Improving Security at the System-Call Boundary in a Type-Safe Operating System
MIT Lincoln Laboratory Lexington United States
Pagination or Media Count:
Historically, most approaches to operating sytems security aim to either protect the kernel e.g., the MMU or protect user applications e.g., W o X. However, little study has been done into protecting the boundary between these layers. We describe a vulnerability in Tock, a type-safe operating system, at the system-call boundary. We then introduce a technique for providing memory safety at the boundary between userland and the kernel in Tock. We demonstrate that this technique works to prevent against the aforementioned vulnerability and a class of similar vulnerabilities, and we propose how it might be used to protect against similar vulnerabilities in other operating systems.
- Computer Systems