abstract

Public Access

Set the Configuration for the Heart of the OS: On the Practicality of Operating System Kernel Debloating

Authors:

Hsuan-Chi Kuo,

Jianyan Chen,

Sibin Mohan,

Tianyin XuAuthors Info & Claims

SIGMETRICS '20: Abstracts of the 2020 SIGMETRICS/Performance Joint International Conference on Measurement and Modeling of Computer Systems

Pages 87 - 88

https://doi.org/10.1145/3393691.3394215

Published: 08 June 2020 Publication History

PDF eReader

Abstract

This paper presents a study on the practicality of operating system (OS) kernel debloating---reducing kernel code that is not needed by the target applications---in real-world systems. Despite their significant benefits regarding security (attack surface reduction) and performance (fast boot times and reduced memory footprints), the state-of-the-art OS kernel debloating techniques are seldom adopted in practice, especially in production systems. We identify the limitations of existing kernel debloating techniques that hinder their practical adoption, including both accidental and essential limitations. To understand these limitations, we build an advanced debloating framework named \tool which enables us to conduct a number of experiments on different types of OS kernels (including Linux and the L4 microkernel) with a wide variety of applications (including HTTPD, Memcached, MySQL, NGINX, PHP and Redis). Our experimental results reveal the challenges and opportunities towards making kernel debloating techniques practical for real-world systems. The main goal of this paper is to share these insights and our experiences to shed light on addressing the limitations of kernel debloating in future research and development efforts.

Supplementary Material

MP4 File (3393691.3394215.mp4)

Presentation video

Download
27.24 MB

Reference

[1]

Hsuan-Chi Kuo, Jianyan Chen, Sibin Mohan, and Tianyin Xu. Set the Configuration for the Heart of the OS: On the Practicality of Operating System Kernel Debloating. Proc. ACM Meas. Anal. Comput. Syst., 4(1), March 2020.

Digital Library

Google Scholar

Cited By

View all

Oh CLee SQian CKoo HLee W(2022)DeView: Confining Progressive Web Applications by Debloating Web APIsProceedings of the 38th Annual Computer Security Applications Conference10.1145/3564625.3567987(881-895)Online publication date: 5-Dec-2022
https://dl.acm.org/doi/10.1145/3564625.3567987
Xin QZhang QOrso A(2022)Studying and Understanding the Tradeoffs Between Generality and Reduction in Software DebloatingProceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering10.1145/3551349.3556970(1-13)Online publication date: 10-Oct-2022
https://dl.acm.org/doi/10.1145/3551349.3556970
Martin HAcher MPereira JLesoil LJezequel JKhelladi D(2022)Transfer Learning Across Variants and Versions: The Case of Linux Kernel SizeIEEE Transactions on Software Engineering10.1109/TSE.2021.311676848:11(4274-4290)Online publication date: 1-Nov-2022
https://doi.org/10.1109/TSE.2021.3116768
Show More Cited By

Index Terms

Set the Configuration for the Heart of the OS: On the Practicality of Operating System Kernel Debloating
1. Software and its engineering
  1. Software notations and tools
    1. Software configuration management and version control systems
  2. Software organization and properties
    1. Contextual software domains
      1. Operating systems

Recommendations

Set the configuration for the heart of the OS: on the practicality of operating system kernel debloating

This paper presents a study on the practicality of operating system (OS) kernel debloating, that is, reducing kernel code that is not needed by the target applications. Despite their significant benefits regarding security (attack surface reduction) and ...
Set the Configuration for the Heart of the OS: On the Practicality of Operating System Kernel Debloating
SIGMETRICS

This paper presents a study on the practicality of operating system (OS) kernel debloating---reducing kernel code that is not needed by the target applications---in real-world systems. Despite their significant benefits regarding security (attack surface ...
Adapting Linux for mobile platforms: An empirical study of Android
ICSM '12: Proceedings of the 2012 IEEE International Conference on Software Maintenance (ICSM)

To deliver a high quality software system in a short release cycle time, many software organizations chose to reuse existing mature software systems. Google has adapted one of the most reused computer operating systems (i.e., Linux) into an operating ...

Comments

Information & Contributors

Information

Published In

SIGMETRICS '20: Abstracts of the 2020 SIGMETRICS/Performance Joint International Conference on Measurement and Modeling of Computer Systems

June 2020

124 pages

ISBN:9781450379854

DOI:10.1145/3393691

General Chair:
Edmund Yeh
Northeastern University, USA
,
Program Chairs:
Athina Markopoulou
University of California, Irvine, USA
,
Y.C. Tay
National University of Singapore, Singapore

Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for third-party components of this work must be honored. For all other uses, contact the Owner/Author.

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 08 June 2020

Check for updates

Author Tags

Qualifiers

Abstract

Funding Sources

Office of Naval Research

Conference

SIGMETRICS '20

Sponsor:

SIGMETRICS

SIGMETRICS '20: ACM SIGMETRICS / International Conference on Measurement and Modeling of Computer Systems

June 8 - 12, 2020

MA, Boston, USA

Acceptance Rates

Overall Acceptance Rate 459 of 2,691 submissions, 17%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

10
Total Citations
View Citations
262
Total Downloads

Downloads (Last 12 months)72
Downloads (Last 6 weeks)10

Reflects downloads up to 23 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

View all

Oh CLee SQian CKoo HLee W(2022)DeView: Confining Progressive Web Applications by Debloating Web APIsProceedings of the 38th Annual Computer Security Applications Conference10.1145/3564625.3567987(881-895)Online publication date: 5-Dec-2022
https://dl.acm.org/doi/10.1145/3564625.3567987
Xin QZhang QOrso A(2022)Studying and Understanding the Tradeoffs Between Generality and Reduction in Software DebloatingProceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering10.1145/3551349.3556970(1-13)Online publication date: 10-Oct-2022
https://dl.acm.org/doi/10.1145/3551349.3556970
Martin HAcher MPereira JLesoil LJezequel JKhelladi D(2022)Transfer Learning Across Variants and Versions: The Case of Linux Kernel SizeIEEE Transactions on Software Engineering10.1109/TSE.2021.311676848:11(4274-4290)Online publication date: 1-Nov-2022
https://doi.org/10.1109/TSE.2021.3116768
Xu QDavis JHu YJindal A(2022)An Empirical Study on the Impact of Deep Parameters on Mobile App Energy Usage2022 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER)10.1109/SANER53432.2022.00103(844-855)Online publication date: Mar-2022
https://doi.org/10.1109/SANER53432.2022.00103
Zhang JPiskac RZhai EXu T(2021)Static detection of silent misconfigurations with deep interaction analysisProceedings of the ACM on Programming Languages10.1145/34855175:OOPSLA(1-30)Online publication date: 15-Oct-2021
https://dl.acm.org/doi/10.1145/3485517
Liu XWang SMa YZhang YMei QLiu YHuang G(2021)Operating Systems for Resource-adaptive Intelligent Software: Challenges and OpportunitiesACM Transactions on Internet Technology10.1145/342586621:2(1-19)Online publication date: 15-Mar-2021
https://dl.acm.org/doi/10.1145/3425866
Kim SKim BLee D(2021)Prof-gen: Practical Study on System Call Whitelist Generation for Container Attack Surface Reduction2021 IEEE 14th International Conference on Cloud Computing (CLOUD)10.1109/CLOUD53861.2021.00041(278-287)Online publication date: Sep-2021
https://doi.org/10.1109/CLOUD53861.2021.00041
Kuo HChen JMohan SXu T(2020)Set the Configuration for the Heart of the OSACM SIGMETRICS Performance Evaluation Review10.1145/3410048.341009948:1(87-88)Online publication date: 9-Jul-2020
https://dl.acm.org/doi/10.1145/3410048.3410099
Qian CKoo HOh CKim TLee WLigatti JOu XKatz JVigna G(2020)Slimium: Debloating the Chromium Browser with Feature SubsettingProceedings of the 2020 ACM SIGSAC Conference on Computer and Communications Security10.1145/3372297.3417866(461-476)Online publication date: 30-Oct-2020
https://dl.acm.org/doi/10.1145/3372297.3417866
Kuo HWilliams DKoller RMohan SBilas AMagoutis KMarkatos EKostic DSeltzer M(2020)A Linux in unikernel clothingProceedings of the Fifteenth European Conference on Computer Systems10.1145/3342195.3387526(1-15)Online publication date: 15-Apr-2020
https://dl.acm.org/doi/10.1145/3342195.3387526

View Options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Index Terms

Recommendations