Browse > Article

Design and Implementation of Kernel Resource Management Scheme  

Kim, Byung-Jin (벽산정보통신)
Baek, Seung-Jae (단국대학교 컴퓨터학과)
Kim, Keun-Eun (한국정보사회진흥원 u-응용사업팀)
Choi, Jong-Moo (단국대학교 컴퓨터학부)
Publication Information
Journal of KIISE:Computer Systems and Theory / v.36, no.3, 2009 , pp. 181-190 More about this Journal
Abstract
Module is an object file that can be loaded into operating system dynamically and has complete privileged access to all resources in kernel. Therefore trivial misuses in a module may cause critical system halts or deadlock situations. In this paper, we propose Kernel Resource Protector(KRP) scheme to reduce the various problems caused by module. KRP provides protections of a variety of kernel resources such as memory, major number and work queue resource. We implement the scheme onto linux kernel 2.6.18, and experimental results show that our scheme can protect kernel resources effectively.
Keywords
Module; Fault isolation; Resources protecting scheme; Operating system;
Citations & Related Records
연도 인용수 순위
  • Reference
1 M. Abadi, M. Budiu, U. Erlingsson, J. Ligatti, "Control-flow integrity: Principles, implementations, and applications," In Proceedings of the 12th ACM conference on Computer and communications security, pp. 340-353, 2005.
2 Feng Qin, Joseph Tucek, Jagadeesan Sundaresan, Yuanyuan Zhou, "Rx: Treating Bugs As Allergies - A Safe Method to Survice Software Failures," In Proceedings of the 20th ACM Symposium on Operating Systems Principles, pp. 235-248, 2005.
3 S. McCamant and G. Morrisett, "Evaluating SFI for a CISC architecture," In Proceedings of the 15th conference on USENIX Security Symposium, pp. 209-224, 2006.
4 Robert Wahbe, Steven Lucco, Thomas E. Anderson, Susan L. Graham, "Efficient software-based fault isolation," In Proceedings of the 14th ACM Symposium on Operating Systems Principles, pp. 203-216, 1994.
5 Jongmoo Choi, Seungjae Baek, Sung Y. Shin, "Design and Implementation of a Kernel Resource Protector for Robustness of Linux Module Programming," The 21st Annual ACM Symposium on Applied Computing, pp. 1477-1481, 2006.
6 Lin Tan, Ellick M. Chan, Reza Farivar, Nevedita Mallick, Jeffrey C. Carlyle, Francis M. David, Roy H. Campbell, "iKernel: Isolating Buggy and Malicious Device Drivers Using Hardware Virtualization Support," Third IEEE International Symposium on Dependable, Autonomic and Secure Computing, pp. 134-142, 2007.
7 J. LeVasseur, V. Uhlig, J. Stoess, S. Gotz, "Unmodified Device Driver Reuse and Improved System Dependability via Virtual Machines," In Proceedings of the 6th conference on Symposium on Operating Systems Design and Implementation, pp. 17-30, 2004.
8 Richard Ta-Min, Lionel Litty, David Lie, "Splitting Interfaces: Making Trust Between Applications and Operating Systems Configurable," In Proceedings of the 7th symposium on Operating Systems Design and Implementation, pp. 279-292, 2006.
9 J. Liedtke, "On Microkernel Construction," ACM SIGOPS Operating Systems Review, Vol.29, Issue. 5, pp. 237-250, 1995.   DOI
10 Roy H. Campbell, Nayeem Islam, Ralph Johnson, Panos Kougiouris, Peter Madany, "Choices, Frameworks and Refinement," In Proceedings of the International Workshop on Object Orientation in Operating Systems, pp. 9-15, 1991.
11 G. Hunt et. al., "An Overview of Singularity Project," Microsoft Research Technical Report, http://research.microsoft.com/research/pubs/view.aspx?msr_tr_id=MSR-TR-2005-135, 2005.
12 B. Bershad, S. Savage, P. Pardyak, E. G. Sirer, D. Becker, M. Fiuczynski, C. Chambers, S. Eggers, "Extensibility, safety and performance in the SPIN operating system," In Proceedings of the fifteenth ACM symposium on Operating systems Principles, pp. 267-283, 1995.
13 M. M. Swift, B. N. Bershad, and H. M. Levy, "Improving the reliability of commodity operating systems," In Proceedings of the Nineteenth ACM Symposium on Operating Systems Principles, pp. 207-222, 2003.
14 U. Erlingsson, M. Abadi, M. Vrable, "XFI: Software Guards for System Address Spaces," In Proceedings of the 7th Operating System Design and Implementation, pp. 75-88, 2006.
15 D. P. Bovet and M. Cesati, Understanding the Linux Kernel, 3rd ed., O'Reilly, 2005.
16 D. A. Kaplan, "RingCycle: A Hardware based approach to driver isolation," http://www.acm.uiuc.edu/projects/RingCycle/browser/RingCycle.pdf, 2006.
17 W. Stalling, Operating Systems: Internals and Design Principle, 5th ed., Pearson Prentice Hall, 2004.
18 J. Liedtke, "On Microkernel Construction," ACM SIGOPS Operating Systems Review, Vol.29, Issue. 5, pp. 237-250, 1995.
19 M. M. Swift, B. N. Bershad and H. M. Levy, "Improving the reliability of Commodity Operating System," Proceedings of the 19th ACM Symposium on Operating Systems Principles(SOSP), pp. 207-222, October 2003.
20 B. N. Bershad, S. Savage, P. Pardyak, D. Becker, M. Fiuczynski, E. G. Sirer, "Protections is a Software Issue," Proceedings of the Fifth Workshop on Hot Topics in Operating Systems (HotOSV), pp. 62-65, 1995.