Research On Trust Technology Of Linux Kernel

The Linux system exposes more and more security issues while being widely used and the Linux kernel is particularly vulnerable to security threats.If an attacker successfully inserts malicious code into the kernel and obtains root permission,it will affect all applications,causing sensitive data leakage and other serious consequences.In the research of Linux kernel protection technology,the defense method based on software cannot completely prevent the attack on the kernel,while the defense method based on hardware usually faces the problems of restricted environment and difficulty in portability.In order to solve the above-mentioned problems,this thesis provides a reinforcement method for the Linux kernel based on ARM TrustZone and virtualization technology.The trusted execution environment constructed by TrustZone is used to ensure the trusted running of the kernel protection code,preventing attackers from tampering the kernel,and keep the kernel running correctly all the time.ARM virtualization technology is used to build a hypervisor,which runs mutually isolated virtual machines in the kernel and protects key processes of the kernel through virtual machines.The main work of this thesis is summarized as follows:(1)Design a Linux kernel translation table protection method based on TrustZone:This method places a translation table agent in the kernel by modifying the kernel memory management related code,which forwards all translation table operations in the kernel to TrustZone secure world.The secure world performs validity check on the translation table operations,preventing attackers from modifying translation tables incorrectly in the kernel state.This method uses TrustZone to ensure the trusted running of translation table protection code and avoid the threats of malicious code in the kernel state.(2)Design a Linux kernel integrity protection method based on TrustZone:This method periodically launches integrity check on kernel code,data and registers in TrustZone secure world to prevent attackers from destroying kernel integrity by means other than tampering with translation tables.This method uses TrustZone to protect the integrity verification function and reference values,preventing attackers from directly damaging the integrity protection process.Translation table protection and integrity protection complement each other to ensure that the kernel always runs in a trusted state and improve the security of the kernel.(3)Design an isolation environment for running Linux processes based on hypervisor:In order to protect critical processes of the kernel,this method uses ARM virtualization technology to divide several isolated areas in normal world and places the critical processes in virtual machines which running in the isolated areas,preventing attackers from accessing the logic of the critical processes.The isolation environment can protect critical processes in normal world to reduce the code size of secure world through avoiding putting critical processes in it.So,the security of overall system is improved.Through the security analysis and the test of the prototype system,the Linux kernel protection method implemented in this thesis can successfully prevent kernel attacks even if the kernel has been damaged.Meanwhile,the prototype system achieves minimal performance overhead in most common scenarios.It is suitable to deploy on any ARM platform with TrustZone and virtualization extensions.