VUOS (View based OS) is a virtual operating system that permits to give to each process a different view of the underlying system, i.e. access only some specific directories or specified system calls. This is currently obtained intercepting system call requests leveraging the ptrace system call. All the system call requests are forwarded to a VUOS hypervisor (umvu) that runs in user space. For each request, the hypervisor can use its own system call implementation or forward it to the Linux kernel. Running the hypervisor in the user space, like any other user process, increases the security because, in the case of sandbox escape bugs, the potentially malicious process obtains only limited system access. This approach can be seen as an extension to system calls of the FUSE behavior. FUSE (File system in Userspace) is a user-space file system framework that permits users to implement their own file systems without patching the Linux kernel. A kernel module forwards requests for each FUSE-mounted file system to its corresponding user process. FUSE is specific for file systems. VUOS instead permits to implement several system services in user space, like virtual devices, virtual networking and file systems (including reimplementing FUSE as a VUOS module).
VUOS: A User-Space Hypervisor Based on System Call Hijacking
Davide Berardi;
2024-01-01
Abstract
VUOS (View based OS) is a virtual operating system that permits to give to each process a different view of the underlying system, i.e. access only some specific directories or specified system calls. This is currently obtained intercepting system call requests leveraging the ptrace system call. All the system call requests are forwarded to a VUOS hypervisor (umvu) that runs in user space. For each request, the hypervisor can use its own system call implementation or forward it to the Linux kernel. Running the hypervisor in the user space, like any other user process, increases the security because, in the case of sandbox escape bugs, the potentially malicious process obtains only limited system access. This approach can be seen as an extension to system calls of the FUSE behavior. FUSE (File system in Userspace) is a user-space file system framework that permits users to implement their own file systems without patching the Linux kernel. A kernel module forwards requests for each FUSE-mounted file system to its corresponding user process. FUSE is specific for file systems. VUOS instead permits to implement several system services in user space, like virtual devices, virtual networking and file systems (including reimplementing FUSE as a VUOS module).I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.