Sciweavers

OSDI
2008
ACM

Device Driver Safety Through a Reference Validation Mechanism

15 years 22 days ago
Device Driver Safety Through a Reference Validation Mechanism
Device drivers typically execute in supervisor mode and thus must be fully trusted. This paper describes how to move them out of the trusted computing base, by running them without supervisor privileges and constraining their interactions with hardware devices. An implementation of this approach in the Nexus operating system executes drivers in user space, leveraging hardware isolation and subjecting them to reference validation. These Nexus drivers exhibit performance nearly as fast as earlier inkernel, trusted drivers. For example, the monitored driver for an Intel e1000 Ethernet card has throughput comparable to a trusted driver for the same hardware under Linux. And a monitored driver for the Intel i810 sound card provides continuous playback. Drivers for a disk and a USB mouse have also been moved successfully to operate in Nexus user space with reference validation.
Dan Williams, Emin Gün Sirer, Fred B. Schneid
Added 03 Dec 2009
Updated 03 Dec 2009
Type Conference
Year 2008
Where OSDI
Authors Dan Williams, Emin Gün Sirer, Fred B. Schneider, Kevin Walsh, Patrick Reynolds
Comments (0)