Jump to content

Recommended Posts

Nytro    2659

What is CrashOS?

CrashOS is a tool dedicated to the research of vulnerabilities in hypervisors by creating unusual system configurations. CrashOS is a minimalist Operating System which aims to lead to hypervisor crashs, hence its name. You can launch existing tests or implement your owns and observe hypervisor behaviour towards this unusual kernel.


Please login or register to see this link.


The core of CrashOS provides the following OS features:

  • the Boot entry;
  • the memory management (segmentation and paging);
  • the interrupt and exception handling;
  • the I/O communication.


A default kernel configuration is available but this set of features allows to entirely reconfigure the kernel as you desire.

Note : CrashOS is a work in progress. Please report any issue Please login or register to see this link. .

Hardware and software requirements

CrashOS only works on Intel x86 hardware architecture, requires gcc-4.8 to be compiled and GRUB to boot.


To install CrashOS, first compile the project with the main Makefile. It will create the 32-bits executable Please login or register to see this link. . .../crashos$ make

Then install test.bin and Grub in a bootable storage, and use this bootable storage to launch the VM in your hypervisor. A example of installation with Vmware is included in the Makefile by executing the following command line:

.../crashos$ make install

Don't forget to adapt the VM path in the script Please login or register to see this link. : VMPATH="/home/xxx/Vmware/${VMNAME}"


Use the script Please login or register to see this link.  to create a new directory containing your test. It will create the local Makefile, a log file to store the test logs, a text file to describe the test and the test file filled with the test template.

/crashos/tools$ python create_new_test_directory.py myowntest
Directory myowntest created
/crashos/tools$ cd ..
/crashos$ ls src/myowntest/
Makefile  myowntest.c  myowntest.log  myowntest.txt

In CrashOS, each test needs to define a specific kernel configuration. Thus, each test must contain:

  • an "init" function: it saves the current kernel configuration and defines the configuration with which we want to work;
  • the "test" function;
  • a "restore" function: it recovers the old kernel configuration.


A test template is available Please login or register to see this link. .

To init the kernel, some default functions are available (Please login or register to see this link.  and Please login or register to see this link. ):


Function Description
init_work_mem() Initialize the mem_info struct to define the available physical memory
init_segmentation(...) Initialize the GDT (Global Descriptor Table) with the following entries and update gdtr and segment selectors
init_paging(...) Initialize the PGD with the first 4MB in Identity Mapping, update CR3 and CR4 and enable the paging in CR0
init_interrupts(...) Initialize the IDT (Interrupt Descriptor Table) with the following entries (32 first entries for exceptions)

Others functions allow the developer to modify the default system parameters and to define his own configuration. The following command line generates a a code documentation for all functions available in CrashOS: .../crashos$ make doc It will create a html documentation in doxygen_documentation/html/index.html.

Specify, in the main Please login or register to see this link. , the list of tests you want to launch:

TESTS :=  test_repo1 test_repo2 

Then, compile the project. .../crashos$ make install


CrashOS is released under Please login or register to see this link. .


Sursa: Please login or register to see this link.

  • Like 1
  • Upvote 1

Share this post

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this