vDSO (virtual dynamic shared object) is a kernel mechanism for exporting a carefully selected set of kernel space routines to user space applications so that applications can call these kernel space routines in-process, without incurring the performance penalty of a mode switch from user mode to kernel mode that is inherent when calling these same kernel space routines by means of the system call interface.[1][2]

vDSO uses standard mechanisms for linking and loading i.e. standard Executable and Linkable Format (ELF) format.[3][4] vDSO is a memory area allocated in user space which exposes some kernel functionalities. vDSO is dynamically allocated, offers improved safety through address space layout randomization, and supports more than four system calls. Some C standard libraries, like glibc, may provide vDSO links so that if the kernel does not have vDSO support, a traditional syscall is made.[5] vDSO helps to reduce the calling overhead on simple kernel routines, and it also can work as a way to select the best system-call method on some computer architectures such as IA-32.[6] An advantage over other methods is that such exported routines can provide proper DWARF (Debug With Attributed Record Format) debugging information. Implementation generally implies hooks in the dynamic linker to find the vDSOs.

vDSO was developed to offer the vsyscall features while overcoming its limitations: a small amount of statically allocated memory, which allows only four system calls, and the same addresses application binary interface (ABI) in each process, which compromises security. This security issue has been mitigated by emulating a virtual system call, but the emulation introduces additional latency.[5]

glibc has support for getrandom() vDSO.[7]

References

edit
  1. ^ Enrico Perla; Massimiliano Oldani (16 December 2016). Kernel Hacking: Exploits verstehen, schreiben und abwehren: Schwachstellen in Kernel-Architekturen erkennen und Gegenmaßnahmen ergreifen (in German). Franzis Verlag. pp. 466–. ISBN 978-3-645-20503-0.
  2. ^ "vDSO - overview of the virtual ELF dynamic shared object". Canonical. Archived from the original on 4 March 2016. Retrieved 10 December 2015.
  3. ^ "Creating a vDSO: the Colonel's Other Chicken". Linuxjournal.com. Retrieved 16 February 2015.
  4. ^ Corbet, Jonathan (8 June 2011). "On vsyscalls and the vDSO". Lwn.net. Retrieved 16 February 2015.
  5. ^ a b "Community answer to question "What are vDSO and vsyscall?"". Retrieved 19 November 2016.
  6. ^ Drysdale, David (16 July 2014). "Anatomy of a system call, part 2". Lwn.net. Retrieved 19 November 2018.
  7. ^ "sourceware.org Git - glibc.git/commit". sourceware.org. Retrieved 13 November 2024.

📚 Artikel Terkait di Wikipedia

Memory management

Memory management (also dynamic memory management, dynamic storage allocation, or dynamic memory allocation) is a form of resource management applied

Shared library

Linkable Format (ELF) for the shared object (SO) technology, sometimes and more accurately called dynamic shared object (DSO). DYLIB Darwin-based operating

Virtual method table

a programming language to support dynamic dispatch (or run-time method binding). Whenever a class defines a virtual function (or method), most compilers

Dynamic dispatch

both dynamic and static dispatch. The default form of dispatch is static. To get dynamic dispatch the programmer must declare a method as virtual. C++

Dynamic library

technology is called dynamic-link library. In Unix-like user space, it's called dynamic shared object (DSO), or usually just shared object (SO). In Linux kernel

Sigreturn-oriented programming

gadget needed for SROP exploits can always be found in the virtual dynamic shared object (VDSO) memory area on x86-Linux systems: __kernel_sigreturn

Dynamic web page

interact with the page via Document Object Model (DOM), to query page state and modify it. Even though a web page can be dynamic on the client-side, it can still

Polymorphism (computer science)

polymorphism becomes impossible for dynamic libraries as there is no way of knowing what types the parameters are when the shared object is built. While languages