Changes in directory llvm-www/pubs:
2007-10-17-SOSP-SVA.html added (r1.1) --- Log message: --- Diffs of the changes: (+83 -0) 2007-10-17-SOSP-SVA.html | 83 +++++++++++++++++++++++++++++++++++++++++++++++ 1 files changed, 83 insertions(+) Index: llvm-www/pubs/2007-10-17-SOSP-SVA.html diff -c /dev/null llvm-www/pubs/2007-10-17-SOSP-SVA.html:1.1 *** /dev/null Mon Sep 24 10:43:40 2007 --- llvm-www/pubs/2007-10-17-SOSP-SVA.html Mon Sep 24 10:43:30 2007 *************** *** 0 **** --- 1,83 ---- + <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> + <html> + <head> + <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"> + <link rel="stylesheet" href="../llvm.css" type="text/css" media="screen"> + <title>Secure Virtual Architecture: A Safe Execution Environment for + Commodity Operating Systems</title> + </head> + <body> + + <div class="pub_title"> + Secure Virtual Architecture: A Safe Execution Environment for + Commodity Operating Systems + </div> + <div class="pub_author"> + John Criswell, + Andrew Lenharth, + Dinakar Dhurjati, and + <a href="http://www.cs.uiuc.edu/~vadve";>Vikram Adve</a> + </div> + + <h2>Abstract:</h2> + <blockquote> + This paper describes an efficient and robust + approach to provide a <i>safe execution environment</i> for an entire + operating system, such as Linux, and all its applications. The + approach, which we call <i>Secure Virtual Architecture</i> (SVA), + defines a virtual, low-level, typed instruction set suitable for + executing <i>all</i> code on a system, including kernel and + application code. SVA code is translated for execution by a virtual + machine transparently, offline or online. + SVA aims to enforce <i>fine-grained (object level) memory safety</i>, + <i>control-flow integrity</i>, + <i>type safety for a subset of objects</i>, and <i>sound analysis</i>. + A virtual machine implementing SVA achieves these goals by using a + novel approach that exploits properties of existing memory pools in + the kernel and by preserving the kernel's explicit control over + memory, including custom allocators and explicit deallocation. + Furthermore, the safety properties can be encoded compactly as + extensions to the SVA type system, + allowing the (complex) safety checking compiler to be outside + the trusted computing base. SVA also defines a set of OS interface + operations that abstract all privileged hardware instructions, + allowing the virtual machine to monitor all privileged operations + and control the physical resources on a given hardware platform. + We have ported the Linux kernel to SVA, treating it as a new + architecture, and made only minimal code changes (less than 300 lines of code) + to the machine-independent parts of the kernel and device drivers. + SVA is able to prevent 4 out of 5 memory safety exploits previously reported + for the Linux 2.4.22 kernel for which exploit code is available, and would + prevent the fifth one simply by compiling an additional kernel library. + </blockquote> + + <h2>Download:</h2> + <h3>Paper:</h3> + <ul> + <li><a href="2007-SOSP-SVA.pdf"> + Secure Virtual Architecture: A Safe Execution Environment for + Commodity Operating Systems + </a> (PDF)</li> + </ul> + + <h2>BibTeX Entry:</h2> + <pre> + @inproceedings{SVA:SOSP07, + author = {John Criswell, Andrew Lenharth , Dinakar Dhurjati, and Vikram Adve}, + title = {Secure Virtual Architecture: A Safe Execution Environment for Commodity Operating Systems}, + booktitle = {SOSP '07: Proceedings of the Twenty First ACM Symposium on Operating Systems Principles}, + month = {October}, + year = {2007}, + location = {Stevenson, WA}, + } + </pre> + + <!-- *********************************************************************** --> + <hr> + <a href="http://jigsaw.w3.org/css-validator/check/referer";><img + src="http://jigsaw.w3.org/css-validator/images/vcss"; alt="Valid CSS!"></a> + <a href="http://validator.w3.org/check/referer";><img + src="http://www.w3.org/Icons/valid-html401"; alt="Valid HTML 4.01!" /></a> + + </body> + </html> _______________________________________________ llvm-commits mailing list llvm-commits@cs.uiuc.edu http://lists.cs.uiuc.edu/mailman/listinfo/llvm-commits
