Abstract
Monolithic operating systems, where all kernel functionality resides in a
single, shared address space, are the foundation of most mainstream computer
systems. However, a single flaw, even in a non-essential part of the kernel
(e.g., device drivers), can cause the entire operating system to fall under an
attacker's control. Kernel hardening techniques might prevent certain types of
vulnerabilities, but they fail to address a fundamental weakness: the lack of
intra-kernel security that safely isolates different parts of the kernel. We
survey kernel compartmentalization techniques that define and enforce
intra-kernel boundaries and propose a taxonomy that allows the community to
compare and discuss future work. We also identify factors that complicate
comparisons among compartmentalized systems, suggest new ways to compare future
approaches with existing work meaningfully, and discuss emerging research
directions.