Abstract
While the usage of kernel modules has become more prevalent from mobile to IoT devices, it poses an increased threat to computer systems since the modules enjoy high privileges as the main kernel but lack the matching robustness and security. In this work, we propose HART, a modular and dynamic tracing framework enabled by the Embedded Trace Macrocell (ETM) debugging feature in Arm processors. Powered by even the minimum supports of ETM, HART can trace binary-only modules without any modification to the main kernel efficiently, and plug and play on any module at any time. Besides, HART provides convenient interfaces for users to further build tracing-based security solutions, such as the modular AddressSanitizer HASAN we demonstrated. Our evaluation shows that HART and HASAN incur the average overhead of 5% and 6% on 6 widely-used benchmarks, and HASAN detects all vulnerabilities in various types, proving their efficiency and effectiveness.
Author supplied keywords
Cite
CITATION STYLE
Du, Y., Ning, Z., Xu, J., Wang, Z., Lin, Y. H., Zhang, F., … Mao, B. (2020). Hart: Hardware-assisted kernel module tracing on arm. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 12308 LNCS, pp. 316–337). Springer Science and Business Media Deutschland GmbH. https://doi.org/10.1007/978-3-030-58951-6_16
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
