SaBRe
SaBRe is a modular selective binary rewriter. It is able to rewrite system
calls, vDSO and named functions. We currently support two architectures: x86_64
and RISC-V.
Mục lục bài viết
Overview
Binary rewriting is a technique that consists in disassembling a program to
modify its instructions, with many applications in software reliability and
security. However, existing solutions suffer from well-known shortcomings in
terms of soundness and performance.
We present SaBRe, a novel load-time system for selective binary rewriting.
SaBRe rewrites specific constructs—particularly system calls and function
prologues—when the program is loaded into memory, and intercepts them using a
modular architecture that allows third-party plugins to be loaded into \sabre
using a simple and flexible API. We also discuss the theoretical underpinnings
of disassembling and rewriting, including conditions for coverage, accuracy, and
correctness; and how they affect SaBRe.
We developed two backends for SaBRe—one for x86_64 and one for
RISC-V—which were in turn used to implement three plugins: a fast system call
tracer, a multi-version executor and a fault injector. Our evaluation shows that
SaBRe imposes little performance overhead, between 0.2% and 4.3% on average.
Video Presentation
Watch a video
presentation to
see the main idea behind our project.
Download
SaBRe is available on GitHub.
