期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

Linux内核mmap保护机制研究 被引量:2

Linux Kernel mmap Protection Mechanism Research
在线阅读 下载PDF
导出
摘要 为加快数据交换速度,Linux设备驱动程序提供了mmap接口.用户进程通过调用mmap函数在用户空间和内核之间直接共享物理内存.为保障内核安全,mmap接口需要检查用户进程传入的内存映射起始位置、长度等输入参数,疏于检查或检查逻辑存在疏漏的接口将直接威胁系统的安全.分析了mmap接口参数检查的主要问题,提出了一种基于登记策略的内核保护机制. To speed up data exchange, many Linux device drivers provide mmap handler interface, and user processes directly share physical memory between user space and the kernel space by calling mmap. To ensure kernel security, mmap handler interface should check arguments passed in by user process, such as the starting location and the length of memory mapping. Those interfaces which are negligent in checking or have loopholes in checking logic may directly threaten the security of the system. This paper analyzes the main problems of mmap handler argument checking, and proposes a kernel protection mechanism based on registration policy.
作者 劳伟 Lao Wei(Research and Development Center,Agricultural Bank of China,Bei J ing 100073)
机构地区 中国农业银行股份有限公司研发中心
出处 《信息安全研究》 2018年第12期1135-1141,共7页 Journal of Information Security Research
关键词 LINUX 驱动程序 mmap 参数检查 登记策略 内核保护 Linux driver mmap argument checking registration policy kernel protection
分类号 TP316 [自动化与计算机技术—计算机软件与理论]
  • 相关文献

参考文献2

二级参考文献12

  • 1毛德操,胡希明.Linux内核源代码情景分析[M]浙江大学出版社,2001.
  • 2Chou A,Yang J,Chelf B,et al.An empirical study of operating systems errors[C]∥Proc of the 8th ACM Symposium on Operating System Principles,2001:73-88.
  • 3Swift M M,Martin S,Levy H M,et al.Nooks:An architecture for reliable device drivers[C]∥Proc of the 10th Workshop on ACM SIGOPS European Workshop,2002:102-107.
  • 4Wang X,Chen H,Jia Z,et al.Improving integer security for systems with KINT[C]∥Proc of the 10th USENIX Conference on Operating Systems Design and Implementation,2012:163-177.
  • 5Beyer D,Henzinger T A,Jhala R,et al.The software model checker BLAST:Applications to software engineering[J].International Journal on Software Tools for Technology Transfer,2007,9(5-6):505-525.
  • 6Ball T,Bounimova E,Cook B,et al.Through static analysis of device drivers[J].ACM SIGOPS Operating Systems Review,2006,40(4):73-85.
  • 7Chipounov V,Kuznetsov V,Candea G.S2E:A platform for in-vivo multi-path analysis of software systems[J].ACM SIGARCH Computer Architecture News,2011,39(1):265-278.
  • 8Cadar C,Dunbar D,Engler D R.KLEE:Unassisted and automatic generation of high-coverage tests for complex systems programs[C]∥Proc of OSDI,2008:209-224.
  • 9Lattner C,Adve V.LLVM:A compilation framework for lifelong program analysis&transformation[C]∥Proc of International Symposium on Code Generation and Optimization,2004:75-86.
  • 10Kuznetsov V,Chipounov V,Candea G.Testing closed-source binary device drivers with DDT[C]∥Proc of the 2010USENIX Annual Technical Conference,2010.

共引文献6

同被引文献18

引证文献2

二级引证文献5

信息安全研究
2018年 第12期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部