S. Bratus, James Oakley, Ashwin Ramaswamy, Sean W. Smith, M. Locasto
{"title":"武士刀:将补丁作为编译器-链接器-加载器工具链的运行时部分","authors":"S. Bratus, James Oakley, Ashwin Ramaswamy, Sean W. Smith, M. Locasto","doi":"10.4018/JSSE.2010070101","DOIUrl":null,"url":null,"abstract":"The mechanics of hot patching the process of upgrading a program while it executes remain understudied, even though it offers capabilities that act as practical benefits for both consumer and mission-critical systems. A reliable hot patching procedure would serve particularly well by reducing the downtime necessary for critical functionality or security upgrades. However, hot patching also carries the risk-real or perceived-of leaving the system in an inconsistent state, which leads many owners to forgo its benefits as too risky; for systems where availability is critical, this decision may result in leaving systems un-patched and vulnerable. In this paper, the authors present a novel method for hot patching ELF binaries that supports synchronized global data and code updates, and reasoning about the results of applying the hot patch. In this regard, the Patch Object format was developed to encode patches as a special type of ELF re-locatable object file. The authors then built a tool, Katana, which automatically creates these patch objects as a by-product of the standard source build process. Katana also allows an end-user to apply the Patch Objects to a running process.","PeriodicalId":89158,"journal":{"name":"International journal of secure software engineering","volume":"17 1","pages":"1-17"},"PeriodicalIF":0.0000,"publicationDate":"2010-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"14","resultStr":"{\"title\":\"Katana: Towards Patching as a Runtime Part of the Compiler-Linker-Loader Toolchain\",\"authors\":\"S. Bratus, James Oakley, Ashwin Ramaswamy, Sean W. Smith, M. Locasto\",\"doi\":\"10.4018/JSSE.2010070101\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The mechanics of hot patching the process of upgrading a program while it executes remain understudied, even though it offers capabilities that act as practical benefits for both consumer and mission-critical systems. A reliable hot patching procedure would serve particularly well by reducing the downtime necessary for critical functionality or security upgrades. However, hot patching also carries the risk-real or perceived-of leaving the system in an inconsistent state, which leads many owners to forgo its benefits as too risky; for systems where availability is critical, this decision may result in leaving systems un-patched and vulnerable. In this paper, the authors present a novel method for hot patching ELF binaries that supports synchronized global data and code updates, and reasoning about the results of applying the hot patch. In this regard, the Patch Object format was developed to encode patches as a special type of ELF re-locatable object file. The authors then built a tool, Katana, which automatically creates these patch objects as a by-product of the standard source build process. Katana also allows an end-user to apply the Patch Objects to a running process.\",\"PeriodicalId\":89158,\"journal\":{\"name\":\"International journal of secure software engineering\",\"volume\":\"17 1\",\"pages\":\"1-17\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2010-07-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"14\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"International journal of secure software engineering\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.4018/JSSE.2010070101\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"International journal of secure software engineering","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.4018/JSSE.2010070101","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Katana: Towards Patching as a Runtime Part of the Compiler-Linker-Loader Toolchain
The mechanics of hot patching the process of upgrading a program while it executes remain understudied, even though it offers capabilities that act as practical benefits for both consumer and mission-critical systems. A reliable hot patching procedure would serve particularly well by reducing the downtime necessary for critical functionality or security upgrades. However, hot patching also carries the risk-real or perceived-of leaving the system in an inconsistent state, which leads many owners to forgo its benefits as too risky; for systems where availability is critical, this decision may result in leaving systems un-patched and vulnerable. In this paper, the authors present a novel method for hot patching ELF binaries that supports synchronized global data and code updates, and reasoning about the results of applying the hot patch. In this regard, the Patch Object format was developed to encode patches as a special type of ELF re-locatable object file. The authors then built a tool, Katana, which automatically creates these patch objects as a by-product of the standard source build process. Katana also allows an end-user to apply the Patch Objects to a running process.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
