ANNOUNCE: Undertaker 1.4

The VAMOS team is pleased to announce the release of the undertaker tool version 1.4. The tool is a result of the VAMOS[1] research project and available for download at

Please visit our project site at:

What is new in undertaker 1.4

  • The new undertaker-tailor tool allows calculating a Linux kernel configuration based on what functionality has been observed with ftrace.
  • New tool: vampyr: a conditional-compilation aware driver for static-analysis.
  • Updated expression parser in undertaker for more accurate results.
  • Futher improvements and bugfixes in the Kconfig constraint extractor rsf2model, which results in more accurate results.
  • Rewritten the golem tool. Now with experimental support for busybox and coreboot.
  • Bundles a copy of Picosat 936 for users convenience.

What is undertaker?

The undertaker is a tool for static code analysis for code with C preprocessor directives, which can be used in various modes. The most prominent one checks every single preprocessor block within the file whether it can be selected or deselected, which in many cases is a great asset for code maintenance. Some preprocessor blocks are only seemingly conditional. In many cases, it turns out that additional constraints from the project's configuration model causes such conditional blocks to be in fact unconditionally selected or unselected. We call such block "dead" and "undead" conditional blocks.

Undertaker provides tools to extract the configuration model from the Linux configuration tooling Kconfig and to perform this check on whole source trees.

Please see for a quick tour.

What undertaker is not?

It isn't an automatic patch generator. Because of peculiarities in the Kconfig semantics, (ignored) coding guidelines and simply engineering issues, the reports might contain false negatives. Note that our philosophy is that we prefer false negatives over false positives, i.e., we prefer to miss reports than reports that are no issue at all.

What is golem

Golem is a tool for build system analysis. It exploits the "dancing makefiles" pattern found in Kbuild to induce dependency constraints from build rules. The resulting inferences significantly improve the results of undertaker. The tool undertaker-kconfigdump has learned the option -i to automatically add inferences.

A basic primitive of golem is to learn what files would get compiled with the current configuration. This is accessibly with golem -l.

What is undertaker-tailor

If the intended use of a system is known at kernel compilation time, an effective approach to reduce the kernel's attack surface is to configure the kernel to not compile unneeded functionality. However, finding a fitting configuration requires extensive technical expertise about currently more than 10.000 Linux configuration options, and needs to be repeated at each kernel update. Therefore, maintaining such a custom-configured kernel entails considerable maintenance and engineering costs.

undertaker-tailor automatically determines a kernel configuration that enables only kernel functionalities that are actually necessary in a given scenario. The approach exhibits promising security improvements by simply not compiling unnecessary bloat.

Please see for an elaborate explanation of the tool.


Last modified 7 years ago Last modified on 12/21/12 18:01:41
Note: See TracWiki for help on using the wiki.