100 likes | 111 Views
Enhance the KVM to perform thorough verification of classes obtained from untrusted sources, while ensuring efficient memory usage. Implement a mechanism for loading and verifying foreign classes.
E N D
KVM Class File Verification On Board Verification of Untrusted Classes
No Mechanism for establishing trustworthiness of classes obtained from untrusted sources • So no RMI, and no JINI, J2EE, or other RMI based technologies. • No sharing of applications among friends • No discovery and use of network services which require downloading classes to the client
The KVM does minimal verification • Loads class file into class data structure • Verifies symbolic references • Does some checking of byte code • Relies on an offline preverifier to check classes before they are put on the device Trusted Classes KVM Class Loader Loaded Classes
Preverifier • Performs the majority of class verification • Taken directly from the Sun JVM source code and converted to a standalone program
On Board Verification • Only classes from untrusted sources will need the extra verification • All other classes will be managed as they are currently Trusted Classes Untrusted classes KVM Class loader verifier Loaded Classes
On Board Verification • We will move the preverifier into the KVM for use as a verifier • Once a foreign class has been run though it, it is fed to the existing mechanism just like any other class Trusted Classes Untrusted classes KVM Class loader verifier Loaded Classes
The preverifier is not optimized for memory savings • We will optimize our verifier’s memory usage as much as possible • We will use simple measurement tools to determine memory savings • We will use a set of test classes to verify that behavior doesn’t change
KVM has no mechanism for loading foreign classes • We will implement a very simple mechanism in VmExtra • In addition to the class path, the desktop version will read from a separate foreign class path • Any classes loaded from the foreign class path are subject to verification
Things To Do • Testing and measurement tools • Integrate preverifier with KVM • Optimize verifier • Add foreign class path to VmExtra • Select verification by class source • Deliver fully functional and optimized application