Svadev mailing list

[John Criswell <criswell AT illinois.edu>]

On 11/10/11 8:30 PM, Dennis Crawford wrote: Is it possible at present to compile the linux kernel 3.0.8 upon SAFECode?

At present, I don't think mainline SAFECode with LLVM 3.0 will enforce memory safety properly for kernel code.  The reasons are:

1) Some of the memory safety transforms needs to be enhanced to recognize the Linux memory allocators (the bootmem allocator as well as kmalloc() and kmem_cache_alloc()).  Partial support for recognizing these functions might be in the code base and wouldn't be too difficult to add, but I don't think it's complete, and we certainly haven't tested it in awhile.

2) The currently supported run-time library for SAFECode is a user-space version written in C++ that utilizes some of the STL container classes.  This library will not work in kernel mode because:
    a) I don't think libstdc++ works in kernel mode (at least, it didn't the last time I tried some years ago).
    b) The run-time uses malloc() and new() to perform memory allocation.  This would need to be fixed.

3) I don't know if the global_ctors feature in LLVM works for kernel code.  SAFECode relies on it for initializing the run-time library.

Having said that, we have applied the SAFECode techniques to the Linux 2.4.22 kernel (ported to the SVA virtual instruction set) in our previous research (http://llvm.org/pubs/2007-SOSP-SVA.html), so we definitely know it can be done.  The problem is that the SAFECode source base for SVA diverged from the user-space SAFECode source base (e.g., SVA had its own run-time library written in C), and we simply haven't gotten them integrated into a single system yet.  Making SAFECode more maintainable, usable, and robust for user-space applications has been the current priority.

-- John T.


Thank you,
Dennis Crawford

_______________________________________________
svadev mailing list
svadev AT cs.uiuc.edu
http://lists.cs.uiuc.edu/mailman/listinfo/svadev