A Formally Verified NAT Stack

Prior work proved a stateful NAT network function to be semantically correct, crash-free, and memory safe. Their toolchain verifies the network function code while assuming the underlying kernel-bypass framework, drivers, operating system, and hardware to be correct. We extend the toolchain to verify the kernel-bypass framework and a NIC driver in the context of the NAT. We uncover bugs in both the framework and the driver. Our code is publicly available.


Published in:
8-14
Presented at:
KBNets '18, Budapest, Hungary, August 20, 2018
Year:
Aug 20 2018
Keywords:
Other identifiers:
Laboratories:




 Record created 2019-03-08, last modified 2019-03-16

Final:
Download fulltext
PDF

Rate this document:

Rate this document:
1
2
3
 
(Not yet reviewed)