Porting Linux on ARM-Based Micro-controllers

Tsai, Ju-Chin

30 July 2006

More and more embedded systems choose ARM-based micro-controllers as CPU. If no embedded OS built with the system, the application scope will be restricted. Therefore, the need of embedded OS is vital. There are many embedded OS¡¦s in the market, but the embedded Linux has many advantages and is widely accepted. Commercial embedded Linux takes less refund than other embedded OS¡¦s. The kernel and most applications are distributed in GPL open source copyright, and is highly portable to many machine platforms. Presently, the hardware key-technology is highly skilled. The margin of 3C industrial has gone down rapidly. Therefore, people focus on adapting integrated technology to practicality and innovation to make cost down. Developers choose appropriate ARM micro-controllers according to demanding functionality of their products. The microcontroller is not necessary running with Linux distribution. Two approaches can be used to resolve the embedded OS issue. The first approach is porting Linux to the platform without any refund. The second approach is to pay for commercial Linux. Embedded system peripheral devices aim at powerful functionalities and economy. For instance, UART interface is cheap and low data transfer rate. The target board communicates with host via RS-232. RS-232 acts as serial console to play dumb terminal under Linux. Industrial applications often make use of RS-xxx for UART physical transmission layer. For instance, RS-485 applies modbus protocol to build cheap monitor systems. Network transmission is a necessary function, and it generally achieves high data transfer rate application through Ethernet. The UNIX-like network socket has served network application very well. Embedded systems are usually diskless systems. In order to keep permanent data, using flash memory as block disk system is a widely adapted strategy and which operates flash memory through MTD subsystems¡][28]¡^. An MTD subsystem contains two different modules, ¡§user¡¨and ¡§driver¡¨. In the driver module, CFI¡][40]¡^ is applied to probe flash chip, partition it and provide operating function. Flash translation layer and file-system are applied in the user module. MTD BLOCK is used to emulate the flash partitions as block devices which are then mounted into Linux virtual file system¡]VFS¡^with JFFS2 type, designed according to the feature of flash devices. In this thesis, we will describe in detail the procedure of porting Linux to ARM micro-controllers. The motivation of the work is introduced in chapter 1. In chapter 2, we introduce development tools and the main flow of the porting procedure. In chapter 3, we describe the LH79525 platform and the main perepherals on the target board, then introduce the ARM programmer model. In chapter 4, we examine the required knowledge and the important issues for porting ARM Linux. In chapter 5, we describe the details of porting Linux to run with Sharp LH79525, including modifying the key source codes and adjusting kernel configuration for embedding the UART, ethernet MAC, and MTD subsystem. In chapter 6, we do step-by-step validation and apply an integrated application with the LF-314CP temperature controller¡][46]¡^ by law-chain technology for the LH79525 target board running with the ported ARM Linux. In chapter 7, we present some issues for future work and improvement, then make a conclusion for the thesis.

MAC

JTAG

XIP

FTL

ARM EVB

MTD subsystem

NOR flash

BSP

SDRAM

JFFS2

modbus

Embedded Linux

CFI

MCU

UART

Mixed Messages

Vice President Research, Office of the

12 1900

As the dangers of teens and the internet make media headlines, Jennifer Shapka sifts through the fact and fiction of adolescent internet use.

Jennifer Shapka

Developmental Change and Technology Lab

internet

adolescent development

Canada Foundation for Innovation

CFI

educational and counseling psychology

DCTech Lab

The Efficacy of Forward-Edge Control-Flow Integrity in Mitigating Memory Corruption Vulnerabilities : The Case of the Android Stack

Olofsson, Viktor

January 2023

Memory corruption is one of the oldest and most prominent problems in the field of computer security. In order to protect the vulnerabilities that arise from memory corruption, a mitigation technique called Control-flow Integrity (CFI) was developed. The Android Open Source Project utilizes a specific implementation of the CFI policy called forward-edge CFI in the compilation of the Android system. However, memory corruption vulnerabilities are still a problem for Android systems. This raises the question: Is forward-edge CFI really effective in mitigating memory corruption vulnerabilities? In this research, the efficacy of forward-edge CFI in terms of mitigating memory corruption vulnerabilities in Android systems is analyzed. This is done by analyzing nine Common Vulnerabilities and Exposures (CVE) in terms of how they can be exploited and whether forward-edge CFI could mitigate them. Additionally, the Android binaries containing the vulnerabilities are analyzed in an attempt to detect the presence of CFI instrumentation. CFI was detected in one of nine vulnerable Android binaries, implying that there exist memory corruption vulnerabilities that forward-edge CFI definitely can not protect. The analysis of nine CVEs showed that five CVEs could be mitigated by forward-edge CFI. These results indicate that forward-edge CFI could definitely mitigate a portion of the memory corruption vulnerabilities plaguing Android systems. However, in order to protect a greater portion of memory corruption vulnerabilities, forward-edge CFI should be combined with other mitigation techniques such as Shadow Stacks.

control-flow integrity

CFI

control-flow graph

CFG

memory corruption

Android

vulnerability

android vulnerability

computer security

Computer Sciences

Datavetenskap (datalogi)

Wood Wide Web

Vice President Research, Office of the

05 1900

Melanie Jones and Dan Durall aren't looking to the treetops for clues about the "wood wide web." They're looking to the soil at fungi that are crucial to renewing our forests.

Melanie Jones

Dan Durall

soil biology

mycorrhizal fungi

Species at Risk

Habitat Studies Centre

Denise Brooks

Canada Foundation for Innovation

CFI

UBC Okanagan

On the (in)security of behavioral-based dynamic anti-malware techniques

Ersan, Erkan

21 April 2017

The Internet has become the primary vector for the delivery of malicious code in cyber attacks, and malware has rapidly become a pervasive critical threat. Anti- malware products offer effective protection from malware threats for servers and endpoint devices using a variety of techniques. Advanced enterprise-level anti-malware products rely on state-of-art behavioral-based detection algorithms, in addition to traditional signature-based mechanisms. These dynamic detection techniques have been around for more than a decade and in response hackers have developed methods to evade them. However, currently known bypass methods require intensive manual labor. Moreover, this manual work has to be repeated whenever a parameter of the environment (such as the payload, operating system, Antivirus version, etc) changes, making these methods impractical. This may lead to the belief that dynamic techniques provide a good deterrence, and hence good protection. In this thesis we evaluate dynamic techniques. Specifically, we build tools to implement generic unhooking and funneling, and using these tools we show how dynamic techniques can be bypassed with considerably less effort than by fully manual methods. We also extend the repertoire of existing bypass methods and introduce a new malicious function call technique which exploits detection techniques that monitor a limited collection of critical system functions, as well as a method for bypassing guard-page protections. We demonstrate the effectiveness of all our techniques by conducting attacks against two enterprise antivirus products. Our results lead us to conclude that that dynamic techniques do not provide sufficient protection. / Graduate / 2018-02-07 / 0984 / erkanersan@gmail.com

Malware

Malware Detection

Computer Security

Anti-malware

Antivirus

Cyber Attacks

Behavioral-based Detection

EMET

Hooking

Unhooking

Guard Pages

Bypassing Techniques

Evasion Techniques

Evasion

funneling

Control Flow Integrity

CFI

Web-based malware

ROP

Return-Oriented Programming

Shellcode

Payload

Windows

Anti-malware Evaluation

Antivirus Evaluation

Anti-malware Effectiveness

Antivirus Effectiveness