Interactive Visualization of the Linux Kernel Code Property Graph for Security Analysis

Recent advances in static analysis based on the code property graph constructed from application sources have shown to be promising for both automated and manual security research.

However, extracting the necessary information from the Linux kernel is made difficult by the high degree of configurability. Existing tools either require committing to a specific configuration, or fail to extract the detailed semantic information necessary.

We propose a compiler-assisted approach to producing an annotated abstract syntax tree that covers many possible configurations, from which we can then extract semantic information suitable for use in a code property graph.

Finally, we evaluate the performance of our approach on common pitfalls created by configuration differences, and show that while further work is needed to enable scaling on large code bases, creating a configuration-agnostic syntax tree is a possible and valid method for static analysis of highly configurable C code such as that found in the Linux kernel.