Interposition as an Operating System Extension Mechanism

Modern production operating systems are large and complex systems developed over many years by large teams of programmers, containing many hundreds of thousands of lines of code. Consequently, it is extremely difficult to add significant new functionality to these systems [16, 1, 42]. In response to this problem, a number of recent research projects have addressed the issue of extensible operating systems; these include SPIN [7, 5], VINO [45, 41], Exokernel [20], Lipto [17], and Fluke [21]. This paper addresses the problem of providing extensibility for existing production operating systems such as Solaris, through the technique of interposition on existing kernel interfaces. Interposition is useful as an extension mechanism because it is transparent, it permits the incremental addition of functionality to an interface, and it enables the easy composition of multiple extensions. We have designedand implemented a prototype extension mechanism, SLIC, which utilizes interposition to efficiently insert trusted extension code into a production operating system kernel. We have used SLIC to implement a number of useful operating system extensions: a patch to fix a security hole described in a CERT advisory, a simple encryption file system, and a restricted execution environment for arbitrary untrusted binaries. Performance measurements of the SLIC prototype show that interposition on existing kernel interfaces can be accomplished efficiently.