Description
Today, most of our infrastructure relies on computers, making their reliability
and security critical for our society. Bugs in software may cost enterprises
vast amounts of money or threaten individuals privacy. One of the biggest causes
for bugs are made when handling memory, for example buffer overflows, in some
cases even leading to arbitrary code execution from an attacker. For such attacks,
many solutions exist: Memory-safe languages, compiler insertions like stack
canaries or runtime-based solutions. In 2012, Google introduced the Address
Sanitizer algorithm, a method designed to detect incorrect memory accesses during
runtime by keeping track of allocated memory in a seperate data structure
called shadow memory.
It was introduced first for userspace programs, but as the method gained popularity,
even Linux started supporting it, detecting thousands of bugs in the kernel.
However, other kernelspace projects have mostly been left out, since implementing
the concept is fairly complex. In this thesis, we explore how much the implementation
of the concept can be designed generically such that applying it to new kernelspace
projects takes less effort. To find out which parts of the concepts can be
generalized, we start off by implementing the approach into the popular hypervisor
Xen. We propose several solutions to design a generic framework and
demonstrate one of them successfully in a prototype for Xen.
|
