Skip to content
/ KLAUS Public

A framework to test the correctness of the Linux kernel patch.

License

Notifications You must be signed in to change notification settings

wupco/KLAUS

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
 
 
 
 
 
 
 
 
 
 

Repository files navigation

KLAUS

A framework to test the correctness of the Linux kernel patch.

Docker-env

Docker environment for KLAUS.

KLAUS requires two arguments:

  • commitid: The commit id of the buggy patch.
  • syzid: The bug report id of the bug that the patch fixes.

e.g. To test the correctness of the patch https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=730c5fd42c1e, we need the commitid 730c5fd42c1e and the bug report(https://syzkaller.appspot.com/bug?id=53b6555b27af2cae74e2fbdac6cadc73f9cb18aa) id 53b6555b27af2cae74e2fbdac6cadc73f9cb18aa that this patch fixes.

cd Docker-env
docker build -t klaus . 
docker run -v $(pwd)/data:/data --rm -it --privileged klaus
# static analysis and instrumentation.
cd /data/fuzz_cfgs_dir/
python3 build_env.py [commitid] [syzid]
# start fuzzing.
cd [commitid]
./fuzz_start.sh

Syzpatch

Source code of KLAUS.

  • patch_analyzer: static analysis tool.
  • patch_fuzzer: fuzzing instance.
  • setup_env: script to build the enviroment for cases.
  • syzPatch-gcc: the tool to instrument feedback for fuzzer.

More details

Access our paper and slides here.

@inproceedings{klaus,
  author = {Wu, Yuhang and Lin, Zhenpeng and Chen, Yueqi and Le, Dang K and Mu, Dongliang and Xing, Xinyu},
  title = {Mitigating Security Risks in Linux with {KLAUS}: A Method for Evaluating Patch Correctness},
  booktitle = {32nd USENIX Security Symposium (USENIX Security 23)},
  year = {2023},
}

About

A framework to test the correctness of the Linux kernel patch.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published