AMCheX:Accurate Analysis of Missing-Check Bugs for Linux Kernel |
| |
Authors: | Ying-Jie Wang Liang-Ze Yin Wei Dong |
| |
Affiliation: | Key Laboratory of Software Engineering for Complex Systems, College of Computer Science National University of Defense Technology, Changsha 410073, China |
| |
Abstract: | The Linux kernel adopts a large number of security checks to prevent security-sensitive operations from being executed under unsafe conditions.If a security-sensitive operation is unchecked,a missing-check issue arises.Missing check is a class of severe bugs in software programs especially in operating system kernels,which may cause a variety of security issues,such as out-of-bound accesses,permission bypasses,and privilege escalations.Due to the lack of security specifications,how to automatically identify security-sensitive operations and their required security checks in the Linux kernel becomes a challenge for missing-check analysis.In this paper,we present an accurate missing-check analysis method for Linux kernel,which can automatically infer possible security-sensitive operations.Particularly,we first automatically identify all possible security check functions of Linux.Then according to their callsites,a two-direction analysis method is leveraged to identify possible security-sensitive operations.A missing-check bug is reported when the security-sensitive operation is not protected by its corresponding security check.We have implemented our method as a tool,named AMCheX,on top of the LLVM(Low Level Virtual Machine) framework and evaluated it on the Linux kernel.AMCheX reported 12 new missing-check bugs which can cause security issues.Five of them have been confirmed by Linux maintainers. |
| |
Keywords: | security check function security-sensitive operation program analysis missing-check |
本文献已被 万方数据 等数据库收录! |
| 点击此处可从《计算机科学技术学报》浏览原始摘要信息 |
|
点击此处可从《计算机科学技术学报》下载全文 |
|