CN115809463A - Internet of things firmware hybrid simulation method and system based on system call redirection - Google Patents
Internet of things firmware hybrid simulation method and system based on system call redirection Download PDFInfo
- Publication number
- CN115809463A CN115809463A CN202211537026.0A CN202211537026A CN115809463A CN 115809463 A CN115809463 A CN 115809463A CN 202211537026 A CN202211537026 A CN 202211537026A CN 115809463 A CN115809463 A CN 115809463A
- Authority
- CN
- China
- Prior art keywords
- internet
- system call
- things
- simulation
- firmware
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The invention discloses an internet of things firmware hybrid simulation method and system based on system call redirection, wherein the method comprises the steps of respectively using a user mode simulation end and a system mode simulation end to simultaneously run target internet of things firmware; when the system call occurs in the execution process of the user mode simulation end, the user mode simulation end is suspended, the system call is redirected to the system mode simulation end, the system mode simulation end receives the redirected system call, then carries out analysis and local execution, and feeds back the execution result to the proxy process; and the agent process receives the execution result, analyzes the data of the execution result, fills the user mode simulation terminal and finally recovers the execution of the user mode simulation terminal. The invention transfers the system call and data between the user mode simulation and the system mode simulation through the system call redirection technology on the basis of fusing the user mode simulation and the system mode simulation, and the system call state is not required to be maintained, thereby realizing high-efficiency hybrid simulation.
Description
Technical Field
The invention relates to a technology for detecting firmware bugs of Internet of things equipment in the field of computer security, in particular to a method and a system for mixed simulation of Internet of things firmware based on system call redirection.
Background
Software bugs damage software reliability, harm national security and social stability, and have great significance in efficiently, accurately and timely discovering software bugs. In the internet of things era of everything interconnection, the vulnerability influence range of the internet of things equipment firmware is wider, so that the vulnerability detection of the internet of things equipment firmware is significant. Because the firmware of the internet of things device is usually not open source, the firmware needs to be simulated firstly for the vulnerability detection of the firmware, and then dynamic test is carried out, so the simulation of the firmware is a key step of the firmware vulnerability detection.
Firmware emulation techniques were initially divided into system mode emulation and user mode emulation techniques. In the system mode simulation, the Internet of things equipment is used as a whole to be simulated, and the full simulation from a system kernel to a user program is realized. The method comprises memory virtualization, file system virtualization, system call virtualization, hardware virtualization and the like, such as a general simulation platform QEMU, a simulation platform Firmadyne for a Linux kernel and the like. The main disadvantage of system mode simulation is the low execution efficiency. In user mode emulation, only a single program in the emulation firmware is emulated, primarily to perform translation and execution of the code instruction format. Because the instruction format of the program is not consistent with that of the host, translation of corresponding functions is required, that is, an instruction (usually, ARM, MIPS, and the like) of the CPU architecture of the internet of things is translated into an instruction (such as x 86) of the host, and the translated instruction is directly executed on the host, so that the method has high execution efficiency. And when the target program carries out system call, converting the target program into the system call corresponding to the host machine and executing the system call. The main disadvantages of user mode are that the simulation accuracy is low and the instruction translation easily causes system call errors to cause errors.
In order to solve the deficiencies of the two simulation methods, a hybrid simulation technology is born. One is to realize the hybrid dynamic simulation of the equipment firmware of the internet of things by combining hardware support. The core idea is to connect a simulator (QEMU) and real hardware for mixed execution. And normally, the QEMU mode is used for running the program, namely, the simulator end is controlled to finish the translation and execution of the firmware instruction, and when an execution problem occurs, the execution problem is switched to the entity equipment to solve the variable problem in running. A representative job is Avatar, but the lack of this job results in performance that is much degraded compared to real device execution due to frequent interaction between software and hardware. Another hybrid emulation mixes system mode emulation and user mode emulation, runs the target binary program in the firmware using QEMU mode, while performing full system emulation of the firmware using firmadyne. The DECAF is used for monitoring the process of the whole system simulation in real time, and the user mode simulation can acquire variables in the whole system simulation in the execution process through the shared memory, so that the whole system simulation can run effectively. Therefore, the high throughput rate of user mode simulation can be realized, and the problem of difficult operation can be solved. The representative work is FirmAFL, but the method shares data between user mode and system mode simulation by means of shared memory, when the user mode encounters a system call, the user mode switches to the system mode and waits for the system mode to finish executing and writes the result into the shared memory, the execution of the system call needs to maintain a state, and frequent mode switching causes higher overhead.
In summary, the compatibility and efficiency of the firmware emulation of the existing internet of things devices are problematic. Pure full system mode simulation has low efficiency because the operation of hardware at the bottom layer is simulated; the simulation precision is not enough because the pure user mode simulation can not process the system call; the compatibility is poor depending on the hybrid simulation supported by hardware; in the mixed simulation of the user mode and the system mode simulation switching, when the system is called, the mode is frequently switched, extra expenses are generated, and the efficiency is reduced.
Disclosure of Invention
The technical problems to be solved by the invention are as follows: aiming at the problems in the prior art, the invention provides the method and the system for the mixed simulation of the firmware of the internet of things based on the system call redirection.
In order to solve the technical problems, the invention adopts the technical scheme that:
a method for mixed simulation of Internet of things firmware based on system call redirection comprises the following steps:
s1, simultaneously operating target Internet of things firmware by using a user mode simulation end and a system mode simulation end respectively;
s2, when the system call occurs in the execution process of the user mode simulation end, the execution of the user mode simulation end is suspended through the proxy process, the system call is redirected to the system mode simulation end, and the next step is skipped;
s3, the system mode simulation end receives the redirected system call, analyzes and executes locally, and then feeds back an executed execution result to the agent process;
and S4, the agent process receives the execution result of the system mode simulation end, the user mode simulation end is filled after the data of the execution result is analyzed, and finally the execution of the user mode simulation end is recovered.
Optionally, redirecting the system call to the system mode simulation end in step S2 means to obtain information of the system call and parameter information thereof occurring in the execution process of the user mode simulation end, and then generate the system call according to the information of the system call and the parameter information thereof and send the system call to the system mode simulation end, so as to implement the virtualized system call at the system mode simulation end.
Optionally, the running of the target internet of things firmware by using the user mode emulation end in step S1 includes: the QEMU mode is used to run a single, user-mode target binary program in the target internet of things firmware.
Optionally, when the single user-mode target binary program in the target internet of things firmware is run, the method includes translating and executing a code instruction format of the target binary program, translating an instruction of the internet of things CPU architecture of the target binary program into an instruction of a host CPU architecture, and directly executing the compiled target binary program on the host after the translation.
Optionally, the internet of things CPU architecture refers to ARM, MIPS, or RISC-V.
Optionally, the host CPU architecture is an X86 architecture.
Optionally, the step S1 of running the target internet of things firmware by using the system mode simulation end refers to running the target internet of things firmware by using a full system mode of QEMU, where the full system mode refers to simulating the internet of things device as a whole to realize full simulation from a system kernel to the user program.
Optionally, the simulating the internet of things device as a whole includes performing part or all of memory virtualization, file system virtualization, system call virtualization, and hardware virtualization on the internet of things device.
In addition, the invention also provides a system call redirection-based firmware hybrid simulation system of the internet of things, which comprises a microprocessor and a memory which are connected with each other, wherein the microprocessor is programmed or configured to execute the system call redirection-based firmware hybrid simulation method of the internet of things.
In addition, the invention also provides a computer-readable storage medium, wherein a computer program is stored in the computer-readable storage medium, and the computer program is used for being programmed or configured by a microprocessor to execute the system call redirection-based firmware hybrid simulation method for the internet of things.
Compared with the prior art, the invention mainly has the following advantages: the invention uses user mode simulation and system mode simulation to run the simulated firmware at the same time, uses the user mode to execute user-level instruction translation, and uses the system mode to execute system call, thereby fusing the high efficiency of the user mode and the high compatibility of the system mode, and realizing the system call and data transmission between the user mode and the system mode simulation by the system call redirection technology, without maintaining the system call state, thereby realizing the mixed simulation with high compatibility and high efficiency.
Drawings
FIG. 1 is a schematic diagram of a method according to an embodiment of the present invention.
Fig. 2 is a flow chart of system call redirection in the embodiment of the present invention.
Detailed Description
As shown in fig. 1 and fig. 2, the method for hybrid simulation of firmware of the internet of things based on system call redirection in the embodiment includes:
s1, simultaneously operating target Internet of things firmware (abbreviated as firmware in figure 1) by using a user mode simulation end and a system mode simulation end respectively;
s2, when the system call occurs in the execution process of the user mode simulation end, the execution of the user mode simulation end is suspended through the proxy process, the system call is redirected to the system mode simulation end, and the next step is skipped;
s3, the system mode simulation end receives the redirected system call, analyzes and executes locally, and then feeds back an executed execution result to the agent process;
and S4, the agent process receives the execution result of the system mode simulation end, the user mode simulation end is filled after the data of the execution result is analyzed, and finally the execution of the user mode simulation end is recovered.
In this embodiment, redirecting the system call to the system mode simulation end in step S2 means to obtain information of the system call and parameter information thereof occurring in the execution process of the user mode simulation end, and then generate the system call according to the information of the system call and the parameter information thereof and send the system call to the system mode simulation end, so as to implement the virtualized system call at the system mode simulation end.
In this embodiment, the running of the target internet of things firmware by using the user mode emulation terminal in step S1 includes: the QEMU mode is used to run a single, user-mode target binary program in the target internet of things firmware.
In this embodiment, when the single user-mode target binary program in the target internet of things firmware is run, the translation and execution of the code instruction format of the target binary program are performed, the instruction of the internet of things CPU architecture of the target binary program is translated into the instruction of the host CPU architecture, and the compiled target binary program is directly executed on the host after the translation. The Internet of things CPU architecture generally refers to ARM, MIPS or RISC-V, and can be other architectures; the host CPU architecture is generally referred to as the X86 architecture, but may be other architectures.
In this embodiment, the step S1 of using the system mode simulation end to run the target internet of things firmware refers to using a full system mode of QEMU to run the target internet of things firmware, and the full system mode refers to simulating the internet of things device as a whole to realize full simulation from a system kernel to a user program.
In this embodiment, the simulating the device of the internet of things as a whole includes performing part or all of memory virtualization, file system virtualization, system call virtualization, and hardware virtualization on the device of the internet of things.
Referring to fig. 1, the method of the present embodiment mainly involves the following three modules: user mode simulation module (user mode simulation end): this module is responsible for running the target binary in the firmware using QEMU mode. The module only simulates a single user mode program in the simulation firmware, mainly translates and executes a code instruction format, translates an instruction (usually ARM, MIPS and the like) of the CPU architecture of the Internet of things into an instruction (such as x 86) of a host, and directly executes the instruction on the host after translation, so that the execution efficiency is ensured. When the target program makes a system call, the full system mode is referred to through the redirection module. System mode simulation module (system mode simulation end): this module is responsible for running the target firmware using QEMU's system-wide mode. The mode takes the Internet of things equipment as a whole to simulate, and realizes full simulation from a system kernel to a user program. Including memory virtualization, file system virtualization, system call virtualization, hardware virtualization, and the like. The module has the main function of providing system call analysis for the user mode simulation module when necessary, so that the simulation precision and compatibility are ensured. A system call redirection module: the module is responsible for communicating the user mode simulation module and the system mode simulation module. When the target program simulation execution of the user mode simulation module meets a system call, the system call analysis of the full system mode is referred by the redirection module. The system call redirection module is realized based on lightweight data transmission means such as pipelines and the like, and communication is carried out through an independent proxy process. The configuration and work flow mainly comprises that a target binary program in firmware is operated by using a QEMU mode; running the target firmware using the QEMU's full system mode; enabling an agent process on a user mode emulation module; and connecting the virtual machine of the system mode simulation module by using the proxy process. The system call redirection module is a core module, and the user mode simulation and the system mode simulation which run simultaneously are communicated through a system call redirection technology. When the target program simulation execution of the user mode simulation meets a system call, the system call analysis of the full system mode is referred by the redirection module. The system call redirection technology is realized based on lightweight data transmission means such as pipelines and the like, and communication is carried out through an independent proxy process.
In addition, the embodiment also provides a system call redirection-based internet of things firmware hybrid simulation system, which comprises a microprocessor and a memory which are connected with each other, wherein the microprocessor is programmed or configured to execute the system call redirection-based internet of things firmware hybrid simulation method.
Furthermore, the present embodiment also provides a computer-readable storage medium, in which a computer program is stored, and the computer program is programmed or configured by a microprocessor to execute the foregoing method for firmware hybrid simulation of the internet of things based on system call redirection.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-readable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein. The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks. These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks. These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
The above description is only a preferred embodiment of the present invention, and the protection scope of the present invention is not limited to the above embodiments, and all technical solutions belonging to the idea of the present invention belong to the protection scope of the present invention. It should be noted that modifications and embellishments within the scope of the invention may occur to those skilled in the art without departing from the principle of the invention, and are considered to be within the scope of the invention.
Claims (10)
1. A method for hybrid simulation of Internet of things firmware based on system call redirection is characterized by comprising the following steps:
s1, simultaneously operating target Internet of things firmware by using a user mode simulation end and a system mode simulation end respectively;
s2, when the system call occurs in the execution process of the user mode simulation end, the execution of the user mode simulation end is suspended through the proxy process, the system call is redirected to the system mode simulation end, and the next step is skipped;
s3, the system mode simulation end receives the redirected system call, analyzes and executes locally, and then feeds back an executed execution result to the agent process;
and S4, the agent process receives the execution result of the system mode simulation end, the user mode simulation end is filled after the data of the execution result is analyzed, and finally the execution of the user mode simulation end is recovered.
2. The method for the hybrid simulation of the firmware of the internet of things based on the system call redirection as claimed in claim 1, wherein the step S2 of redirecting the system call to the system mode simulation end means that information of the system call and parameter information thereof occurring in the execution process of the user mode simulation end are acquired, and then the system call is generated according to the information of the system call and the parameter information thereof and is sent to the system mode simulation end so as to realize the virtualized system call at the system mode simulation end.
3. The internet of things firmware hybrid simulation method based on system call redirection according to claim 1, wherein the step S1 of running the target internet of things firmware by using the user mode simulation terminal comprises: a single, user-mode target binary program in the target internet of things firmware is run using QEMU mode.
4. The method as claimed in claim 3, wherein the running of the single user-mode target binary program in the target Internet of things firmware comprises translating and executing a code instruction format of the target binary program, translating an instruction of the Internet of things CPU architecture of the target binary program into an instruction of the host CPU architecture, and directly executing the compiled target binary program on the host after translation.
5. The method of claim 4, wherein the Internet of things CPU architecture is ARM, MIPS or RISC-V.
6. The Internet of things firmware hybrid simulation method based on system call redirection according to claim 5, wherein the host CPU architecture is an X86 architecture.
7. The Internet of things firmware hybrid simulation method based on system call redirection as claimed in claim 1, wherein the running of the target Internet of things firmware by using the system mode simulation end in step S1 is that the target Internet of things firmware is run by using a QEMU full system mode, and the full system mode is that the Internet of things equipment is simulated as a whole to realize full simulation from a system kernel to a user program.
8. The method of claim 7, wherein simulating the IOT device as a whole comprises performing some or all of memory virtualization, file system virtualization, system call virtualization, and hardware virtualization on the IOT device.
9. An internet of things firmware hybrid simulation system based on system call redirection, comprising a microprocessor and a memory which are connected with each other, wherein the microprocessor is programmed or configured to execute the internet of things firmware hybrid simulation method based on system call redirection in any one of claims 1 to 8.
10. A computer-readable storage medium having a computer program stored therein, wherein the computer program is configured to be programmed or configured by a microprocessor to perform the system call redirection-based firmware hybrid simulation method for the internet of things according to any one of claims 1 to 8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211537026.0A CN115809463A (en) | 2022-12-02 | 2022-12-02 | Internet of things firmware hybrid simulation method and system based on system call redirection |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211537026.0A CN115809463A (en) | 2022-12-02 | 2022-12-02 | Internet of things firmware hybrid simulation method and system based on system call redirection |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115809463A true CN115809463A (en) | 2023-03-17 |
Family
ID=85484795
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211537026.0A Pending CN115809463A (en) | 2022-12-02 | 2022-12-02 | Internet of things firmware hybrid simulation method and system based on system call redirection |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115809463A (en) |
-
2022
- 2022-12-02 CN CN202211537026.0A patent/CN115809463A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10360322B2 (en) | Simulation of virtual processors | |
| JP7321839B2 (en) | General Purpose Virtualization Platform for Systems Using Hardware Abstraction Software Layers | |
| CN111316227B (en) | Method and equipment for debugging application program | |
| CN111123737A (en) | Digital hardware virtual simulation system | |
| US10467078B2 (en) | Crash dump extraction of guest failure | |
| CN111459606A (en) | Method for quickly creating virtual machine under virtualization and server | |
| CN112764981B (en) | Cooperative testing system and method | |
| CN113868174A (en) | Verification platform building method and device and storage medium | |
| CN116611375A (en) | Software and hardware collaborative simulation platform and software and hardware testing method | |
| CN108733602B (en) | Data processing | |
| CN117369993A (en) | Method for compatibly running different service systems in Linux environment and credit creation server | |
| CN112256513A (en) | Method and device for debugging multiplexing of serial port and data serial port and controller | |
| CN115809463A (en) | Internet of things firmware hybrid simulation method and system based on system call redirection | |
| CN109271231B (en) | Method for testing physical hardware device and system for simulating physical hardware device | |
| CN116540929A (en) | Virtualized reading method and device of disk array, electronic equipment and storage medium | |
| CN115374017A (en) | Method for capturing site during simulation running of executable file and computing equipment | |
| CN104182271A (en) | Virtualization implementation method based on SW processor | |
| CN108228239B (en) | Branch instruction grabbing method and device based on quick simulator QEMU | |
| CN112711527A (en) | Debugging method and device of real-time process, target machine and storage medium | |
| CN112559336A (en) | Method, device and system for adaptively debugging heterogeneous computing chip and mainboard chip | |
| CN114047948B (en) | Reconfigurable trusted cryptographic module simulator, implementation method and simulation reconstruction method | |
| EP3961389A1 (en) | Virtual machine for developing and testing target code for hardware designs | |
| CN115934526A (en) | Application-level Internet of things firmware simulation execution method and system | |
| Kanaya et al. | NEMIANA: cross-platform execution migration for debugging | |
| CN117632619A (en) | Software and hardware collaborative simulation system, method and device, electronic equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |