Kernel Aware Module Verification for Robust Reconfigurable Operating System

The loadable kernel modules supported by Linux provide many benefits including a small-sized kernel, on-demand loading, and simpler upgrading of software. However, modules are executed in a privileged mode so that trivial errors in a module may cause a critical system halt or deadlock situations. We introduce a kernel resource protector which shields the kernel from faults generated by modules. It models the kernel as module objects and resource objects. By observing the interrelations between the two types of object, the protector can detect misuses of kernel resources by modules and take action to resolve the resulting problems. An experimental implementation demonstrates that the protector can detect memory wasted by modules and reclaim such leaks without degrading system performance. The resulting increase in robustness is especially significant for systems equipped with NVRAM (Non-Volatile RAM), such as FRAM and PRAM, which is not reset by rebooting.