Memorizer:Lossless
Instruction-to-Object Memory
Tracing in the Linux Kernel
The lack of visibility into Linux’s
behavior makes it hard to
refactor and maintain. To peer
inside the box, we present
Memorizer, a self-contained,
low-level tracing framework that
tracks (most) object
allocations, data accesses, and
function calls within the
kernel. The core insight is a
low-level object-centric
representation that records
detailed lifetime information
while linking each operation
(call/read/write) with its
intended target. We evaluate
Memorizer using extensive
input programs and
demonstrate its value by
showing how Memorizer can
(1) aid in refactoring
(2)extend code coverage with
object coverage to improve
testing and analysis, and
(3) identify leaky
abstractions.
We also release a large data set,
visualization tools, and
Memorizer’s source.
This generic, object-centric
approach is the first to
provide lossless
instruction-to-object
tracing, adding an essential
software engineering
capability to the overly
complex Linux kernel.
Learn more:
Full
Paper
Presentation
,
Slide
Landing Page
Gitlab
Repository
μSCOPE:A
Methodology for Analyzing
Least-Privilege
Compartmentalization in Large
Software Artifacts
By prioritizing simplicity and
portability, least-privilege
engineering has been an
afterthought in OS design,
resulting in monolithic kernels
where any exploit leads to total
compromise. μSCOPE
(“microscope”) addresses this
problem by automatically
identifying opportunities for
least-privilege separation.
μSCOPE replaces expert-driven,
semi-automated analysis with a
general methodology for
exploring a continuum of
security vs. performance design
points by adopting a
quantitative and systematic
approach to privilege analysis.
In the paper, we detail how we
applied the μSCOPE methodology
to the Linux kernel, allowing us
to accomplish the following:
1. The instrumentation of the
entire Linux kernel, granting
comprehensive, fine-grained
memory access and call activity
2. The mapping of fine-grained
memory accesses and calls to
semantic information
3. The reporting of a separability
analysis on the kernel, using
both quantitative privilege and
overhead metrics
We discover opportunities for
orders of magnitude privilege
reduction while predicting
relatively low overheads - at
15% mediation overhead,
overprivilege in Linux can be
reduced up to 99.8% - suggesting
fine-grained privilege
separation is feasible and
laying the groundwork for
accelerating real privilege
separation.
Learn more:
Full
Paper
Landing Page
Gitlab
Repository