Understanding modern device drivers

Device drivers are the single largest contributor to operating-system kernel code with over 5 million lines of code in the Linux kernel, and cause significant complexity, bugs and development costs. Recent years have seen a flurry of research aimed at improving the reliability and simplifying the development of drivers. However, little is known about what constitutes this huge body of code beyond the small set of drivers used for research. In this paper, we study the source code of Linux drivers to understand what drivers actually do, how current research applies to them and what opportunities exist for future research. We determine whether assumptions made by most driver research, such as that all drivers belong to a class, are indeed true. We also analyze driver code and abstractions to determine whether drivers can benefit from code re-organization or hardware trends. We develop a set of static-analysis tools to analyze driver code across various axes. Broadly, our study looks at three aspects of driver code (i) what are the characteristics of driver code functionality and how applicable is driver research to all drivers, (ii) how do drivers interact with the kernel, devices, and buses, and (iii) are there similarities that can be abstracted into libraries to reduce driver size and complexity? We find that many assumptions made by driver research do not apply to all drivers. At least 44% of drivers have code that is not captured by a class definition, 28% of drivers support more than one device per driver, and 15% of drivers do significant computation over data. From the driver interactions study, we find USB bus offers an efficient bus interface with significant standardized code and coarse-grained access, ideal for executing drivers in isolation. We also find that drivers for different buses and classes have widely varying levels of device interaction, which indicates that the cost of isolation will vary by class. Finally, from our driver similarity study, we find 8% of all driver code is substantially similar to code elsewhere and may be removed with new abstractions or libraries.

[1]  Asim Kadav,et al.  Live migration of direct-access devices , 2008, OPSR.

[2]  Abraham Silberschatz,et al.  Operating System Concepts , 1983 .

[3]  K. Mardia,et al.  Statistical Shape Analysis , 1998 .

[4]  Asim Kadav,et al.  Tolerating hardware device failures in software , 2009, SOSP '09.

[5]  Leonid Ryzhyk,et al.  Dingo: taming device drivers , 2009, EuroSys '09.

[6]  Leonid Ryzhyk,et al.  Automatic device driver synthesis with termite , 2009, SOSP '09.

[7]  Michael M. Swift,et al.  Decaf: Moving Device Drivers to a Modern Language , 2009, USENIX Annual Technical Conference.

[8]  Somesh Jha,et al.  Microdrivers: A New Architecture for Device Drivers , 2007, HotOS.

[9]  Silas Boyd-Wickizer,et al.  Tolerating Malicious Device Drivers in Linux , 2010, USENIX Annual Technical Conference.

[10]  Jeremy Andrus,et al.  Cells: a virtual mobile smartphone architecture , 2011, SOSP '11.

[11]  George Candea,et al.  Testing Closed-Source Binary Device Drivers with DDT , 2010, USENIX Annual Technical Conference.

[12]  Junfeng Yang,et al.  An empirical study of operating systems errors , 2001, SOSP.

[13]  Andrea Francini,et al.  The Swiss Army smartphone: cloud-based delivery of USB services , 2011, MobiHeld '11.

[14]  Emin Gün Sirer,et al.  Device Driver Safety Through a Reference Validation Mechanism , 2008, OSDI.

[15]  Roy H. Campbell,et al.  CuriOS: Improving Reliability through Operating System Structure , 2008, OSDI.

[16]  Alan L. Cox,et al.  Achieving 10 Gb/s using safe and transparent network interface virtualization , 2009, VEE '09.

[17]  Martín Abadi,et al.  XFI: software guards for system address spaces , 2006, OSDI '06.

[18]  Sriram K. Rajamani,et al.  Thorough static analysis of device drivers , 2006, EuroSys.

[19]  George C. Necula,et al.  SafeDrive: safe and recoverable extensions using language-based techniques , 2006, OSDI '06.

[20]  Andrew Warfield,et al.  Safe Hardware Access with the Xen Virtual Machine Monitor , 2007 .

[21]  Jitendra Malik,et al.  Shape matching and object recognition using shape contexts , 2010, 2010 3rd International Conference on Computer Science and Information Technology.

[22]  Somesh Jha,et al.  The design and implementation of microdrivers , 2008, ASPLOS.

[23]  Brian N. Bershad,et al.  Recovering device drivers , 2004, TOCS.

[24]  Adrian Schüpbach,et al.  A Declarative Language Approach to Device Configuration , 2012 .

[25]  Leonid Ryzhyk,et al.  The case for active device drivers , 2010, APSys '10.

[26]  Julia L. Lawall,et al.  Documenting and automating collateral evolutions in linux device drivers , 2008, Eurosys '08.

[27]  George C. Necula,et al.  CIL: Intermediate Language and Tools for Analysis and Transformation of C Programs , 2002, CC.

[28]  Archana Ganapathi,et al.  Windows XP Kernel Crash Analysis , 2006, LISA.

[29]  Xi Wang,et al.  Software fault isolation with API integrity and multi-principal modules , 2011, SOSP.

[30]  Brian N. Bershad,et al.  Improving the reliability of commodity operating systems , 2005, TOCS.

[31]  Gernot Heiser,et al.  User-Level Device Drivers: Achieved Performance , 2005, Journal of Computer Science and Technology.

[32]  Junfeng Yang,et al.  Scalable and systematic detection of buggy inconsistencies in source code , 2010, OOPSLA.

[33]  Laurent Réveillère,et al.  Devil: an IDL for hardware programming , 2000, OSDI.

[34]  Miguel Castro,et al.  Fast byte-granularity software fault isolation , 2009, SOSP '09.

[35]  Galen C. Hunt,et al.  Solving the starting problem: device drivers as self-describing artifacts , 2006, EuroSys '06.

[36]  Yuanyuan Zhou,et al.  CP-Miner: A Tool for Finding Copy-paste and Related Bugs in Operating System Code , 2004, OSDI.

[37]  Willy Zwaenepoel,et al.  TwinDrivers: semi-automatic derivation of fast and safe hypervisor network drivers from guest OS drivers , 2009, ASPLOS.

[38]  T. Chiueh,et al.  Integrating segmentation and paging protection for safe, efficient and transparent software extensions , 2000, OPSR.

[39]  Tzi-cker Chiueh,et al.  Integrating segmentation and paging protection for safe, efficient and transparent software extensions , 1999, SOSP.

[40]  George Candea,et al.  Reverse engineering of binary device drivers with RevNIC , 2010, EuroSys '10.