摘要
现代操作系统的驱动程序和文件系统都以内核模块形式出现,而内核模块的操作大多使用指针,因此内核模块中指针使用的可靠性直接决定着操作系统能否长久稳定运行.设计了一种内核模块的指针错误隔离方法(PFI)来有效地阻止指针相关的错误运行,并且不用修改系统内核,该方法基于LLVM编译架构进行实现,分为变量标记和数据检测两个工作阶段.变量标记是指在程序编译时根据代码上下文语义找到确定错误,从而大大降低程序运行时带来额外的开销;数据检测通过在潜在错误前面插装对敏感数据的检查代码,并在运行时进行动态检测,从而准确地发现数据动态变化时产生的错误.文中所述的PFI方法在Linux操作系统中进行了实现,并结合网卡驱动进行了评测,实验结果表明通过使用动静结合的方式,PFI能够有效地对模块中的错误进行隔离,并且不会带来显著的性能影响.
Drivers and file systems run in form of kernel modules in modem operation system, and most operations in kernel modules need pointers, so the reliability of pointers in kernel modules decides the steady of operation system. In this paper, we present PFI, a pointer fault isolation method for kernel modules to prevent bugs about pointers without modifying kernel, which is based on LLVM compilation framework. The method is divided into two parts : variable marking and data detection. On one hand, variable marking finds certain bugs based on code context in compilation time, which can reduce mntime overhead. On the other hand, data detection inserts checking code before the potential bug to detect fault in mntime, which may precisely find bugs about data changed. We achieved PFI in Linux system and make experiments on the network driver. The test result shows that PFI can isolate module faults effectively by dynamic and static combination and the overhead is acceptable.
出处
《小型微型计算机系统》
CSCD
北大核心
2015年第5期1127-1132,共6页
Journal of Chinese Computer Systems
基金
国家"八六三"高技术研究发展计划项目(2011AA01A203)资助
关键词
内核模块
指针
错误隔离
变量标记
数据检测
kernel module
LLVM
fault isolation
variable marking
data detection