Tolerating Malicious Device Drivers in Linux
URL to paper from conference site
| Main Authors: | , |
|---|---|
| Other Authors: | |
| Format: | Article |
| Language: | en_US |
| Published: |
USENIX Association
2011
|
| Online Access: | http://hdl.handle.net/1721.1/62238 https://orcid.org/0000-0003-0238-2703 |
| _version_ | 1826204805159190528 |
|---|---|
| author | Boyd-Wickizer, Silas Zeldovich, Nickolai |
| author2 | Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science |
| author_facet | Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science Boyd-Wickizer, Silas Zeldovich, Nickolai |
| author_sort | Boyd-Wickizer, Silas |
| collection | MIT |
| description | URL to paper from conference site |
| first_indexed | 2024-09-23T13:01:22Z |
| format | Article |
| id | mit-1721.1/62238 |
| institution | Massachusetts Institute of Technology |
| language | en_US |
| last_indexed | 2024-09-23T13:01:22Z |
| publishDate | 2011 |
| publisher | USENIX Association |
| record_format | dspace |
| spelling | mit-1721.1/622382022-10-01T12:34:28Z Tolerating Malicious Device Drivers in Linux Boyd-Wickizer, Silas Zeldovich, Nickolai Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science Zeldovich, Nickolai Zeldovich, Nickolai Boyd-Wickizer, Silas URL to paper from conference site This paper presents SUD, a system for running existing Linux device drivers as untrusted user-space processes. Even if the device driver is controlled by a malicious adversary, it cannot compromise the rest of the system. One significant challenge of fully isolating a driver is to confine the actions of its hardware device. SUD relies on IOMMU hardware, PCI express bridges, and message-signaled interrupts to confine hardware devices. SUD runs unmodified Linux device drivers, by emulating a Linux kernel environment in user-space. A prototype of SUD runs drivers for Gigabit Ethernet, 802.11 wireless, sound cards, USB host controllers, and USB devices, and it is easy to add a new device class. SUD achieves the same performance as an in-kernel driver on networking benchmarks, and can saturate a Gigabit Ethernet link. SUD incurs a CPU overhead comparable to existing runtime driver isolation techniques, while providing much stronger isolation guarantees for untrusted drivers. Finally, SUD requires minimal changes to the kernel—just two kernel modules comprising 4,000 lines of code—which may at last allow the adoption of these ideas in practice. 2011-04-19T19:10:35Z 2011-04-19T19:10:35Z 2010-06 Article http://purl.org/eprint/type/ConferencePaper http://hdl.handle.net/1721.1/62238 Boyd-Wickizer, Silas and Nickolai Zeldovich. "Tolerating Malicious Device Drivers in Linux" USENIX Annual Technical Conference, June 23–25, 2010, Boston, MA, USA. https://orcid.org/0000-0003-0238-2703 en_US http://www.usenix.org/events/atc10/tech/full_papers/Boyd-Wickizer.pdf 2010 USENIX Annual Technical Conference Creative Commons Attribution-Noncommercial-Share Alike 3.0 http://creativecommons.org/licenses/by-nc-sa/3.0/ application/pdf USENIX Association MIT web domain |
| spellingShingle | Boyd-Wickizer, Silas Zeldovich, Nickolai Tolerating Malicious Device Drivers in Linux |
| title | Tolerating Malicious Device Drivers in Linux |
| title_full | Tolerating Malicious Device Drivers in Linux |
| title_fullStr | Tolerating Malicious Device Drivers in Linux |
| title_full_unstemmed | Tolerating Malicious Device Drivers in Linux |
| title_short | Tolerating Malicious Device Drivers in Linux |
| title_sort | tolerating malicious device drivers in linux |
| url | http://hdl.handle.net/1721.1/62238 https://orcid.org/0000-0003-0238-2703 |
| work_keys_str_mv | AT boydwickizersilas toleratingmaliciousdevicedriversinlinux AT zeldovichnickolai toleratingmaliciousdevicedriversinlinux |