Hybrid System Call Interposition
HSCI is a novel framework to operating system (OS) extensibility,
which will support system call interposition based extensions as an
alternative to modifying OS source code. The framework will generate
easy to program, flexible, robust and non-circumventable extensions
without requiring modifications to OS - instead, systemcalls are
intercepted and redirected to the extensions. Previous research in
this area can be categorized into: user-level systemcall interposition
where secure mechanisms such as ptrace on Linux, are used to interpose
systemcalls in the user memory, and kernel-interposition in which the
systemcalls are interposed inside the kernel memory using dynamically
loadable modules. The former, is easy to program, due to availability
of good software-development tools such as debuggers at user level.
However, they are inefficient as it involves data copying (context
switch) between user and kernel memories. Kernel-interposition is
efficient, but not robust, errors in kernel extensions can cause the
kernel to crash. Our framework draws on the advantages of both these
approaches. Here, an efficient filtering tool filters out network
packets inside the kernel and dispatches the needed packets to the
user level. The key contribution of this framework is the powerful yet
efficient filtering language and enforcement mechanism which makes
very few context switches and has low context switch overhead. The
results from this framework will be used in developing a user-choice
driven OS extensions. Examples of such an extension is a compressed
file system, in which, the user has the flexibility to decide on the
compression algorithm. This was not possible so far, since efficiency
of the OS extension and flexibility were contradictory requirements.
Sponsors: University of Missouri Research Board, 
I am working on this Prof. R. Sekar, Weiqing Sun, Wei Xu (all at Stony Brook) and Saurabh Pathak (UMKC).
Return to homepage of Prem Uppuluri
Last Updated: May 20, 2004