期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

操作系统内核程序函数执行上下文的自动检验 被引量:5

Automatedly Checking Function Execution Context of Kernel Programs in Operation Systems
在线阅读 下载PDF
导出
摘要 函数执行上下文正确性是操作系统内核程序最容易违反且难以检查的正确性性质.应用传统的技术检查该类错误都有一定的困难和局限性.提出一个验证函数执行上下文正确性的框架PRPF,详细描述了其建模过程和相关算法.PRPF相比传统技术的优势有:直接检查源代码、无须编写形式化的验证规约、较低的时空运行开销、良好的可扩展性等等.该技术已应用在Linux内核2.4.20的网络设备驱动程序检查中.应用表明,PRPF能够自动探测程序中所有执行路径,有效地检查函数执行上下文的正确性.实验发现了Linux内核的23处编程错误,另有5处误报.该技术对提高内核代码编写的质量可起到重要作用. Function execution context correctness is one of the most easily violated critical properties by OS (operation system) kernel programs while it is non-trivial to be checked out. The existing solutions suffer some difficulty and limitation. This paper presents a framework PRPF to check the correctness of function execution context, as well as the modeling process and algorithms in detail. The PRPF has the advantages, such as direct checking source code, no need writing formal specifications, low time and space costs, and perfect scalability, etc., over the existing techniques. The technique has been applied in checking the Linux kernel source 2.4.20. The experimental results show that PRPF can check the correctness of function execution context as expected by automatically exploring all paths in the sources. As a result, 23 errors and 5 false positives are found in the 'drivers/net' source directory. The technique is very helpful in improving the quality of OS kernel codes.
作者 汪黎 杨学军 王戟 罗宇
机构地区 国防科学技术大学计算机学院
出处 《软件学报》 EI CSCD 北大核心 2007年第4期1056-1067,共12页 Journal of Software
基金 SupportedbytheNationalNaturalScienceFoundationofChinaunderGrantNo.60233020(国家自然科学基金) theNationalHigh-TechResearchandDevelopmentPlanofChinaunderGrantNo.2002AAIZ2101(国家高技术研究发展计划(863)) theProgramforNewCenturyExcellentTalentsinUniversityofChinaunderGrantNo.NCET-04-0996(新世纪优秀人才支持计划)
关键词 操作系统内核程序 内核编程接口 程序验证 程序正确性 Linux内核验证 OS (operation system) kernel programs kernel programming interfaces program verification program correctness verification of Linux kernel
分类号 TP316 [自动化与计算机技术—计算机软件与理论]
  • 相关文献

参考文献31

  • 1Kylin project.2007.http://www.kylin.org.cn
  • 2Linux kernel mailing list archive.2007.http://www.uwsg.indiana.edu/hypermail/linux/kernel/
  • 3Corbet J,Kroah-Hartman G,Rubini A.Linux Device Drivers.3rd ed.,O'Reilly,2005.
  • 4Love R.Linux Kernel Development.2nd ed.,Sams Publishing,2005.
  • 5Bovet DP,Cesati M.Understanding the Linux Kernel.3rd ed.,O'Reilly,2005.
  • 6Russell R.Unreliable guide to locking.2003.Http://www.kernel.org/pub/linux/kernel/people/rusty/kernel-locking/index.html
  • 7The Linux kernel API.2005.http://kernelbook.sourceforge.net/kernel-api.html/
  • 8Chou A,Yang J,Chelf B,Hallem S,Engler DR.An empirical study of operating systems errors.In:Proc.of the 18th ACM Symp.Operating Systems Principles.ACM Press,2001.73-88.
  • 9Beyer D,Henzinger TA,Jhala R,Majumdar R.Checking memory safety with blast.In:Proc.of the FASE 2005.LNCS 3442,Springer-Verlag,2005.2-18.
  • 10Musuvathi M,Engler DR.Model checking large network protocol implementations.In:Proc.of the 1st Symp.on Networked Systems Design and Implementation.San Francisco:USENIX,2004.

同被引文献65

  • 1李伟明,于俊清,艾少波.PyFuzzer:自动化高效内存模糊测试方法[J].通信学报,2013,34(S2):64-68. 被引量:3
  • 2夏一民,罗军,张民选.基于条件范围约束的越界访问检测方法[J].计算机研究与发展,2006,43(10):1760-1766. 被引量:2
  • 3Godefroid P, Levin M Y, Molnar D. Automated whitebox fuzz testing//Proceedings of the Network and Distributed System Security Symposium. San Diego, CA, 2008.
  • 4Cadar C, Ganesh V, Pawlowski P M, Dill D L, Engler D R. EXE: Automatically generating inputs of death//Proceedings of the 13th ACM Conference on Computer and Communications Security. Alexandria, VA, USA, 2006:322-335.
  • 5Linn C, Debray S. Obfuscation of executable code to improve resistance to static disassembly//Proceedings of the 10th ACM Conference on Computer and Communications Security. Washing:ton DC, USA, 2003:290-299.
  • 6Boonstoppel P, Cadar C, Engler D. RWset: Attacking path explosion in constraint-based test generation//Proceedings of the 14th International Conference. TACAS, Budapest, Hungary, 2008:351-366.
  • 7Xie T, Tillmann N, de Halleux J, Schulte W. Fitness-guided path exploration in dynamic symbolic execution. Microsoft: MSR-TR-2008-123, 2008.
  • 8Balakrishnan G, Reps T. Analyzing memory accesses in x86 exeeutables//Proceedings of the 13th International Conferenee on Compiler Construction. Barcelona, Spain, 2004:5-23.
  • 9Balakrishnan G, Gruian R, Reps T, Teitelbaum T. Codesurfer/x86--A platform for analyzing x86 executables//Proceedings of the 14th International Conference on Compiler Construction. Edinburgh, Scotland, 2005:250-254.
  • 10Cova M, Felmetsger V, Banks G, Vigna G. Static detection of vulnerabilities in x86 executables//Proceedings of the Annual Computer Security Applications Conference (ACSAC). Miami, FL,USA, 2006:269-278.

引证文献5

二级引证文献62

软件学报
2007年 第4期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部