Jitk: A Trustworthy In-Kernel Interpreter Infrastructure
نویسندگان
چکیده
Modern operating systems run multiple interpreters in the kernel, which enable user-space applications to add new functionality or specialize system policies. The correctness of such interpreters is critical to the overall system security: bugs in interpreters could allow adversaries to compromise user-space applications and even the kernel. Jitk is a new infrastructure for building in-kernel interpreters that guarantee functional correctness as they compile user-space policies down to native instructions for execution in the kernel. To demonstrate Jitk, we implement two interpreters in the Linux kernel, BPF and INET-DIAG, which are used for network and system call filtering and socket monitoring, respectively. To help application developers write correct filters, we introduce a high-level rule language, along with a proof that Jitk correctly translates high-level rules all the way to native machine code, and demonstrate that this language can be integrated into OpenSSH with tens of lines of code. We built a prototype of Jitk on top of the CompCert verified compiler and integrated it into the Linux kernel. Experimental results show that Jitk is practical, fast, and trustworthy.
منابع مشابه
Mega-Interpreters and Expert Systems
Meta-programming is a well-known technique widely used in logic programming and artificial intelligence. Meta-interpreters are powerful tools especially for writing expert systems in general and for writing their inference machines in particular. While the classical approach to meta-interpretation is based on the syntactic definition of a meta-interpreter, new approach presented in this paper c...
متن کاملExtendible meta-interpreters
Meta-programming is a well-known technique widely used in logic programming and artificial intelligence. Meta-interpreters are powerful tools especially for writing expert systems in general and for writing their inference machines in particular. While the traditional approach to meta-interpretation is based on the syntactic definition of a meta-interpreter, new approach presented in this paper...
متن کاملA Bytecode Interpreter for Secure Program Execution in Untrusted Main Memory
Physical access to a system allows attackers to read out RAM through cold boot and DMA attacks. Thus far, counter measures protect only against attacks targeting disk encryption keys, while the remaining memory content is left vulnerable. We present a bytecode interpreter that protects code and data of programs against memory attacks by executing them without using RAM for sensitive content. An...
متن کاملJurors’ perceptions of witnesses who testify through interpreters
Previous research studies have suggested a strong correlation between the way witnesses speak and the way they are evaluated by juries or judicial officers. Some of the factors that can negatively impact evaluations include witnesses’ hesitant speech, upward intonation and non-standard or foreign accents. When witnesses give evidence through an interpreter, an extra layer of potential bias can ...
متن کاملSoft Computing Preprint Graphics Processing Units and Genetic Programming: An overview
A top end graphics card (GPU) plus a suitable SIMD interpreter, can deliver a several hundred fold speed up, yet cost less than the computer holding it. We give highlights of AI and computational intelligence applications in the new field of general purpose computing on graphics hardware (GPGPU). In particular we survey genetic programming (GP) use with GPU. We give several applications from Bi...
متن کامل