ECMO: Peripheral Transplantation to Rehost Embedded Linux Kernels
Muhui Jiang, Lin Ma, Yajin Zhou, Qiang Liu, Cen Zhang, Zhi Wang, Xiapu, Luo, Lei Wu, Kui Ren
TL;DR
This paper introduces ECMO, a technique for transplanting device drivers into Linux kernels to enable rehosting embedded firmware in QEMU, significantly broadening support for various embedded devices.
Contribution
The paper presents a novel peripheral transplantation method and implements it in ECMO, successfully rehosting 87.1% of tested embedded Linux kernels across multiple vendors.
Findings
ECMO successfully transplanted peripherals in all 815 firmware images.
87.1% of kernels could be rehosted with user-space shell execution.
Most failures were due to unsupported root filesystem formats.
Abstract
Dynamic analysis based on the full-system emulator QEMU is widely used for various purposes. However, it is challenging to run firmware images of embedded devices in QEMU, especially the process to boot the Linux kernel (we call this process rehosting the Linux kernel.) That's because embedded devices usually use different system-on-chips (SoCs) from multiple vendors and only a limited number of SoCs are currently supported in QEMU. In this work, we propose a technique called peripheral transplantation. The main idea is to transplant the device drivers of designated peripherals into the Linux kernel. By doing so, it can replace the peripherals in the kernel that are currently unsupported in QEMU with supported ones, thus making the Linux kernel rehostable. After that, various applications can be built upon. We implemented this technique inside a prototype system called ECMO and…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.