Software compartmentalization breaks down an application into compartments isolated from each other: an attacker taking over a compartment will be confined to it, limiting the damage they can cause to the rest of the application. Despite the security promises of this approach, recent studies have shown that most existing compartmentalized software is plagued by vulnerabilities at cross-compartment interfaces, allowing an attacker taking over a compartment to escape its confinement and negate the security guarantees expected from compartmentalization. In that context, securing cross-compartment interfaces is notoriously difficult and engineering-intensive. In light of recent advances in Automated Program Repair (APR), notably through the use of Large Language Models (LLMs), this paper presents a work in progress investigating the suitability of LLM-based APR at securing cross-compartment interfaces as automatically as possible. We observe that existing APR approaches and general purpose/code-centric LLMs used as is are unfit for this task, and present the design, implementation, and early results of a new APR framework dedicated to compartment interface safety. The framework integrates into a feedback loop 1) a specialized fuzzer uncovering cross-compartment interface vulnerabilities; 2) a patch generation component bridging the lack of compartmentalization awareness of existing LLMs with a series of analysis techniques; and 3) a patch validation component assessing the effectiveness of generated vulnerability fixes. We validate our framework over a sample interface vulnerability, comparing it to a naive use of general-purpose LLMs, and discuss future research avenues.

翻译：软件分区技术将应用程序分解为相互隔离的分区：攻击者即使控制某个分区，其破坏范围也将被限制在该分区内，从而降低对应用程序其余部分的损害。尽管该方法具有安全优势，但近期研究表明，现有的大多数分区化软件普遍存在跨分区接口漏洞，使得控制分区的攻击者能够突破隔离限制，从而削弱分区化预期的安全保障。在此背景下，跨分区接口的安全加固工作既复杂又需要大量工程投入。鉴于自动化程序修复领域的最新进展，特别是大型语言模型的应用，本文提出一项正在进行的研究，旨在探索基于LLM的APR技术能否以尽可能自动化的方式保障跨分区接口安全。我们发现，现有的APR方法及直接使用的通用/代码中心型LLM均不适用于此任务，因此设计并实现了一个专注于分区接口安全的新型APR框架，并展示了初步成果。该框架构建了包含以下环节的反馈循环：1）用于发现跨分区接口漏洞的专用模糊测试器；2）通过系列分析技术弥补现有LLM分区感知缺陷的补丁生成组件；3）评估漏洞修复有效性的补丁验证组件。我们通过样本接口漏洞验证了该框架的有效性，将其与通用LLM的简单应用进行对比，并探讨了未来的研究方向。