The Challenge of Extracting QNX IFS Content
For automotive security engineers working with QNX based embedded systems, extracting the contents of an Image File System (IFS) is a critical step for binary whitelisting. When integrating security solutions like Karamba into a QNX IFS image, engineers need to inspect binaries in their final form after the IFS building utility strips debug symbols and applies modifications. The standard dumpifs utility provided by QNX SDP 6.6 offers a “-d” switch to dump files to a specified folder while preserving the IFS directory structure. However, this approach often fails with an error message such as “dumpifs: Unable to open proc/boot/procnto-instr: No such file or directory,” indicating that dumpifs expects the target folder to already contain the IFS directory structure.
Practical Solution for Automotive Security Workflows
To overcome this limitation, a practical method involves first learning the IFS directory structure by running dumpifs without switches and redirecting the output to a text file. This prints all file paths within the IFS. A simple bash script can then parse this output and recreate the folder structure on the build machine using the full file paths. Once the directory structure is in place, dumpifs with the “-d” switch can successfully extract all binaries. The flat dumping option (“-b”) is insufficient for whitelisting because it overwrites files with duplicate names, retaining only the last one encountered. This technique ensures every binary is available for inspection, supporting robust whitelist policy creation for QNX based automotive ECUs and infotainment systems.
Source: Karambasecurity
