk;Kim, Jeong-Nyeo
    • 제어로봇시스템학회:학술대회논문집
    • /
    • 2003.10a
    • /
    • pp.2097-2100
    • /
    • 2003
  • Many studies have been done on secure operating system using secure kernel that has various access control policies for system security. Secure kernel can protect user or system data from unauthorized and/or illegal accesses by applying various access control policies like DAC(Discretionary Access Control), MAC(Mandatory Access Control), RBAC(Role Based Access Control), and so on. But, even if secure operating system is running under various access control policies, network traffic among these secure operating systems can be captured and exposed easily by network monitoring tools like packet sniffer if there is no protection policy for network traffic among secure operating systems. For this reason, protection for data within network traffic is as important as protection for data within local system. In this paper, we propose a secure operating system trusted channel, SOSTC, as a prototype of a simple secure network protocol that can protect network traffic among secure operating systems and can transfer security information of the subject. It is significant that SOSTC can be used to extend a security range of secure operating system to the network environment.

  • PDF

An Efficient Kernel Introspection System using a Secure Timer on TrustZone (TrustZone의 시큐어 타이머를 이용한 효율적인 커널 검사 시스템)

  • Kim, Jinmok;Kim, Donguk;Park, Jinbum;Kim, Jihoon;Kim, Hyoungshick
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.25 no.4
    • /
    • pp.863-872
    • /
    • 2015
  • Kernel rootkit is recognized as one of the most severe and widespread threats to corrupt the integrity of an operating system. Without an external monitor as a root of trust, it is not easy to detect kernel rootkits which can intercept and modify communications at the interfaces between operating system components. To provide such a monitor isolated from an operating system that can be compromised, most existing solutions are based on external hardware. Unlike those solutions, we develop a kernel introspection system based on the ARM TrustZone technology without incurring extra hardware cost, which can provide a secure memory space in isolation from the rest of the system. We particularly use a secure timer to implement an autonomous switch between secure and non-secure modes. To ensure integrity of reference, this system measured reference from vmlinux which is a kernel original image. In addition, the flexibility of monitoring block size can be configured for efficient kernel introspection system. The experimental results show that a secure kernel introspection system is provided without incurring any significant performance penalty (maximum 6% decrease in execution time compared with the normal operating system).