Behold the revenge of the frugal hacker!Device drivers today lack two important properties: guaranteed safety and cross-platform portability. Drivers are often proprietary and available for only one or two operating systems, thus restricting the range of support on all other OSes. Restricted device support leads to low market viability of new OSes and hampers OS researchers in their efforts to make their ideas widely available to the "real world."
RevEng is an approach to incrementally achieving these properties in drivers, without requiring any changes in the drivers or operating system kernels. It automatically reverse engineers a binary driver and synthesizes a new, safe, and portable driver that mimics the original one. The operating system kernel runs the trusted synthetic driver instead of the original, thus avoiding giving kernel privileges to untrusted driver code.
An initial prototype of RevEng (which we call RevNIC) helps automate the production of new drivers for network devices. It takes as input a closed-source binary NIC driver, reverse engineers its logic entirely automatically, and synthesizes new device driver code that implements the exact same hardware protocol as the original driver, but targeted at the OS platform of choice. RevEng does not require access to any vendor documentation or source code.
Most recently, we used RevNIC to reverse engineer several proprietary Windows drivers and port them to four different OSes: Linux, Windows, the µC/OS-II embedded OS, and the bare-bones KitOS. Our measurements indicate that the synthesized drivers deliver performance nearly identical to the original drivers.
For more details, please see: