Fuzzing Device Emulation in QEMU

A Boston University project

Virtual devices are the most common site for security bugs in hypervisors. In our evaluation, we found new bugs in devices such as serial and virtio-net, ranging from memory corruptions to denial-of-service vulnerabilities. By combining well known coverage guidance techniques with domain-specific feedback, we found promising fuzzer performance, even for complex targets such as hypervisors.

Boston University

Our flagship partnership, Boston University is the center of two major Red Hat initiatives: The Red Hat Collaboratory at Boston University, and the Mass Open Cloud. Both initiatives are dedicated to the idea that marrying research to the open source development methodology, using a partnership between scientists and open source developers, is a uniquely fast and fruitful way of putting great ideas into practice. Boston University is also the center of our Boston intern program, which generates more and more new Red Hatters with each passing year.

News

Red Hat Collaboratory at Boston University Announces Recipients of Research Incubation Awards

Red Hat Collaboratory at Boston University Announces Recipients of Research Incubation Awards

the Red Hat Collaboratory at Boston University announced the inaugural recipients of the Red Hat Collaboratory Research Incubation Awards. The program, which aims to advance research in open source cloud computing systems, awarded $2.3M to 16 projects that will be driven by collaboration between Boston University faculty and students, Red Hat engineers, and industry collaborators

The Red Hat Collaboratory at Boston University seeks large, small, and speculative projects for funding and support

The Red Hat Collaboratory at Boston University seeks large, small, and speculative projects for funding and support

The Red Hat Collaboratory at Boston University has opened a Request for Proposals in support of the launch of the expanded Collaboratory. The Collaboratory seeks to define and demonstrate an open model for large-scale reproducible systems research toward achieving a future of secure, reliable, scalable, self-operating, distributed, heterogeneous compute platforms that stretch from edge devices to cloud datacenters.

Related Projects

TitleSummaryResearch Area
AI for Cloud OpsThis project aims to address this gap in effective cloud management and operations with a concerted, systematic approach to building and integrating AI-driven software analytics into production systems. We aim to provide a rich selection of heavily-automated “ops” functionality as well as intuitive, easily-accessible analytics to users, developers, and administrators, ,
Creating a global open research platform to better understand social sustainability using data from a real-life smart villageIn this project, a team of BU faculty will team up with Red Hat researchers and with SmartaByar, an organization …, ,
DISL: A Dynamic Infrastructure Services Layer for Reconfigurable HardwareBU faculty member Martin Herbordt will work with Red Hat researchers Uli Drepper and Ahmed Sanaullah to create a generic …,
Practical Programming of FPGAs with Open Source ToolsThis project has evolved from the Practical programming of FPGAs in the data center and on the edge project. Please see …,
Near-Data Data TransformationBU faculty members Manos Athanassoulis and Renato Mancuso will work with Red Hat researchers Uli Drepper and Ahmed Sanaullah to create a hardware-software co-design paradigm for data systems that implements near-memory processing.,
Towards high performance and energy efficiency in open-source stream processing.BU faculty members Vasiliki Kalavari and Jonathan Appavoo will work with Red Hat researcher Sanjay Arora to create an open-source …
OSMOSIS: Open-Source Multi-Organizational Collaborative Training for Societal-Scale AI SystemsThe goal of our project is to develop a novel framework and cloud-based implementation for facilitating collaboration among highly heterogeneous research, development, and educational settings.,
Privacy-Preserving Cloud Computing using Homomorphic EncryptionIn today’s data-driven world, a large amount of data is collected by billions of devices (cell phones, autonomous cars, handheld …, ,
Serverless Streaming Graph AnalyticsIn this project, we will focus on graph streams that can be used to model distributed systems, where workers are represented as nodes connected with edges that denote communication or dependencies.,
Enabling Intelligent In-Network Computing for Cloud SystemsWith the network infrastructure becoming highly programmable, it is time to rethink the role of networks in the cloud computing …,
Linux Computational CachingIn this speculative work we are attempting to explore a biologically motivated conjecture on how memory of past computing can be stored and recalled to automatically improve a system’s behavior., ,
Foundations in Open Source EducationIn this project we are developing an exemplar set of materials for an introductory computers systems class that exploits, Jupyter, Jupyter Books, OpenShift and the the Mass Open Cloud to develop and deliver a unique educational experience for learning about how computer systems work.
Symbiotes: A New step in Linux’s EvolutionThis work explores how a new kind of software entity, a symbiotie, might bridge this gap. By adding the ability for application software to shed the boundary that separates it from the OS kernel it is free to integrate, modify and evolve in to a hybrid that is both application and OS.,
Intelligent Data Synchronization for Hybrid CloudsThe goal of this project is to design configurable synchronization solutions on a common platform for a wide range of edge computing scenarios relevant to Red Hat. These solutions will be thoroughly validated on a state-of-the-art testbed capable of emulating realistic environments (e.g., smart cities)., ,
Secure cross-site analytics on OpenShift logsThe project aims to explore whether cryptographically secure Multi-Party Computation, or MPC for short, can be used to perform secure cross-site analytics on OpenShift logs with minimum client participation., ,
Robust Data Systems TuningBU faculty members Manos Athanassoulis and Evimaria Terzi will work on building a new robust tuning framework for LSM-based data …,
Robust LSM-Trees Under Workload UncertaintyWe introduce a new robust tuning paradigm to aid in the design of data systems with uncertain assumptions by modeling the behavior of the system and then utilizing these models in conjunction with techniques in robust optimization. Our approach is demonstrated through tuning a popular log-structured merge-tree based storage engine, RocksDB
Does efficient, private, agnostic learning imply efficient, agnostic online learning?Users of online services today must trust platforms with their personal data. Platforms can choose to enable privacy by default …
Are Adversarial Attacks a Viable Solution to Individual Privacy?Users of online services today must trust platforms with their personal data. Platforms can choose to enable privacy by default …
Workflow-Centric Tracing for Cloud ApplicationsWorkflow-centric tracing allows traces (i.e., graphs) of requests’ workflows to be constructed by stitching together trace points with the same request context. Three collaboratory projects focus on improving the observability and diagnosability of Red Hat products using this technique.
Hybrid Cloud CachingA fundamental goal of the Hybrid Cloud Cache project is to allow simplified integration into existing data lakes, to enable caching to be transparently introduced into hybrid cloud computation, to support efficient caching of objects widely shared across clusters deployed by different organizations, and to avoid the complexity of managing a separate caching service on top of the data lake
Volume Storage Over Object StorageThis project creates a hybrid storage system composed of a high-speed local device (e.g. Optane) to store short term data, along with a write-once object store (e.g, Ceph RGW) to store data blocks permanently.
Kariz Cache Prefetching and ManagementKariz is a caching system that works closely with analytic frameworks scheduler to find the best caching policy for the current running application.
OpenInfra LabsOpenInfra Labs is an OpenStack Foundation project connecting open source projects to production to advance open source infrastructure. The project …, , , ,
Elastic Secure InfrastructureThis project encompasses work in several areas to design, build and evaluate secure bare-metal elastic infrastructure for data centers., ,
Open Cloud TestbedThe Open Cloud Testbed project will build and support a testbed for research and experimentation into new cloud platforms – the underlying software which provides cloud services to applications. Testbeds such as OCT are critical for enabling research into new cloud technologies – research that requires experiments which potentially change the operation of the cloud itself., , , ,
Implementing Secure Multi-Party ComputingSecure Multiparty Computation (MPC) is a cryptographic primitive that allows several parties to jointly and privately compute desired functions over secret data. Building and deploying practical MPC applications faces several obstacles, including performance overhead, complicated deployment and setup procedures, and adoption of MPC protocols into modern software stacks. MPC applications expose trade-offs between efficiency and privacy that may be hard to reason about, formally characterize, and encode in a protocol design or implementation.,
Outfitting QEMU/KVM with Partitioning Hypervisor FunctionalityThis project extends the virtualization capabilities of QEMU and KVM by adding partitioning hypervisor functionality. With this implementation, hardware resources can be exclusively assigned to specific tasks and VMs. Current work supports KVM Isolation IOCTLs to query CPUs to find isolated CPUs.
An Optimizing Operating System: Accelerating Execution With SpeculationTo optimize performance, Automatically Scalable Computation (ASC), a Harvard/BU collaboration attempts to auto-parallelize single threaded workloads, reducing any new effort required from programmers to achieve wall clock speedup. SEUSS takes a different approach by splicing a custom operating system into the backend of a high throughput distributed serverless platform, Apache OpenWhisk. SEUSS uses an alternative isolation mechanism to containers, called Library Operating Systems (LibOSs).,
Kernel Techniques to Optimize Memory Bandwidth with Predictable LatencyRecent processors have started introducing the first mechanism to monitor and control memory bandwidth. Can we use these mechanisms to enable machines to be fully used while ensuring that primary workloads have deterministic performance? This project presents early results from using Intel’s Resource Director Technology and some insight into this new hardware support. The project also examines an algorithm using these tools to provide deterministic performance on different workloads.
Unikernel LinuxThis project aims to turn the Linux kernel into a unikernel with the following characteristics: 1) are easily compiled for any application, 2) use battle-tested, production Linux and glibc code, 3) allow the entire upstream Linux developer community to maintain and develop the code, and 4) provide applications normally running vanilla Linux to benefit from unikernel performance and security advantages.
Code2Vec: Learning code representationsThis project analyzed semantic similarities of learned code embeddings parsed from open source python libraries such as numpy, pandas and sklearn. Still in progress is another analysis that learns code embeddings in a supervised manner with the C++ codebase for performance measurement of program execution in CPU with performance counters (e.g. LLC misses to L1 requests, Cycles Per Instruction).
Fuzzing Device Emulation in QEMUHypervisors—the software that allows a computer to simulate multiple virtual computers—form the backbone of cloud computing. Because they are both ubiquitous and essential, they are security-critical applications that make attractive targets for potential attackers., ,
D3N: A Multi-Layer Cache for Data CentersThis project designs and develops D3N, a novel multi-layer cooperative caching architecture that mitigates network imbalances by caching data on the access side of each layer of hierarchical network topology. A prototype implementation, which incorporates a two-layer cache, is highly-performant (can read cached data at 5GB/s, the maximum speed of our SSDs) and significantly improves the performance of big-data jobs.
Practical programming of FPGAs in the data center and on the edgeFPGAs are now essential components in the data center and on the edge with millions deployed. FPGAs are found in a wide variety of system elements and provide such critical functions as SDN, encryption/decryption, and compression. Yet for nearly all system providers, much less system users, programming these FPGAs is impossible. Our overall goal is to enable FPGA application development by High Level Language (HLL) programmers, especially for the data center and the edge, and exclusively using existing open-source tools., ,
Automatic Configuration of Complex HardwareIn this project, we pursue three goals towards this understanding: 1) identify, via a set of microbenchmarks, application characteristics that will illuminate mappings between hardware register values and their corresponding microbenchmark performance impact, 2) use these mappings to frame NIC configuration as a set of learning problems such that an automated system can recommend hardware settings corresponding to each network application, and 3) introduce either new dynamic or application instrumented policy into the device driver in order to better attune dynamic hardware configuration to application runtime behavior.
Quest-V, a Partitioning Hypervisor for Latency-Sensitive WorkloadsQuest-V is a separation kernel that partitions services of different criticality levels across separate virtual machines, or sandboxes. Each sandbox encapsulates a subset of machine physical resources that it manages without requiring intervention from a hypervisor. In Quest-V, a hypervisor is only needed to bootstrap the system, recover from certain faults, and establish communication channels between sandboxes.
Performance Management for Serverless ComputingServerless computing provides developers the freedom to build and deploy applications without worrying about infrastructure. Resources (memory, cpu, location) specified …