skip to main content
research-article
Public Access

Set the Configuration for the Heart of the OS: On the Practicality of Operating System Kernel Debloating

Authors Info & Claims
Published:27 May 2020Publication History
Skip Abstract Section

Abstract

This paper presents a study on the practicality of operating system (OS) kernel debloating---reducing kernel code that is not needed by the target applications---in real-world systems. Despite their significant benefits regarding security (attack surface reduction) and performance (fast boot times and reduced memory footprints), the state-of-the-art OS kernel debloating techniques are seldom adopted in practice, especially in production systems. We identify the limitations of existing kernel debloating techniques that hinder their practical adoption, including both accidental and essential limitations. To understand these limitations, we build an advanced debloating framework named \tool which enables us to conduct a number of experiments on different types of OS kernels (including Linux and the L4 microkernel) with a wide variety of applications (including HTTPD, Memcached, MySQL, NGINX, PHP and Redis). Our experimental results reveal the challenges and opportunities towards making kernel debloating techniques practical for real-world systems. The main goal of this paper is to share these insights and our experiences to shed light on addressing the limitations of kernel debloating in future research and development efforts.

References

  1. Amazon Linux 2. https://aws.amazon.com/amazon-linux-2.Google ScholarGoogle Scholar
  2. Apache-Test. http://perl.apache.org/Apache-Test/.Google ScholarGoogle Scholar
  3. FIASCO : The L4Re Microkernel. http://os.inf.tu-dresden.de/fiasco.Google ScholarGoogle Scholar
  4. LAMP. http://ampps.com/lamp.Google ScholarGoogle Scholar
  5. Memcached Test. https://github.com/memcached/memcached/tree/master/t.Google ScholarGoogle Scholar
  6. nginx-tests. https://github.com/nginx/nginx-tests.Google ScholarGoogle Scholar
  7. PHP Test. https://github.com/php/php-src/tree/master/tests.Google ScholarGoogle Scholar
  8. QEMU - the FAST! processor emulator. https://www.qemu.org.Google ScholarGoogle Scholar
  9. Redis Test. https://github.com/antirez/redis/tree/unstable/tests.Google ScholarGoogle Scholar
  10. the cloud market. https://thecloudmarket.com/stats#/by_platform_definition.Google ScholarGoogle Scholar
  11. The MySQL Test Suite. https://dev.mysql.com/doc/refman/5.7/en/mysql-test-suite.html.Google ScholarGoogle Scholar
  12. Configuring the FreeBSD Kernel. https://www.freebsd.org/doc/en_US.ISO8859--1/books/handbook/kernelconfig-config.html, 2019.Google ScholarGoogle Scholar
  13. Iago Abal, Claus Brabrand, and Andrzej Wasowski. Variability Bugs in the Linux Kernel: a Qualitative Analysis. In ACM/IEEE International Conference on Automated Software Engineering (ASE'14), Vasteras, Sweden, 2014.Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. Iago Abal, Jean Melo, Stefan Stnciulescu, Claus Brabrand, Márcio Ribeiro, and Andrzej Wasowski. Variability Bugs in Highly Configurable Systems: A Qualitative Analysis. In ACM Transactions on Software Engineering and Methodology (TOSEM'18), 2018.Google ScholarGoogle Scholar
  15. Mathieu Acher, Hugo Martin, Juliana Alves Pereira, Arnaud Blouin, Jean-Marc Jézéquel, Djamel Eddine Khelladi, Luc Lesoil, and Oliver Barais. Learning Very Large Configuration Spaces: What Matters for Linux Kernel Sizes. Technical Report hal-02314830, INRIA, October 2019.Google ScholarGoogle Scholar
  16. Mathieu Acher, Hugo Martin, Juliana Alves Pereira, Arnaud Blouin, Djamel Eddine Khelladi, and Jean-Marc Jézéquel. Learning From Thousands of Build Failures of Linux Kernel Configurations. Technical report, INRIA, June 2019.Google ScholarGoogle Scholar
  17. Mansour Alharthi, Hong Hu, Hyungon Moon, and Taesoo Kim. On the Effectiveness of Kernel Debloating via Compile-time Configuration. In Proceedings of the 1st Workshop on SoftwAre debLoating And Delayering, Amsterdam, Netherlands, July 2018.Google ScholarGoogle Scholar
  18. aobench. Ambient Occlusion Benchmark. https://github.com/gnzlbg/aobench, 2019.Google ScholarGoogle Scholar
  19. Armin Biere. Picosat essentials. JSAT, 4, 2008.Google ScholarGoogle Scholar
  20. Sol Boucher, Anuj Kalia, David G. Andersen, and Michael Kaminsky. Putting the "Micro" Back in Microservice. In Proceedings of the 2018 USENIX Annual Technical Conference (USENIX ATC '18), Boston, MA, USA, July 2018.Google ScholarGoogle Scholar
  21. Brendan Burns and David Oppenheimer. Design Patterns for Container-based Distributed Systems. In Proceedings of the 8th USENIX Workshop on Hot Topics in Cloud Computing (HotCloud'16), Denver, CO, USA, June 2016.Google ScholarGoogle Scholar
  22. Cristian Cadar, Daniel Dunbar, and Dawson Engler. KLEE: Unassisted and Automatic Generation of High-Coverage Tests for Complex Systems Programs. In Proceedings of the 8th USENIX Conference on Operating Systems Design and Implementation (OSDI'08), San Diego, CA, USA, December 2008.Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. Cristian Cadar and Koushik Sen. Symbolic Execution For Software Testing: Three Decades Later. Communications of the ACM, 56(2):82--90, February 2013.Google ScholarGoogle ScholarDigital LibraryDigital Library
  24. Yurong Chen, Shaowen Sun, Tian Lan, and Guru Venkataramani. TOSS: Tailoring Online Server Systems through Binary Feature Customization. In Proceedings of the 2018 Workshop on Forming an Ecosystem Around Software Transformation (FEAST'18), Toronto, Canada, October 2018.Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. Jonathan Corbet. A different approach to kernel configuration. https://lwn.net/Articles/733405/, September 2016.Google ScholarGoogle Scholar
  26. Christian Dietrich, Reinhard Tartler, Wolfgang Schröder-Preikschat, and Daniel Lohmann. A Robust Approach for Variability Extraction from the Linux Build System. In Proceedings of the 16th International Software Product Line Conference (SPLC'12), Salvador, Brazil, 2012.Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. Alexia Emmanoulopoulou. infographic: How many people use Ubuntu? https://blog.ubuntu.com/2016/04/07/ubuntu-is-everywhere, April 2016.Google ScholarGoogle Scholar
  28. Dawson R. Engler, M. Frans Kaashoek, and James O'Toole Jr. Exokernel: An Operating System Architecture for Application-level Resource Management. In Proceedings of the 15th ACM Symposium on Operating Systems Principles (SOSP'95), Copper Mountain, Colorado, USA, 1995.Google ScholarGoogle Scholar
  29. Kai Germaschewski and Sam Ravnborg. Kernel configuration and building in Linux 2.5. In Proceedings of the 2003 Linux Symposium, Ottawa, Ontario, Canada, July 2003.Google ScholarGoogle Scholar
  30. Patrice Godefroid, Nils Klarlund, and Koushik Sen. DART: Directed Automated Random Testing. In Proceedings of the 2005 ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI'05), Chicago, IL, USA, June 2005.Google ScholarGoogle Scholar
  31. Joseph M. Hellerstein, Jose Faleiro, Joseph E. Gonzalez, Johann Schleier-Smith, Vikram Sreekanti, Alexey Tumanov, and Chenggang Wu. Serverless Computing: One Step Forward, Two Steps Back. In Proceedings of the 8th Biennial Conference on Innovative Data Systems Research (CIDR'19), Asilomar, California, USA, January 2019.Google ScholarGoogle Scholar
  32. Kihong Heo, Woosuk Lee, Pardis Pashakhanloo, and Mayur Naik. Effective Program Debloating via Reinforcement Learning. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security (CCS'18), Toronto, Canada, 2018.Google ScholarGoogle ScholarDigital LibraryDigital Library
  33. Arnaud Hubaux, Yingfei Xiong, and Krzysztof Czarnecki. A User Survey of Configuration Challenges in Linux and eCos. In Proceedings of 6th International Workshop on Variability Modeling of Software-intensive Systems (VaMoS'12), Leipzig, Germany, January 2012.Google ScholarGoogle ScholarDigital LibraryDigital Library
  34. Marko Ivankoviç, Goran Petroviç, René Just, and Gordon Fraser. Code Coverage at Google. In Proceedings of the 2019 12th Joint Meeting on Foundations of Software Engineering (ESEC/FSE 2019), Tallinn, Estonia, 2019.Google ScholarGoogle ScholarDigital LibraryDigital Library
  35. MSV Janakiram. 10 Reasons Why Ubuntu Is Killing It In The Cloud. https://www.forbes.com/sites/janakirammsv/2016/01/12/10-reasons-why-ubuntu-is-killing-it-in-the-cloud, January 2016.Google ScholarGoogle Scholar
  36. Yufei Jiang, Dinghao Wu, and Peng Liu. JRed: Program Customization and Bloatware Mitigation Based on Static Analysis. In 2016 IEEE 40th Annual Computer Software and Applications Conference, 2016.Google ScholarGoogle Scholar
  37. Eric Jonas, Johann Schleier-Smith, Vikram Sreekanti, Chia-Che Tsai, Anurag Khandelwal, Qifan Pu, Vaishaal Shankar, Joao Menezes Carreira, Karl Krauth, Neeraja Yadwadkar, Joseph Gonzalez, Raluca Ada Popa, Ion Stoica, and David A. Patterson. Cloud Programming Simplified: A Berkeley View on Serverless Computing. Technical Report UCB/EECS-2019--3, EECS Department, University of California, Berkeley, Feb 2019.Google ScholarGoogle Scholar
  38. Junghwan Kang. A Practical Approach of Tailoring Linux Kernel. In The Linux Foundation Open Source Summit North America, Los Angeles, CA, September 2017.Google ScholarGoogle Scholar
  39. Junghwan Kang. An Empirical Study of an Advanced Kernel Tailoring Framework. In The Linux Foundation Open Source Summit, Vancouver, BC, Canada, August 2018.Google ScholarGoogle Scholar
  40. Junghwan Kang. Linux Kernel Tailoring Framework. https://github.com/ultract/linux-kernel-tailoring-framework, August 2018.Google ScholarGoogle Scholar
  41. Antti Kantee and Justin Cormack. Rump Kernels: No OS? No Problem! ;login:, 39(5):11--17, 2014.Google ScholarGoogle Scholar
  42. kernel.org. Kconfig. https://www.kernel.org/doc/Documentation/kbuild/kconfig-language.txt, 2018.Google ScholarGoogle Scholar
  43. Avi Kivity, Dor Laor, Glauber Costa, Pekka Enberg, Nadav Har'El, Don Marti, and Vlad Zolotarov. OSV -- Optimizing the Operating System for Virtual Machines. In Proceedings of the 2014 USENIX Annual Technical Conference (USENIX ATC'14), Philadelphia, PA, USA, June 2014.Google ScholarGoogle Scholar
  44. George Klees, Andrew Ruef, Benji Cooper, Shiyi Wei, and Michael Hicks. Evaluating Fuzz Testing. In Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security (CCS'18), Toronto, Canada, 2018.Google ScholarGoogle Scholar
  45. Hsuan-Chi Kuo, Akshith Gunasekaran, Yeongjin Jang, Sibin Mohan, Rakesh B. Bobba, David Lie, and Jesse Walker. MultiK: A Framework for Orchestrating Multiple Specialized Kernels. arXiv:1903.06889, March 2019.Google ScholarGoogle Scholar
  46. Anil Kurmus, Reinhard Tartler, Daniela Dorneanu, Bernhard Heinloth, Valentin Rothberg, Andreas Ruprecht, Wolfgang Schrö der-Preikschat, Daniel Lohmann, and Rü diger Kapitza. Attack Surface Metrics and Automated Compile-Time OS Kernel Tailoring. In Proceedings of the 20th Annual Network and Distributed System Security Symposium (NDSS'13), San Diego, CA, USA, February 2013.Google ScholarGoogle Scholar
  47. Che-Tai Lee, Zeng-Wei Hong, and Jim-Min Lin. Linux Kernel Customization for Embedded Systems By Using Call Graph Approach. In Proceedings of the 2003 Asia and South Pacific Design Automation Conference (ASP-DAC'03), Kitakyushu, Japan, January 2003.Google ScholarGoogle Scholar
  48. Chi-Tai Lee, Jim-Min Lin, Zeng-Wei Hong, and Wei-Tsong Lee. An Application-Oriented Linux Kernel Customization for Embedded Systems. Journal of Information Science and Engineering, 20(6), 2004.Google ScholarGoogle Scholar
  49. Anil Madhavapeddy, Richard Mortier, Charalampos Rotsos, David Scott, Balraj Singh, Thomas Gazagnaire, Steven Smith, Steven Hand, and Jon Crowcroft. Unikernels: Library Operating Systems for the Cloud. In Proceedings of the 18th International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS'13), Houston, Texas, USA, 2013.Google ScholarGoogle ScholarDigital LibraryDigital Library
  50. Anil Madhavapeddy and David J. Scott. Unikernels: Rise of the Virtual Library Operating System. Communications of the ACM, 57(1):61--69, 2014.Google ScholarGoogle ScholarDigital LibraryDigital Library
  51. Linux man page. addr2line(1). https://linux.die.net/man/1/addr2line, 2019.Google ScholarGoogle Scholar
  52. Filipe Manco, Costin Lupu, Florian Schmidt, Jose Mendes, Simon Kuenzer, Sumit Sati, Kenichi Yasukata, Costin Raiciu, and Felipe Huici. My VM is Lighter (and Safer) Than Your Container. In Proceedings of the 26th Symposium on Operating Systems Principles (SOSP'17), Shanghai, China, October 2017.Google ScholarGoogle ScholarDigital LibraryDigital Library
  53. Valentin J.M. Manés, HyungSeok Han, Choongwoo Han, Sang Kil Cha, Manuel Egele, Edward J. Schwartz, and Maverick Woo. The Art, Science, and Engineering of Fuzzing: A Survey. arXiv:1812.00140, April 2019.Google ScholarGoogle Scholar
  54. Sarah Nadi, Thorsten Berger, Christian K"astner, and Krzysztof Czarnecki. Mining Configuration Constraints: Static Analyses and Empirical Results. In Proceedings of the 36th International Conference on Software Engineering (ICSE'14), Hyderabad, India, 2014.Google ScholarGoogle Scholar
  55. Pierre Olivier, Daniel Chiba, Stefan Lankes, Changwoo Min, and Binoy Ravindran. A Binary-Compatible Unikernel. In Proceedings of the 15th ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments (VEE'19), Providence, Rhode Island, USA, April 2019.Google ScholarGoogle Scholar
  56. Leonardo Passos, Rodrigo Queiroz, Mukelabai Mukelabai, Thorsten Berger, Sven Apel, Krzysztof Czarnecki, and Jesus Padilla. A Study of Feature Scattering in the Linux Kernel. In IEEE Transactions on Software Engineering (TSE), 2018.Google ScholarGoogle Scholar
  57. Nicolas Pitre. LWN: Shrinking the kernel with a hammer. https://lwn.net/Articles/748198/, 2018.Google ScholarGoogle Scholar
  58. Nicolas Pitre. LWN: Shrinking the kernel with an axe. https://lwn.net/Articles/746780/, 2018.Google ScholarGoogle Scholar
  59. Nicolas Pitre. LWN: Shrinking the kernel with link-time garbage collection. https://lwn.net/Articles/741494/, 2018.Google ScholarGoogle Scholar
  60. Nicolas Pitre. LWN: Shrinking the kernel with link-time optimization. https://lwn.net/Articles/744507/, 2018.Google ScholarGoogle Scholar
  61. Chenxiong Qian, Hong Hu, Mansour Alharthi, Pak Ho Chung, Taesoo Kim, and Wenke Lee. RAZOR: A Framework for Post-deployment Software Debloating. In Proceedings of the 28th USENIX Security Symposium, Santa Clara, CA, USA, August 2019.Google ScholarGoogle Scholar
  62. Anh Quach, Aravind Prakash, and Lok Yan. Debloating Software through Piece-Wise Compilation and Loading. In Proceedings of the 27th USENIX Security Symposium, Baltimore, MD, USA, August 2018.Google ScholarGoogle ScholarDigital LibraryDigital Library
  63. Vaibhav Rastogi, Drew Davidson, Lorenzo De Carli, Somesh Jha, and Patrick McDaniel. Cimplifier: Automatically Debloating Containers. In Proceedings of the 2017 11th Joint Meeting on Foundations of Software Engineering (ESEC/FSE 2017), Paderborn, Germany, 2017.Google ScholarGoogle Scholar
  64. Neil Savage. Going Serverless. Communications of the ACM, 61(2), February 2018.Google ScholarGoogle Scholar
  65. Alberto Savoia. Code coverage goal: 80% and no less! https://testing.googleblog.com/2010/07/code-coverage-goal-80-and-no-less.html, July 2010.Google ScholarGoogle Scholar
  66. Koushik Sen, Darko Marinov, and Gul Agha. CUTE: A Concolic Unit Testing Engine for C. In Proceedings of the 10th European Software Engineering Conference held jointly with 13th ACM SIGSOFT International Symposium on Foundations of Software Engineering (ESEC/FSE'05), Lisbon, Portugal, September 2005.Google ScholarGoogle ScholarCross RefCross Ref
  67. Hashim Sharif, Muhammad Abubakar, Ashish Gehani, and Fareed Zaffar. TRIMMER: Application Specialization for Code Debloating. In Proceedings of the 33rd ACM/IEEE International Conference on Automated Software Engineering (ASE '18), Montpellier, France, September 2018.Google ScholarGoogle Scholar
  68. Steven She and Thorsten Berger. Formal Semantics of the Kconfig Language. Technical report, Electrical and Computer Engineering, University of Waterloo, Canada, January 2010. Technical Note.Google ScholarGoogle Scholar
  69. Klaus Stengel, Florian Schmaus, and Rü diger Kapitza. EsseOS: Haskell-based Tailored Services for the Cloud. In Proceedings of the 12th International Workshop on Adaptive and Reflective Middleware (ARM'13), Beijing, China, December 2013.Google ScholarGoogle Scholar
  70. Chengnian Sun, Yuanbo Li, Qirun Zhang, Tianxiao Gu, and Zhendong Su. Perses: Syntax-guided Program Reduction. In In Proceedings of the 40th International Conference on Software Engineering (ASE'18), 2018.Google ScholarGoogle Scholar
  71. Reinhard Tartler, Anil Kurmus, Bernhard Heinloth, Valentin Rothberg, Andreas Ruprecht, Daniela Dorneanu, Rüdiger Kapitza, Wolfgang Schröder-Preikschat, and Daniel Lohmann. Automatic OS Kernel TCB Reduction by Leveraging Compile-time Configurability. In Proceedings of the 8th USENIX Conference on Hot Topics in System Dependability (HotDep'12), Hollywood, CA, 2012.Google ScholarGoogle Scholar
  72. Reinhard Tartler, Daniel Lohmann, Julio Sincero, and Wolfgang Schröder-Preikschat. Feature Consistency in Compile-time-configurable System Software: Facing the Linux 10,000 Feature Problem. In Proceedings of the Sixth Conference on Computer Systems (Eurosys'11), Salzburg, Austria, April 2011.Google ScholarGoogle ScholarDigital LibraryDigital Library
  73. Chia-Che Tsai, Kumar Saurabh Arora, Nehal Bandi, Bhushan Jain, William Jannen, Jitin John, Harry A. Kalodner, Vrushali Kulkarni, Daniela Oliveira, and Donald E. Porter. Cooperation and Security Isolation of Library OSes for Multi-process Applications. In Proceedings of the Ninth European Conference on Computer Systems (EuroSys'14), Amsterdam, The Netherlands, 2014.Google ScholarGoogle ScholarDigital LibraryDigital Library
  74. Chia-Che Tsai, Bhushan Jain, Nafees Ahmed Abdul, and Donald E. Porter. A Study of Modern Linux API Usage and Compatibility: What to Support When You're Supporting. In Proceedings of the 11th European Conference on Computer Systems (EuroSys'16), London, UK, 2016.Google ScholarGoogle ScholarDigital LibraryDigital Library
  75. Bart Veer and John Dallaway. The eCos component writer's guide. Available: ecos. sourceware. org/ecos/docs-latest/cdl-guide/cdlguide. html, 2000.Google ScholarGoogle Scholar
  76. Tianyin Xu, Long Jin, Xuepeng Fan, Yuanyuan Zhou, Shankar Pasupathy, and Rukma Talwadker. Hey, You Have Given Me Too Many Knobs! Understanding and Dealing with Over-Designed Configuration in System Software. In Proceedings of the 10th Joint Meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering (ESEC/FSE'15), Bergamo, Italy, August 2015.Google ScholarGoogle ScholarDigital LibraryDigital Library
  77. Tianyin Xu, Vineet Pandey, and Scott Klemmer. An HCI View of Configuration Problems. arXiv:1601.01747, January 2016.Google ScholarGoogle Scholar
  78. Tianyin Xu and Yuanyuan Zhou. Systems Approaches to Tackling Configuration Errors: A Survey. ACM Computing Surveys (CSUR), 47(4), July 2015.Google ScholarGoogle Scholar
  79. Lamia M. Youseff, Richard Wolski, and Chandra Krintz. Linux Kernel Specialization for Scientific Application Performance. Technical Report 2005--29, University of California Santa Barbara, 2005.Google ScholarGoogle Scholar

Index Terms

  1. Set the Configuration for the Heart of the OS: On the Practicality of Operating System Kernel Debloating

        Recommendations

        Comments

        Login options

        Check if you have access through your login credentials or your institution to get full access on this article.

        Sign in

        Full Access

        PDF Format

        View or Download as a PDF file.

        PDF

        eReader

        View online with eReader.

        eReader
        About Cookies On This Site

        We use cookies to ensure that we give you the best experience on our website.

        Learn more

        Got it!