DEVELOPMENTS FOR SAFE USER LEVEL KERNEL PROGRAMMING

Abstract

Normally users are not allowed to load their own modules in to the Linux kernel. This restriction has been the custom practice in almost all the operating systems to keep the kernel free from the malicious programs of the users. By restricting the users in this way, kernel pays an overhead in the execution of certain applications and also wastage of resources, like CPU time, because of context switching from user to kernel modes and vice versa. This overhead and wastage of resources can be reduced by adopting measures which will restrict the malicious functioning of user's modules. So, in this thesis work has been done for the safe execution of user modules in the Linux kernel. A platform called Open Kernel Environment(OKE), in which entire work has been done, was properly studied and installed. Then Environment Setup Code(ESC)—part of OKE architecture—was written which will restrict the user's modules with a limited set resources— like CPU-time, kernel API. After which two modules were written in a new language called Cyclone, a safe dialect of C, using the API specified in ESC. Finally, modules were inserted in to the kernel and various results were analyzed. Entire work has been done in linux kernel-2.4.20-8 on a i386 machine. Other software like KeyNote library, Cyclone language, OpenSSL, Postgres database were used. 141 [81 and BIBT Cwere used for report writing