共 3 条
- [1] Kerrisk M., 2016, FOSDEM 16
- [2] Liedtke Jochen, 1995, P 15 ACM S OP SYST P
- [3] Torvalds L., 1991, HELLO EVERYBODY OUT
Address Space Isolation in the Linux Kernel
被引:1
作者:
Nider, Joel
[1
]
Rapoport, Mike
[1
]
Bottomley, James
[2
]
机构:
[1] IBM Res, Haifa, Israel
[2] IBM Res, Seattle, WA USA
来源:
SYSTOR '19: PROCEEDINGS OF THE 12TH ACM INTERNATIONAL SYSTEMS AND STORAGE CONFERENCE
|
2019年
关键词:
kernel;
Linux;
security;
isolation;
D O I:
10.1145/3319647.3325855
中图分类号:
TP301 [理论、方法];
学科分类号:
081202 ;
摘要:
Monolithic kernel design mandates the use of a single address space for kernel data and code. While this design is easy to understand and performs well, it does not provide much in the way of protection from exploitable bugs in the interface. By dividing up kernel objects into areas of responsibility, we can introduce additional address spaces which will prevent information leakage, even in the case of a successful attack on the kernel. We are exploring several possible implementations with the goal of increasing security while minimizing the impact on performance.
引用
收藏
页码:194 / 194
页数:1
相关论文