Sciweavers

SOSP
2007
ACM

Secure virtual architecture: a safe execution environment for commodity operating systems

14 years 9 months ago
Secure virtual architecture: a safe execution environment for commodity operating systems
This paper describes an efficient and robust approach to provide a safe execution environment for an entire operating system, such as Linux, and all its applications. The approach, which we call Secure Virtual Architecture (SVA), defines a virtual, low-level, typed instruction set suitable for executing all code on a system, including kernel and application code. SVA code is translated for execution by a virtual machine transparently, offline or online. SVA aims to enforce fine-grain (object level) memory safety, control-flow integrity, type safety for a subset of objects, and sound analysis. A virtual machine implementing SVA achieves these goals by using a novel approach that exploits properties of existing memory pools in the kernel and by preserving the kernel’s explicit control over memory, including custom allocators and explicit deallocation. Furthermore, the safety properties can be encoded compactly as extensions to the SVA type system, allowing the (complex) safety chec...
John Criswell, Andrew Lenharth, Dinakar Dhurjati,
Added 17 Mar 2010
Updated 17 Mar 2010
Type Conference
Year 2007
Where SOSP
Authors John Criswell, Andrew Lenharth, Dinakar Dhurjati, Vikram S. Adve
Comments (0)