Software fault isolation (SFI) is an effective mechanism to confine
untrusted modules inside isolated domains to protect their host applications.
Since its debut, researchers have proposed different SFI
systems for many purposes such as safe execution of untrusted native
browser plugins. However, most of these systems focus on the
x86 architecture. In recent years, ARM has become the dominant
architecture for mobile devices and gains in popularity in data centers.
Hence there is a compelling need for an efficient SFI system
for the ARM architecture. Unfortunately, existing systems either
have prohibitively high performance overhead or place various limitations
on the memory layout and instructions of untrusted modules.
In this paper, we propose ARMlock, a hardware-based fault isolation
for ARM. It uniquely leverages the memory domain support
in ARM processors to create multiple sandboxes. Memory accesses
by the untrusted module (including read, write, and execution) are
strictly confined by the hardware, and instructions running inside
the sandbox execute at the same speed as those outside it. ARMlock
imposes virtually no structural constraints on untrusted modules.
For example, they can use self-modifying code, receive exceptions,
and make system calls. Moreover, system calls can be
interposed by ARMlock to enforce the policies set by the host. We
have implemented a prototype of ARMlock for Linux that supports
the popular ARMv6 and ARMv7 sub-architecture. Our security
assessment and performance measurement show that ARMlock is
practical, effective, and efficient.
more here.........http://www.yajin.org/papers/ccs14_armlock.pdf
untrusted modules inside isolated domains to protect their host applications.
Since its debut, researchers have proposed different SFI
systems for many purposes such as safe execution of untrusted native
browser plugins. However, most of these systems focus on the
x86 architecture. In recent years, ARM has become the dominant
architecture for mobile devices and gains in popularity in data centers.
Hence there is a compelling need for an efficient SFI system
for the ARM architecture. Unfortunately, existing systems either
have prohibitively high performance overhead or place various limitations
on the memory layout and instructions of untrusted modules.
In this paper, we propose ARMlock, a hardware-based fault isolation
for ARM. It uniquely leverages the memory domain support
in ARM processors to create multiple sandboxes. Memory accesses
by the untrusted module (including read, write, and execution) are
strictly confined by the hardware, and instructions running inside
the sandbox execute at the same speed as those outside it. ARMlock
imposes virtually no structural constraints on untrusted modules.
For example, they can use self-modifying code, receive exceptions,
and make system calls. Moreover, system calls can be
interposed by ARMlock to enforce the policies set by the host. We
have implemented a prototype of ARMlock for Linux that supports
the popular ARMv6 and ARMv7 sub-architecture. Our security
assessment and performance measurement show that ARMlock is
practical, effective, and efficient.
more here.........http://www.yajin.org/papers/ccs14_armlock.pdf