Compartment, Crash, and Continue: Toward Resilient Monolithic OS Kernels
Journal
KISV '25: Proceedings of the 3rd Workshop on Kernel Isolation, Safety and Verification
Part Of
KISV '25: Proceedings of the 3rd Workshop on Kernel Isolation, Safety and Verification
Start Page
17
End Page
24
ISBN (of the container)
979-8-4007-2202-8
Date Issued
2025-10-13
Author(s)
Abstract
Ensuring the availability of monolithic operating system (OS) kernels, like Linux, remains a significant challenge, as an internal fault often brings down the entire system. We introduce a novel approach called kCOMALIVE to enhance kernel resilience. kCOMALIVE builds on the state-of-the-art kernel compartments to contain faults and extend them with crash recovery capabilities. kCOMALIVE employs a checkpoint and restore mechanism to enable fine-grained recovery of failed kernel compartments. kCOMALIVE incorporates compile-time instrumentation to simplify compartment constructions and facilitate deployments. We prototyped kCOMALIVE by extending the HAKC framework and showed its effectiveness at recovering a failed Linux driver.
Event(s)
3rd Workshop on Kernel Isolation, Safety and Verification, KISV 2025
Subjects
Availability
Compartmentalization
Kernel Safety
Operating Systems
Reliability
Publisher
ACM
Type
conference paper