Sciweavers

ACSAC
2009
IEEE

Protecting Commodity Operating System Kernels from Vulnerable Device Drivers

14 years 6 months ago
Protecting Commodity Operating System Kernels from Vulnerable Device Drivers
Device drivers on commodity operating systems execute with kernel privilege and have unfettered access to kernel data structures. Several recent attacks demonstrate that such poor isolation exposes kernel data to exploits against vulnerable device drivers, for example through buffer overruns in packet processing code. Prior architectures to isolate kernel data from driver code either sacrifice performance, execute too much driver code with kernel privilege, or are incompatible with commodity operating systems. In this paper, we present the design, implementation and evaluation of a novel security architecture that better isolates kernel data from device drivers without sacrificing performance or compatibility. In this architecture, a device driver is partitioned into a small, trusted kernel-mode component and an untrusted user-mode component. The kernel-mode component contains privileged and performance-critical code. It communicates via RPC with the user-mode component which conta...
Shakeel Butt, Vinod Ganapathy, Michael M. Swift, C
Added 18 May 2010
Updated 18 May 2010
Type Conference
Year 2009
Where ACSAC
Authors Shakeel Butt, Vinod Ganapathy, Michael M. Swift, Chih-Cheng Chang
Comments (0)