Linux and Android kernels Application Binary Interface (ABI)

Skip to first unread message

Aisse Tejas

Jan 23, 2024, 7:57:46 PMJan 23
to openresty-en
Hello folks!

The Linux and Android kernels do not have a stable Application Binary Interface (ABI). Even with identical kernel versions and compilation parameters, using different versions of C compilers can change the memory layout of the structs involved in the API, resulting in incompatibility with binary kernel modules (.ko files). Furthermore, the compiler security feature introduced in recent years, which randomizes the order of struct fields, leads to incompatibilities even with identical environments and toolchains, as each kernel compilation can result differently.

We are designing a machine learning (ML) algorithm capable of automatically learning the machine instructions and data segments within a current binary kernel image. It then modifies the kernel modules' source code or binary .ko files to #adapt them to the target system's kernel. This approach can even learn and adapt to struct field randomization, significantly reducing complications. Essentially, this is a form of AI-driven reverse engineering. Our OpenResty XRay product employs a similar proprietary technology for automatically generating debugging symbols (or debuginfo for stripped binary programs).

Similar technology could be applied to user space .so libraries for adaptation, but these usually have a stable ABI and are not as prone to the variability seen with Linux or Android kernels.

Questions and feedback are always welcome!
Reply all
Reply to author
0 new messages