Software defined memory ownership system

Huang, Alexander,M. Eng.Massachusetts Institute of Technology.

Author(s)

Huang, Alexander,M. Eng.Massachusetts Institute of Technology.

Download1227275380-MIT.pdf (521.3Kb)

Other Contributors

Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science.

Advisor

Howard Shrobe, Hamed Okhravi and Nathan Burow.

Terms of use

MIT theses may be protected by copyright. Please reuse MIT thesis content according to the MIT Libraries Permissions Policy, which is available through the URL provided. http://dspace.mit.edu/handle/1721.1/7582

Metadata

Show full item record

Abstract

Memory corruption bugs account for 70% of existing vulnerabilities. Such bugs proliferate because critical code such as operating systems is still implemented in unsafe languages like C and C++. To address this, memory safe languages such as Rust have been developed. Rust provides memory safety in its default usage by performing static and dynamic checks to ensure code conforms to its safety model. However, these checks may be too restrictive for certain OS code. In these cases, programmers must write unsafe code to escape the safety guarantees. Even for kernels developed in Rust, guaranteeing safety for memory mapped input output (MMIO) device interactions remains a challenge given these interactions necessitate unsafe Rust to access addresses that appear arbitrary to the compiler. We build the Software Defined Memory Ownership System, or SDMOS, that enforces safe MMIO interactions in the Zero-Kernel Operating System (ZKOS), an operating system written in Rust. SDMOS leverages a tagged architecture to embed semantic metadata with IO memory regions and low-level device driver code in addition to policies that define proper MMIO access at varying levels of granularity. We also implement a pipeline to apply tags at the compiler level, minimizing the amount of manual tagging. Our results show that SDMOS eliminates memory corruption resulting from buggy user space applications and device drivers. The main factor that dictates performance of SDMOS is the total number of rules installed to the tag cache. Our evaluations show that SDMOS's cache load should not exceed the capacity of most cache implementations.

Description

Thesis: M. Eng., Massachusetts Institute of Technology, Department of Electrical Engineering and Computer Science, September, 2020

Cataloged from student-submitted PDF of thesis.

Includes bibliographical references (pages 61-65).

Date issued

2020

URI

https://hdl.handle.net/1721.1/129145

Department

Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science

Publisher

Massachusetts Institute of Technology

Keywords

Electrical Engineering and Computer Science.

Collections

Graduate Theses