Research Report: On the Feasibility of Retrofitting Operating Systems with Generated Protocol Parsers

2022 IEEE Security and Privacy Workshops (SPW) Pub Date : 2022-05-01 DOI:10.1109/spw54247.2022.9833857

Wayne Wang, Peter C. Johnson

{"title":"Research Report: On the Feasibility of Retrofitting Operating Systems with Generated Protocol Parsers","authors":"Wayne Wang, Peter C. Johnson","doi":"10.1109/spw54247.2022.9833857","DOIUrl":null,"url":null,"abstract":"Parser generators show great promise in producing more secure input validation and processing routines. Operating system kernels are a particularly appealing place to deploy generated parsers due to their position at the periphery of a machine’s attack surface, the power they wield, and their complexity. At the same time, kernels can also be byzantine and idiosyncratic. Before we attempt to create generated parsers for wide deployment into kernels, therefore, it is important to understand how much of the existing codebase those parsers will replace, what (if any) functionality beyond parsing the generated code will need to implement, and what kernel facilities the code must integrate with. To answer these questions, we analyzed three protocol implementations in each of three open-source kernels to understand their behavior and organization. We identified commonalities and differences, measured the quantity of code used for different purposes, identified when and how multiplexing decisions were made, and analyzed the order in which operations were performed. We intend this analysis to inform the creation of generated parsers, for a variety of protocols, that can be smoothly integrated into modern kernels.","PeriodicalId":334852,"journal":{"name":"2022 IEEE Security and Privacy Workshops (SPW)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 IEEE Security and Privacy Workshops (SPW)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/spw54247.2022.9833857","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

Parser generators show great promise in producing more secure input validation and processing routines. Operating system kernels are a particularly appealing place to deploy generated parsers due to their position at the periphery of a machine’s attack surface, the power they wield, and their complexity. At the same time, kernels can also be byzantine and idiosyncratic. Before we attempt to create generated parsers for wide deployment into kernels, therefore, it is important to understand how much of the existing codebase those parsers will replace, what (if any) functionality beyond parsing the generated code will need to implement, and what kernel facilities the code must integrate with. To answer these questions, we analyzed three protocol implementations in each of three open-source kernels to understand their behavior and organization. We identified commonalities and differences, measured the quantity of code used for different purposes, identified when and how multiplexing decisions were made, and analyzed the order in which operations were performed. We intend this analysis to inform the creation of generated parsers, for a variety of protocols, that can be smoothly integrated into modern kernels.

查看原文本刊更多论文

研究报告:用生成协议解析器改造操作系统的可行性

解析器生成器在生成更安全的输入验证和处理例程方面大有希望。操作系统内核是部署生成解析器的一个特别吸引人的地方，因为它们位于机器攻击面的外围，具有强大的功能，而且非常复杂。同时，内核也可以是拜占庭式的和特殊的。因此，在我们尝试创建生成的解析器以广泛部署到内核之前，重要的是要了解这些解析器将取代多少现有的代码库，解析生成的代码之外需要实现哪些(如果有的话)功能，以及代码必须与哪些内核设施集成。为了回答这些问题，我们分析了三个开源内核中的三个协议实现，以了解它们的行为和组织。我们确定了共性和差异，测量了用于不同目的的代码数量，确定了何时以及如何做出多路复用决策，并分析了执行操作的顺序。我们打算通过此分析为各种协议生成解析器的创建提供信息，这些解析器可以顺利地集成到现代内核中。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2022 IEEE Security and Privacy Workshops (SPW)

自引率

0.00%

发文量