Set the Configuration for the Heart of the OS

This paper presents a study on the practicality of operating system (OS) kernel debloating---reducing kernel code that is not needed by the target applications---in real-world systems. Despite their significant benefits regarding security (attack surface reduction) and performance (fast boot times and reduced memory footprints), the state-of-the-art OS kernel debloating techniques are seldom adopted in practice, especially in production systems. We identify the limitations of existing kernel debloating techniques that hinder their practical adoption, including both accidental and essential limitations. To understand these limitations, we build an advanced debloating framework named \tool which enables us to conduct a number of experiments on different types of OS kernels (including Linux and the L4 microkernel) with a wide variety of applications (including HTTPD, Memcached, MySQL, NGINX, PHP and Redis). Our experimental results reveal the challenges and opportunities towards making kernel debloating techniques practical for real-world systems. The main goal of this paper is to share these insights and our experiences to shed light on addressing the limitations of kernel debloating in future research and development efforts.

[1]  Don Marti,et al.  OSv - Optimizing the Operating System for Virtual Machines , 2014, USENIX Annual Technical Conference.

[2]  Somesh Jha,et al.  Cimplifier: automatically debloating containers , 2017, ESEC/SIGSOFT FSE.

[3]  Wolfgang Schröder-Preikschat,et al.  Attack Surface Metrics and Automated Compile-Time OS Kernel Tailoring , 2013, NDSS.

[4]  Rüdiger Kapitza,et al.  EsseOS: Haskell-based tailored services for the cloud , 2013, ARM '13.

[5]  Long Jin,et al.  Hey, you have given me too many knobs!: understanding and dealing with over-designed configuration in system software , 2015, ESEC/SIGSOFT FSE.

[6]  Florian Schmidt,et al.  My VM is Lighter (and Safer) than your Container , 2017, SOSP.

[7]  S. She,et al.  Formal Semantics of the Kconfig Language Technical Note , 2010 .

[8]  Koushik Sen,et al.  CUTE: a concolic unit testing engine for C , 2005, ESEC/FSE-13.

[9]  Mayur Naik,et al.  Effective Program Debloating via Reinforcement Learning , 2018, CCS.

[10]  Neil Savage,et al.  Going serverless , 2018, Commun. ACM.

[11]  Wolfgang Schröder-Preikschat,et al.  A robust approach for variability extraction from the Linux build system , 2012, SPLC '12.

[12]  Koushik Sen DART: Directed Automated Random Testing , 2009, Haifa Verification Conference.

[13]  Binoy Ravindran,et al.  A binary-compatible unikernel , 2019, VEE.

[14]  Koushik Sen,et al.  Symbolic execution for software testing: three decades later , 2013, CACM.

[15]  Joseph M. Hellerstein,et al.  Serverless Computing: One Step Forward, Two Steps Back , 2018, CIDR.

[16]  Olivier Barais,et al.  Learning Very Large Configuration Spaces: What Matters for Linux Kernel Sizes , 2019 .

[17]  Wolfgang Schröder-Preikschat,et al.  Feature consistency in compile-time-configurable system software: facing the linux 10,000 feature problem , 2011, EuroSys '11.

[18]  Jon Crowcroft,et al.  Unikernels: library operating systems for the cloud , 2013, ASPLOS '13.

[19]  Andrew Ruef,et al.  Evaluating Fuzz Testing , 2018, CCS.

[20]  Scott R. Klemmer,et al.  An HCI View of Configuration Problems , 2016, ArXiv.

[21]  Chenxiong Qian,et al.  RAZOR: A Framework for Post-deployment Software Debloating , 2019, USENIX Security Symposium.

[22]  Antti Kantee,et al.  Rump Kernels: No OS? No Problem! , 2014, login Usenix Mag..

[23]  Choongwoo Han,et al.  The Art, Science, and Engineering of Fuzzing: A Survey , 2018, IEEE Transactions on Software Engineering.

[24]  Rakesh Bobba,et al.  MultiK: A Framework for Orchestrating Multiple Specialized Kernels , 2019, ArXiv.

[25]  Guru Venkataramani,et al.  TOSS: Tailoring Online Server Systems through Binary Feature Customization , 2018 .

[26]  Dawson R. Engler,et al.  KLEE: Unassisted and Automatic Generation of High-Coverage Tests for Complex Systems Programs , 2008, OSDI.

[27]  Sven Apel,et al.  A Study of Feature Scattering in the Linux Kernel , 2021, IEEE Transactions on Software Engineering.

[28]  Gordon Fraser,et al.  Code coverage at Google , 2019, ESEC/SIGSOFT FSE.

[29]  Dawson R. Engler,et al.  Exokernel: an operating system architecture for application-level resource management , 1995, SOSP.

[30]  Tianyin Xu,et al.  Systems Approaches to Tackling Configuration Errors , 2015, ACM Comput. Surv..

[31]  Donald E. Porter,et al.  A study of modern Linux API usage and compatibility: what to support when you're supporting , 2016, EuroSys.

[32]  Anil Madhavapeddy,et al.  Unikernels: Rise of the Virtual Library Operating System , 2013 .

[33]  David G. Andersen,et al.  Putting the "Micro" Back in Microservice , 2018, USENIX Annual Technical Conference.

[34]  Lok-Kwong Yan,et al.  Debloating Software through Piece-Wise Compilation and Loading , 2018, USENIX Security Symposium.

[35]  Chandra Krintz,et al.  Linux kernel special-ization for scientific application performance , 2005 .

[36]  Hashim Sharif,et al.  Trimmer: Application Specialization for Code Debloating , 2018, 2018 33rd IEEE/ACM International Conference on Automated Software Engineering (ASE).

[37]  Krzysztof Czarnecki,et al.  A user survey of configuration challenges in Linux and eCos , 2012, VaMoS '12.

[38]  Iago Abal,et al.  Variability Bugs in Highly Configurable Systems , 2018, ACM Trans. Softw. Eng. Methodol..

[39]  Wei-Tsong Lee,et al.  An Application-Oriented Linux Kernel Customization for Embedded Systems , 2004, J. Inf. Sci. Eng..

[40]  Kai Germaschewski Kernel configuration and building in Linux 2.5 , 2010 .

[41]  Iago Abal,et al.  42 variability bugs in the linux kernel: a qualitative analysis , 2014, ASE.

[42]  Brendan Burns,et al.  Design Patterns for Container-based Distributed Systems , 2016, HotCloud.

[43]  David A. Patterson,et al.  Cloud Programming Simplified: A Berkeley View on Serverless Computing , 2019, ArXiv.

[44]  Krzysztof Czarnecki,et al.  Mining configuration constraints: static analyses and empirical results , 2014, ICSE.

[45]  Jim-Min Lin,et al.  Linux kernel customization for embedded systems by using call graph approach , 2003, Proceedings of the ASP-DAC Asia and South Pacific Design Automation Conference, 2003..

[46]  Donald E. Porter,et al.  Cooperation and security isolation of library OSes for multi-process applications , 2014, EuroSys '14.

[47]  Peng Liu,et al.  JRed: Program Customization and Bloatware Mitigation Based on Static Analysis , 2016, 2016 IEEE 40th Annual Computer Software and Applications Conference (COMPSAC).

[48]  Wolfgang Schröder-Preikschat,et al.  Automatic OS Kernel TCB Reduction by Leveraging Compile-Time Configurability , 2012, HotDep.

[49]  Zhendong Su,et al.  Perses: Syntax-Guided Program Reduction , 2018, 2018 IEEE/ACM 40th International Conference on Software Engineering (ICSE).

[50]  Mathieu Acher,et al.  Learning From Thousands of Build Failures of Linux Kernel Configurations , 2019 .