system call vulnerabilities in linux storage stack
play

System Call Vulnerabilities in Linux Storage Stack Nima Mohammadi - PowerPoint PPT Presentation

Aug 15, 2023 •570 likes •809 views

System Call Vulnerabilities in Linux Storage Stack Nima Mohammadi Sepand Haghighi Fall - 2016 Outline Introduction Static Code Analysis Static Analyzer List Kernels Static Analysis Report Conclusion 2 System

  1. System Call Vulnerabilities in Linux Storage Stack Nima Mohammadi Sepand Haghighi Fall - 2016

  2. Outline • Introduction • Static Code Analysis • Static Analyzer List • Kernels • Static Analysis Report • Conclusion 2 System Call Vulnerabilities in Linux Storage Stack – Nima Mohammadi , Sepand Haghighi

  3. Source Code Analysis • As a developer, source code is the malleable object • Many techniques can be shared between source and binary analysis • Flip side: Improve RE by looking for blind spots in source analysis 3 System Call Vulnerabilities in Linux Storage Stack – Nima Mohammadi , Sepand Haghighi

  4. Source and Binary Analysis • Binary • Source – Hard to map back to source – Easy to identify location of flaw – CPU dependent – CPU independent – Language indep ? – Language depen. – Environment independent? – 3 rd party utility – Environment independent? – 1 st party only 4 System Call Vulnerabilities in Linux Storage Stack – Nima Mohammadi , Sepand Haghighi

  5. Tools to find bugs • Static Code Analyzer • Dynamic Runtime Checker • Fuzzer/Test Suits • Tracers to understand code • Tools to understand source 5 System Call Vulnerabilities in Linux Storage Stack – Nima Mohammadi , Sepand Haghighi

  6. Static and Dynamic Analysis • Dynamic • Static – Very rare to get close to – Complete coverage 100% – false positives – No false positives – Can analyze anytime, – Requires ability to run anywhere program – Precise description of – Precise understanding of problem, unknown impact, possibly unknown impact cause 6 System Call Vulnerabilities in Linux Storage Stack – Nima Mohammadi , Sepand Haghighi

  7. Static Code Analysis • The source has a lot of knowledge embedded – Extract the good parts, ignore the remainder • Many types of analysis – Different ways to approach the problem – Different goals • Find Defects • Enhance Run time analysis • Gain insight into code 7 System Call Vulnerabilities in Linux Storage Stack – Nima Mohammadi , Sepand Haghighi

  8. Static Code Analysis 8 System Call Vulnerabilities in Linux Storage Stack – Nima Mohammadi , Sepand Haghighi

  9. Static Code Analysis 9 System Call Vulnerabilities in Linux Storage Stack – Nima Mohammadi , Sepand Haghighi

  10. Simulated Execution • Flow sensitive bar() { free(g_p); } baz() { free(g_p); } foo() { if (x) bar(); else baz(); } • Context sensitive if (use_malloc) p = malloc(); /* … */ if (use_malloc) free(p); • How much state to track? – Exponential number of paths – Loops – Heap is unbounded 10 System Call Vulnerabilities in Linux Storage Stack – Nima Mohammadi , Sepand Haghighi

  11. Static Analyzer List • BLAST • FRAMA-C • Flaw-Finder • Sparse • CppCheck • Smatch 11 System Call Vulnerabilities in Linux Storage Stack – Nima Mohammadi , Sepand Haghighi

  12. BLAST • B erkeley L azy A bstraction S oftware Verification T ool ( BLAST ) • Written in Ocaml • Stable Version : 2.7.3 , 2014 • automatic abstraction refinement to construct an abstract model that is then model-checked for safety properties 12 System Call Vulnerabilities in Linux Storage Stack – Nima Mohammadi , Sepand Haghighi

  13. Frama-C • Framework or Modular Analysis of C Programs. • Written in Ocaml • Stable Version : Silicon , 2 Dec 2016 • Run Different Analysis : - Value Analysis - Jessie - Impact Analysis - Slicing - Spare Code 13 System Call Vulnerabilities in Linux Storage Stack – Nima Mohammadi , Sepand Haghighi

  14. Flaw-Finder • Examine C/C++ Codes • Written in Python • Stable Version : 2014-08-03 • It’s very useful for quickly finding and removing at least some potential security problems before a program is widely released to the public • Flawfinder is specifically designed to be easy to install and use. After installing it, at a command line just type: flawfinder directory_with_source_code 14 System Call Vulnerabilities in Linux Storage Stack – Nima Mohammadi , Sepand Haghighi

  15. Sparse • Examine Linux Kernels • Written in C • Stable Version : 0.5.0 , 29 Jan 2014 • Open Source , MIT License • Sparse defines the following list of attributes: – Address_space – Bitwise – Force – Context 15 System Call Vulnerabilities in Linux Storage Stack – Nima Mohammadi , Sepand Haghighi

  16. CPP Check • Static Analysis of C/C++ Codes • Written in C++ • Stable Version : 8 Oct 2016 • General Public GNU Licesne • Some of checks that are supported : – Automatic Variable – Memory Leaks – Resources Leaks – Bounds Checking – Invalid usage of standard library 16 System Call Vulnerabilities in Linux Storage Stack – Nima Mohammadi , Sepand Haghighi

  17. Smatch • Static Analysis of C Source Code • Written in C Stable Version : 8 Oct 2016 • General Public GNU Licesne • C static analysis tool which developed, and which uses to test the mainline Linux kernel code for security bugs. 17 System Call Vulnerabilities in Linux Storage Stack – Nima Mohammadi , Sepand Haghighi

  18. Linux Complexity Growing 18 System Call Vulnerabilities in Linux Storage Stack – Nima Mohammadi , Sepand Haghighi

  19. Filesystems List ext2 Second Extended FileSystem ext4 Fourth Extended Filesystem with extents btfrs B-Tree filesystem hfs Macintosh HFS Filesystem jffs2 The Journalling Flash File System, v2 reiserfs ReiserFS journaled filesystem ubifs UBIFS - UBI File System udf Universal Disk Format Filesystem 19 System Call Vulnerabilities in Linux Storage Stack – Nima Mohammadi , Sepand Haghighi

  20. Filesystem Analysis Report FS Line of Smatch CppChek Sparse FlawFindr Blast Frama-C Code ext2 6840 3 -- 0 29 -- -- ext4 32754 30 -- 0 103 -- -- btrfs 82450 84 -- 69 191 -- -- hfs 4618 22 -- 0 20 -- -- jffs2 13771 40 -- 6 45 -- -- reiserfs 21742 40 -- 6 159 -- -- ubifs 21988 6 -- 0 63 -- -- udf 8980 26 -- 0 63 -- -- 20 System Call Vulnerabilities in Linux Storage Stack – Nima Mohammadi , Sepand Haghighi

  21. Conclusion • Linux has a lot of great tools for making kernel development easier • We need them to keep up with the growing complexity • But Still many improvement possible 21 System Call Vulnerabilities in Linux Storage Stack – Nima Mohammadi , Sepand Haghighi

  22. Comparison 22 System Call Vulnerabilities in Linux Storage Stack – Nima Mohammadi , Sepand Haghighi

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Network File System (NFS) Nima Honarmand Fall 2017 :: CSE 306 A Typical Storage Stack (Linux)

Network File System (NFS) Nima Honarmand Fall 2017 :: CSE 306 A Typical Storage Stack (Linux)

Fall 2017 :: CSE 306 Network File System (NFS) Nima Honarmand Fall 2017 :: CSE 306 A Typical Storage Stack (Linux) User Kernel VFS (Virtual File System) ext4 btrfs fat32 nfs Page Cache Block Device Layer Network IO Scheduler Disk

266 views • 24 slides
An Updated Overview of the QEMU Storage Stack Stefan Hajnoczi stefanha@linux.vnet.ibm.com

An Updated Overview of the QEMU Storage Stack Stefan Hajnoczi stefanha@linux.vnet.ibm.com

An Updated Overview of the QEMU Storage Stack Stefan Hajnoczi stefanha@linux.vnet.ibm.com Open Virtualization IBM Linux Technology Center 2011 Linux is a registered trademark of Linus Torvalds. The topic What is the QEMU storage

408 views • 26 slides
Basic FS Implementation Nima Honarmand Fall 2017 :: CSE 306 A Typical Storage Stack (Linux)

Basic FS Implementation Nima Honarmand Fall 2017 :: CSE 306 A Typical Storage Stack (Linux)

Fall 2017 :: CSE 306 Basic FS Implementation Nima Honarmand Fall 2017 :: CSE 306 A Typical Storage Stack (Linux) User Kernel VFS (Virtual File System) ext4 btrfs fat32 nfs Page Cache Block Device Layer Network IO Scheduler Disk

641 views • 30 slides
64-bit Linux stack smashing tutorial: Part 2 Written on April 21, 2015 This is part 2 of my

64-bit Linux stack smashing tutorial: Part 2 Written on April 21, 2015 This is part 2 of my

Techorganic About PGP Disclaimer Vulnerabilities Musings from the brainpan 64-bit Linux stack smashing tutorial: Part 2 Written on April 21, 2015 This is part 2 of my 64-bit Linux Stack Smashing tutorial. In part 1 we exploited a 64- bit

451 views • 9 slides
Call Stack Stack Bottom Memory region managed with stack discipline Procedures and the Call

Call Stack Stack Bottom Memory region managed with stack discipline Procedures and the Call

Call Stack Stack Bottom Memory region managed with stack discipline Procedures and the Call Stack higher %rsp holds lowest stack address addresses (address of "top" element) Topics stack grows Procedures toward lower

76 views • 5 slides
Procedures and the Call Stack Topics Procedures Call stack Procedure/stack

Procedures and the Call Stack Topics Procedures Call stack Procedure/stack

Procedures and the Call Stack Topics Procedures Call stack Procedure/stack instructions Calling conventions Register-saving conventions Why Procedures? Why functions? Why methods? int contains_char(char* haystack,

705 views • 54 slides
Procedures and the Call Stack Topics Procedures Call stack Procedure/stack

Procedures and the Call Stack Topics Procedures Call stack Procedure/stack

Procedures and the Call Stack Topics Procedures Call stack Procedure/stack instructions Calling conventions Register-saving conventions Why Procedures? Why functions? Why methods? int contains_char(char* haystack,

892 views • 52 slides
STORAGE CONTENT PROVIDER Storage File System Linux OS Internal External (Flash Memory) (SD

STORAGE CONTENT PROVIDER Storage File System Linux OS Internal External (Flash Memory) (SD

STORAGE CONTENT PROVIDER Storage File System Linux OS Internal External (Flash Memory) (SD card) ..\AppData\Local\Android\sdk\platform-tools\adb Exploring the file system File System Android allows to persists application data via the

560 views • 31 slides
On Failure Diagnosis of the Storage Stack Duo Zhang , Om Rameshwar Gatla, Runzhou Han, Mai Zheng

On Failure Diagnosis of the Storage Stack Duo Zhang , Om Rameshwar Gatla, Runzhou Han, Mai Zheng

Data Storage Lab On Failure Diagnosis of the Storage Stack Duo Zhang , Om Rameshwar Gatla, Runzhou Han, Mai Zheng Iowa State University Storage System Failures Are Troublesome 2 Data Storage Lab Existing Efforts Are Not Enough Mostly

498 views • 23 slides
Compilers Stack Machines Alex Aiken Stack Machines Only storage is a stack An

Compilers Stack Machines Alex Aiken Stack Machines Only storage is a stack An

Compilers Stack Machines Alex Aiken Stack Machines Only storage is a stack An instruction r = F(a 1 ,a n ): Pops n operands from the stack Computes the operation F using the operands Pushes the result r on the stack Alex

362 views • 13 slides
Design and implementation of a DECT stack for Linux Patrick McHardy <kaber@trash.net>

Design and implementation of a DECT stack for Linux Patrick McHardy <kaber@trash.net>

Design and implementation of a DECT stack for Linux Patrick McHardy <kaber@trash.net> Linux Kongress 2010, Nrnberg http://dect.osmocom.org/ About This presentation will present a DECT stack for Linux, containing all components

1.31k views • 94 slides
Introduction to GPUs and to the Linux Graphics Stack Martin Peres CC By-SA 3.0 Nouveau

Introduction to GPUs and to the Linux Graphics Stack Martin Peres CC By-SA 3.0 Nouveau

I - Hardware : Anatomy of a GPU II - Host : The Linux graphics stack Attributions Introduction to GPUs and to the Linux Graphics Stack Martin Peres CC By-SA 3.0 Nouveau developer Ph.D. student at LaBRI November 26, 2012 1 / 36 I -

1.01k views • 36 slides
Why add layers? Originally, operating systems supported just one file system. What changed?

Why add layers? Originally, operating systems supported just one file system. What changed?

V irtual F ile system S witch A brief overview of the Linux storage stack Why add layers? Originally, operating systems supported just one file system. What changed? introduction of removable media (floppy, CD-ROM, usb drives, etc.)

409 views • 18 slides
Native IP Stack For Zephyr OS Zephyr is a trademark of the Linux Foundation. *Other names and

Native IP Stack For Zephyr OS Zephyr is a trademark of the Linux Foundation. *Other names and

Native IP Stack For Zephyr OS Zephyr is a trademark of the Linux Foundation. *Other names and brands may be claimed as the property of others. Why a native IP stack? Features missing in current Contiki based uIP stack No dual IPv6 &

225 views • 11 slides
Linux System Security Tunables Linux System Security Tunables Linux System Security Tunables

Linux System Security Tunables Linux System Security Tunables Linux System Security Tunables

Linux System Security Tunables Linux System Security Tunables Linux System Security Tunables http://outflux.net/slides/2013/drupal/tunables.pdf R0Ng DrupalCon Portland 2013 Kees Cook <keescook@google.com> (pronounced Case) Who is

474 views • 33 slides
Buffer Overflow Attacks IA32 Linux Stack Higher Addresses Virtual Address Space Heap Data

Buffer Overflow Attacks IA32 Linux Stack Higher Addresses Virtual Address Space Heap Data

Buffer Overflow Attacks IA32 Linux Stack Higher Addresses Virtual Address Space Heap Data Text Lower Addresses Stack and Base Pointers Stack is made up of stack frames Stack frames contain: parameters, local variables, return

604 views • 45 slides
/ 9/16/2004 ACCESS IC LAB ACCESS IC LAB Graduate Institute of Electronics Engineering, NTU

/ 9/16/2004 ACCESS IC LAB ACCESS IC LAB Graduate Institute of Electronics Engineering, NTU

Graduate Institute of Electronics Engineering, NTU / 9/16/2004 ACCESS IC LAB ACCESS IC LAB Graduate Institute of Electronics Engineering, NTU Overview of DSP Processor Current Status of NTU DSP Laboratory (E1-304) Course outline of

769 views • 23 slides
The Perceptron Mistake Bound Machine Learning 1 Some slides based on lectures from Dan Roth,

The Perceptron Mistake Bound Machine Learning 1 Some slides based on lectures from Dan Roth,

The Perceptron Mistake Bound Machine Learning 1 Some slides based on lectures from Dan Roth, Avrim Blum and others Where are we? The Perceptron Algorithm Variants of Perceptron Perceptron Mistake Bound 2 Convergence Convergence

692 views • 33 slides
RNA structure alignment by a unit-vector approach Emidio Capriotti Marc A. Marti-Renom

RNA structure alignment by a unit-vector approach Emidio Capriotti Marc A. Marti-Renom

RNA structure alignment by a unit-vector approach Emidio Capriotti Marc A. Marti-Renom http://sgu.bioinfo.cipf.es Structural Genomics Unit ECCB08 Bioinformatics Department Cagliari (Italy) Prince Felipe Resarch Center (CIPF), Valencia,

547 views • 19 slides
compsci 514: algorithms for data science Cameron Musco University of Massachusetts Amherst.

compsci 514: algorithms for data science Cameron Musco University of Massachusetts Amherst.

compsci 514: algorithms for data science Cameron Musco University of Massachusetts Amherst. Spring 2020. Lecture 12 0 logistics guide/practice questions. Tuesday and also before class at 10:00am . 1 Problem Set 2 is due this upcoming

359 views • 19 slides
Viktor Lysiuk V. Lashkariov Ins2tute of Semiconductor Physics, NAS of Ukraine 21.02.2017 Winter

Viktor Lysiuk V. Lashkariov Ins2tute of Semiconductor Physics, NAS of Ukraine 21.02.2017 Winter

Surface plasmon resonance sensing with applications in biological objects and health control Viktor Lysiuk V. Lashkariov Ins2tute of Semiconductor Physics, NAS of Ukraine 21.02.2017 Winter College on Op.cs 2017 V. Lashkariov Institute of

1.14k views • 40 slides
Presented by Jack Humburg Jack Humburg, Executive Vice President of Housing, Development,

Presented by Jack Humburg Jack Humburg, Executive Vice President of Housing, Development,

Presented by Jack Humburg Jack Humburg, Executive Vice President of Housing, Development, and ADA Services Boley Centers is a provider of services and supports to individuals with mental illness and others in need since 1970 ~

994 views • 62 slides
Process Address Spaces Lab deadline extended to Wed night (9/14) and Enrollment

Process Address Spaces Lab deadline extended to Wed night (9/14) and Enrollment

11/14/11 Housekeeping Process Address Spaces Lab deadline extended to Wed night (9/14) and Enrollment finalized if you still want in, email me All students should have VMs at this point Binary Formats Email Don

156 views • 13 slides
(Deep Learning and Universal Sentence-Embedding Models)

(Deep Learning and Universal Sentence-Embedding Models)

Tamkang University (Deep Learning and Universal Sentence-Embedding Models) 063)

829 views • 35 slides

More recommend