Small, C., "A Tool for Constructing Safe Extensible C++ Systems". Proceedings of the 3 rd USENIX Conference on Object-Oriented Technologies (COOTS), Portland OR, U.S.A., June 1997.  Home/Search   Document Details and Download   Summary   Related Articles   Check

.... regions within the kernel address space from which the code cannot arbitrarily escape (escapes are only possible through the invocation of exported VINO kernel interfaces acting like system calls for grafts but with reduced call overhead) The VINO team have constructed a compiler tool (MiSFIT) Small,97] for sandboxing arbitrary graft code at the assembly level. 34 The code produced is secured from external tampering by encryption techniques. A more subtle form of integrity problem is the hoarding of the resources that grafts acquire [Seltzer,96] Malicious grafts can indirectly impede the ....

Small, C., "A Tool for Constructing Safe Extensible C++ Systems". Proceedings of the 3 rd USENIX Conference on Object-Oriented Technologies (COOTS), Portland OR, U.S.A., June 1997.

....The focus is on kernel instrumentation, though user level instrumentation tools are also discussed, since existing kernel instrumentation systems are few. 2.1. 1 Extensibility in Research Kernels Extensible operating systems such as SPIN [10, 11, 37, 68, 84] Exokernel [34, 35, 36, 47] VINO [81, 82, 83, 87], Cache Kernel [21] Scout [41, 59, 61, 62] and Synthetix [23, 24, 73, 74, 75] allow user level processes to download code into the kernel, offering a coarse grained means of changing kernel code dynamically. SPIN allows applications to change the operating system s interface and implementation ....

....process. In addition, downloaded code executes in a transaction environment. If a process misbehaves, such as grabbing a lock and going into an infinite loop, the kernel detects it and aborts the transaction. VINO allows C classes to specify methods that can be customized on a per object basis [87], so not all code in the kernel can be customized. In addition, since it overrides object methods, VINO offers a limited number of instrumentation points, which are at whole function granularity. Furthermore, the instrumentation sites are pre coded to facilitate instrumentation. A C virtual ....

C. Small. A Tool for Constructing Safe Extensible C++ Systems. 4th USENIX Conference on Object-Oriented Technologies and Systems (COOTS), Santa Fe, NM, April 1998.

....two orders of magnitude) than code executing directly on native hardware [16] 2.1. 2 Software Fault Isolation In software fault isolation (SFI) the extension code is sandboxed such that any memory accesses it makes are guaranteed to fall within the memory region allocated to the extension [22] [17]. This is achieved by inserting instructions into the extension code to check each function call and to force the memory accesses to fall into the extension region. Such a modification is made to the binary code of the extension. The protection offered to the application can be write protection ....

Small, C.; "A Tool for Constructing Safe Extensible C++ Systems", Third Conference on Object Oriented Technologies and Systems (COOTS '97), June 1997.

.... is inherently slower (anywhere up to an order of magnitude) than code executing directly on native hardware [13] In software fault isolation (SFI) the extension code is sandboxed such that any memory accesses it makes are guaranteed to fall within the memory region allocated to the extension [21, 14]. This is achieved by inserting instructions into the extension code to check each function call and to force the memory accesses to fall into the extension region. Such a modification is made to the binary code of the extension. The protection offered to the application can be write protection ....

Small, C.; "A tool for constructing safe extensible C++ Systems", Third Conference on Object Oriented Technologies and Systems (COOTS '97), June 1997.

....operating systems [3, 6, 15] allow processes to download code into a kernel, but differ from our approach in several ways. First, they are not unmodified commodity kernels. Second, they perform coarse grained instrumentation; for example, VINO allows C classes to customize object methods [16]. Third, they have a limited number of instrumentation points, that must be pre coded in a manner that allows easy instrumentation; for example, Synthetix [13] replaces a function that is called through a level of indirection by overwriting the appropriate function pointer. We note that KernInst ....

C. Small. A Tool for Constructing Safe Extensible C++ Systems. 4th USENIX Conference on Object-Oriented Technologies and Systems (COOTS), Santa Fe, April 1998.

....[4] Exokernel [6] and VINO [17] allow processes to download code into a kernel, but differ from our approach in several ways. First, they are not unmodified commodity kernels. Second, they perform coarse grained instrumentation; for example, VINO, allows C classes to customize object methods [19]. Third, the limited number of instrumentation points are pre coded in a way that allows easy instrumentation; for example, Synthetix [16] replaces a function that is called through a preexisting level of indirection by overwriting the appropriate function pointer. Requiring special code where ....

C. Small. A Tool for Constructing Safe Extensible C++ Systems. 4th USENIX Conference on Object-Oriented Technologies and Systems (COOTS), Santa Fe, NM, April 1998.

No context found.

Small, C., A tool for constructing safe extensible C++ systems, COOTS `97. Page 23

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC