The Linux kernel is one of the most important Free/Libre Open Source Software (FLOSS) projects. It is installed on billions of devices all over the world, which process various sensitive, confidential or simply private data. It is crucial to establish and prove its security properties. This work-in-progress paper presents a method to verify the Linux kernel for conformance with an abstract security policy model written in the Event-B specification language. The method is based on system call tracing and aims at checking that the results of system call execution do not lead to accesses that violate security policy requirements. As a basis for it, we use an additional Event-B specification of the Linux system call interface that is formally proved to satisfy all the requirements of the security policy model. In order to perform the conformance checks we use it to reproduce intercepted system calls and verify accesses.

中文翻译：

---

Linux内核安全模块的运行时验证

Linux 内核是最重要的自由/自由开源软件 (FLOSS) 项目之一。它安装在全球数十亿台设备上，用于处理各种敏感、机密或简单的私人数据。建立和证明其安全属性至关重要。这篇正在进行中的论文提出了一种验证 Linux 内核是否符合以 Event-B 规范语言编写的抽象安全策略模型的方法。该方法基于系统调用跟踪，旨在检查系统调用执行的结果不会导致违反安全策略要求的访问。作为它的基础，我们使用 Linux 系统调用接口的附加 Event-B 规范，该规范已被正式证明满足安全策略模型的所有要求。