Toward Linux kernel memory safety. (19th September 2018)
- Record Type:
- Journal Article
- Title:
- Toward Linux kernel memory safety. (19th September 2018)
- Main Title:
- Toward Linux kernel memory safety
- Authors:
- Reshetova, Elena
Liljestrand, Hans
Paverd, Andrew
Asokan, N. - Abstract:
- Summary: The security of billions of devices worldwide depends on the security and robustness of the mainline Linux kernel. However, the increasing number of kernel‐specific vulnerabilities, especially memory safety vulnerabilities, shows that the kernel is a popular and practically exploitable target. Two major causes of memory safety vulnerabilities are reference counter overflows (temporal memory errors) and lack of pointer bounds checking (spatial memory errors). To succeed in practice, security mechanisms for critical systems like the Linux kernel must also consider performance and deployability as critical design objectives. We present and systematically analyze two such mechanisms for improving memory safety in the Linux kernel, ie, (1) an overflow‐resistant reference counter data structure designed to securely accommodate typical reference counter usage in kernel source code and (2) runtime pointer bounds checking using Intel memory protection extension in the kernel. We have implemented both mechanisms and we analyze their security, performance, and deployability. We also reflect on our experience of engaging with Linux kernel developers and successfully integrating the new reference counter data structure into the mainline Linux kernel.
- Is Part Of:
- Software, practice & experience. Volume 48:Number 12(2018)
- Journal:
- Software, practice & experience
- Issue:
- Volume 48:Number 12(2018)
- Issue Display:
- Volume 48, Issue 12 (2018)
- Year:
- 2018
- Volume:
- 48
- Issue:
- 12
- Issue Sort Value:
- 2018-0048-0012-0000
- Page Start:
- 2237
- Page End:
- 2256
- Publication Date:
- 2018-09-19
- Subjects:
- Linux kernel -- Linux kernel development process -- memory safety
Computer software -- Periodicals
Computer programming -- Periodicals
Computer programs -- Periodicals
005.3 - Journal URLs:
- http://onlinelibrary.wiley.com/ ↗
- DOI:
- 10.1002/spe.2638 ↗
- Languages:
- English
- ISSNs:
- 0038-0644
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 8321.453000
British Library DSC - BLDSS-3PM
British Library STI - ELD Digital store - Ingest File:
- 8482.xml