Information Technology Reference
In-Depth Information
Figure 3. Control flow of driver and kernel wrappers
implementation
by preserving existing kernel-driver procedure-
call interfaces while enabling the protection of all
control and data transfers in both directions.
When loading a module, Nooks links the driver
against wrappers rather than to normal kernel
functions. This ensures that Nooks intercepts
all function calls from the driver into the kernel.
Similarly, the kernel's module initialization code
explicitly invokes a Nooks wrapper on the initial-
ization call into a driver, enabling the driver to
execute within its lightweight protection domain.
Following initialization, wrappers replace all func-
tion pointers passed from the driver to the kernel
with pointers to other wrappers. This causes the
kernel to call wrapper functions instead of driver
functions directly.
In addition to interposing on control transfers,
Nooks must interpose on some data references.
Drivers are linked directly to global kernel vari-
ables that they read but do not write (e.g., the
current time). For global variables that drivers
modify, Nooks creates a shadow copy of the
kernel data structure within the driver's domain
that is synchronized to the kernel's version. For
example, Nooks uses this technique for the queue
of packets sent and received by a network driver.
The object tracker synchronizes the contents of the
kernel and driver version of this structure before
and after XPCs into a network driver.
As noted above, Nooks inserts wrapper stubs
between kernel and driver functions. There are
Nooks was implemented within the Linux 2.4.18
kernel on the Intel x86 architecture. The kernel
provides over 700 functions callable by drivers
and other extensions and more than 650 extension-
entry functions callable by the kernel. Moreover,
few data types are abstracted, and drivers directly
access fields in many kernel data structures.
The Linux kernel supports standard interfaces
for many extension classes. For example, there
is a generic interface for block, character, and
network device drivers. The interfaces are imple-
mented as C language structures containing a set
of function pointers.
Most interactions between the kernel and
drivers take place through function calls, either
from the kernel into drivers or from drivers into
exported kernel routines. Drivers directly ac-
cess only a few global data structures, such as
the current task structure As a result, Nooks can
interpose on most kernel-driver interactions by
intercepting the function calls between the driver
and kernel.
Interposition
Interposition allows Nooks to intercept and control
communication between drivers and the kernel.
Nooks interposes on kernel-driver control transfers
with
wrapper stubs
. Wrappers provide transparency
Search WWH ::
Custom Search