Fault Injection for Linux Device Drivers on x86, MIPS and ARM Architectures

Abstract

The security of device drivers should be verified by system testing. This paper presents QDFaultInjector, a fault injection tool that can work on three architectures (x86 64, AArch64 and MIPS64) to test Linux kernel modules (including device drivers) at runtime. Firstly, overall framework of QDFaultInjector is introduced in this paper, along with monitoring of LKM operation based on notifier chain and callback function and flexible mechanisms of retriggering faults and automatic recovering based on debugfs pseudo file system. Moreover, it is explained in detail how instruction replacement is implemented for fault injection on different architectures, because it is architecture-specific, i.e., it is related to the machine codes and the formats of instructions. Thereafter, a char device driver is used to verify every function of QDFaultInjector on the above architectures respectively and the results show that QDFaultInjector can inject faults successfully and effectively. In addition, a few of realistic network card drivers such as hns3 and pcnet32 are used to do the tests and some events of system breakdown occur when some faults that have been injected into device drivers by QDFaultInjector are triggered. That means that some potential problems are existed in the corresponding device drivers, which ought to be revised and perfected. Finally, QDFaultInjector is compared with some other fault injection tools and a conclusion is drawn that it supports more computer architectures and it is more flexible for testing operations.