Tolerating Malicious Drivers in Linux. Silas Boyd-Wickizer and Nickolai Zeldovich
Size: px
Start display at page:

Download "Tolerating Malicious Drivers in Linux. Silas Boyd-Wickizer and Nickolai Zeldovich"

Transcription

1 XXX

2 Tolerating Malicious Drivers in Linux Silas Boyd-Wickizer and Nickolai Zeldovich

3 How could a device driver be malicious? Today's device drivers are highly privileged Write kernel memory, allocate memory,... Drivers are complex; developers write buggy code Result: Attackers exploit vulnerabilities

4 How could a device driver be malicious? Today's device drivers are highly privileged Write kernel memory, allocate memory,... Drivers are complex; developers write buggy code Result: Attackers exploit vulnerabilities

5 How could a device driver be malicious? Today's device drivers are highly privileged Write kernel memory, allocate memory,... Drivers are complex; developers write buggy code Result: Attackers exploit vulnerabilities

6 Current approach -space drivers in μkernels (Minix, L4,...) Write device driver in new language (Termite) Handle common faults (Nooks, microdrivers,...)

7 Goal Secure, efficient, & unmodified drivers on Linux

8 Previous user-space drivers μkernel Hardware Ethernet driver Network stack Application core

9 Previous user-space drivers Confine driver in a process μkernel Hardware Ethernet driver Network stack Application core

10 Previous user-space drivers Confine driver in a process μkernel Hardware Ethernet driver Network stack Application core General purpose syscall API to configure device

11 Previous user-space drivers Confine driver in a process μkernel Hardware Ethernet driver Network stack Application Confine device with IO virtualization HW. core General purpose syscall API to configure device

12 Previous user-space drivers Confine driver in a process μkernel IPC network driver API E.g. tx_packet Hardware Ethernet driver Network stack Application Confine device with IO virtualization HW. core General purpose syscall API to configure device

13 Current Linux driver architecture Hardware Application Ethernet driver Network stack RT netdevice

14 Current Linux driver architecture Hardware runtime (e.g. kmalloc) Application Ethernet driver Network stack RT netdevice

15 Current Linux driver architecture Hardware runtime (e.g. kmalloc) Network driver API (e.g. tx_packet) Application Ethernet driver Network stack RT netdevice

16 Linux user-space driver problem RT and driver APIs won't work for untrusted drivers in a different AS Ethernet driver Hardware Application Network stack RT netdevice

17 SUD's approach Ethernet driver Hardware Application Network stack RT netdevice

18 SUD's approach SUD UML handles calls to kernel RT Ethernet driver Hardware SUD UML Application Network stack RT netdevice

19 SUD's approach SUD UML handles calls to kernel RT Proxy driver and SUD UML allow reuse of existing driver APIs Ethernet driver Hardware SUD UML Application Ethernet proxy driver Network stack RT netdevice

20 SUD's approach SUD UML handles calls to kernel RT Proxy driver and SUD UML allow reuse of existing driver APIs Ethernet driver Hardware SUD UML Application Network driver API Ethernet proxy driver Network stack RT netdevice

21 SUD's approach SUD UML handles calls to kernel RT Proxy driver and SUD UML allow reuse of existing driver APIs Ethernet driver Hardware SUD RPC API SUD UML Application Network driver API Ethernet proxy driver Network stack RT netdevice

22 SUD's approach SUD UML handles calls to kernel RT Proxy driver and SUD UML allow reuse of Network driver API existing driver APIs Ethernet driver Hardware SUD RPC API SUD UML Application Network driver API Ethernet proxy driver Network stack RT netdevice

23 SUD's results Tolerate malicious device drivers Proxy drivers small (~500 LOC) One proxy driver per device class Few kernel modifications (~50 LOC) Unmodified drivers (6 test drivers) High performance, low overhead No need for new OS or language

24 Security challenge: prevent attacks Problem: driver must perform privileged operations Memory access, driver API, DMA, interrupts, Attacks from driver code: Direct system attacks: memory corruption,... Driver API attacks: invalid return value, deadlock,... Attacks from device: DMA to DRAM, peer-to-peer attacks, interrupt storms

25 Practical challenges High performance, low overhead Challenge: interact with hardware and kernel at high rate, kernel-user switch expensive E.g. Ethernet driver ~100k times a second Reuse existing drivers and kernel Challenge: drivers assume fully-privileged kernel env. Challenge: kernel driver API complex, non-uniform

26 SUD overview Hardware Driver SUD UML Application HW access module Proxy driver core

27 SUD overview Hardware Driver SUD UML Application HW access module Proxy driver core

28 Linux driver APIs Linux defines a driver API for each device class Driver and kernel functions and variables

29 Example: wireless driver API Linux defines a driver API for each device class Driver and kernel functions and variables struct wireless_ops { int (*tx)(struct sk_buff*); int (*configure_filter)(int);... }; struct wireless_hw { int conf; int flags... };

30 Example: wireless driver API Linux defines a driver API for each device class Driver and kernel functions and variables struct wireless_ops { int (*tx)(struct sk_buff*); int (*configure_filter)(int);... }; struct wireless_hw { int conf; int flags... }; Proxy drivers and SUD-UML convert API to RPCs

31 Example: wireless driver API Linux defines a driver API for each device class Driver and kernel functions and variables struct wireless_ops { int (*tx)(struct sk_buff*); int (*configure_filter)(int);... }; struct wireless_hw { int conf; int flags... }; Proxy drivers and SUD-UML convert API to RPCs

32 Example: wireless driver API Linux defines a driver API for each device class Driver and kernel functions and variables struct wireless_ops { }; int (*tx)(struct sk_buff*); int (*configure_filter)(int);... struct wireless_hw { }; int conf; int flags... Called in a nonpreemptable context Proxy drivers and SUD-UML convert API to RPCs

33 Example: wireless driver API Linux defines a driver API for each device class Driver and kernel functions and variables struct wireless_ops { }; int (*tx)(struct sk_buff*); int (*configure_filter)(int);... struct wireless_hw { }; int conf; int flags... Driver API variable Called in a nonpreemptable context Proxy drivers and SUD-UML convert API to RPCs

34 driver in SUD Basic driver API SUD RPC API driver API Non-preemptable function: implement in proxy Driver API variable: shadow variables

35 Example 1: transmit a packet Hardware driver SUD UML Web browser proxy driver core

36 Example 1: transmit a packet Socket write Hardware driver SUD UML Web browser proxy driver core

37 Example 1: transmit a packet Hardware driver SUD UML Web browser wireless_ops.tx proxy driver core

38 Example 1: transmit a packet TX packet RPC Hardware driver SUD UML Web browser proxy driver core

39 Example 1: transmit a packet wireless_ops.tx Hardware driver SUD UML Web browser proxy driver core

40 Example 1: transmit a packet DMA TX Hardware driver SUD UML Web browser proxy driver core

41 Example 2: non-preemptable callback Problem: unable to switch to user-space Hardware driver SUD UML Web browser proxy driver core

42 Example 2: non-preemptable callback Problem: unable to switch to user-space Hardware driver SUD UML Web browseracquires a spin lock proxy driver core

43 Example 2: non-preemptable callback Problem: unable to switch to user-space Hardware Web driver browser SUD UML wireless_ops.configure_filter proxy driver core

44 Example 2: non-preemptable callback Problem: unable to switch to user-space Filter RPC Hardware driver SUD UML Web browser proxy driver core

45 Example 2: non-preemptable callback Problem: unable to switch to user-space Hardware driver SUD UML Web browser proxy driver core

46 Example 2: non-preemptable callback Problem: unable to switch to user-space Solution: implement directly in proxy driver Hardware driver SUD UML Web browser proxy driver core

47 Example 2: non-preemptable callback Problem: unable to switch to user-space Solution: implement directly in proxy driver Hardware driver SUD UML Register RX Web packet types browser proxy driver core

48 Example 2: non-preemptable callback Problem: unable to switch to user-space Solution: implement directly in proxy driver Hardware driver SUD UML Web browseracquires a spin lock proxy driver core

49 Example 2: non-preemptable callback Problem: unable to switch to user-space Solution: implement directly in proxy driver Hardware driver SUD UML Web browser wireless_ops.configure_filter proxy driver core

50 Example 2: non-preemptable callback Problem: unable to switch to user-space Solution: implement directly in proxy driver Hardware driver SUD UML Web Return RX browser packet types proxy driver core

51 Example 3: driver API variables Problem: user-space can't access API variables Hardware driver SUD UML Web browser proxy driver core wireless_hw

52 Example 3: driver API variables Problem: user-space can't access API variables Hardware driver SUD UML Web browser proxy driver Driver API variable core wireless_hw

53 Example 3: driver API variables Problem: user-space can't access API variables Hardware driver SUD UML Web browser Writes to wireless_hw proxy driver core wireless_hw

54 Example 3: driver API variables Problem: user-space can't access API variables Hardware driver SUD UML Web browser proxy driver core wireless_hw

55 Example 3: driver API variables Problem: user-space can't access API variables Solution: allocate a shadow copy and synchronize before and after RPCs Hardware driver SUD UML Web browser proxy driver core wireless_hw

56 Example 3: driver API variables Problem: user-space can't access API variables Solution: allocate a shadow copy and synchronize before and after RPCs Shadow variable Hardware driver SUD UML wireless_hw Web browser proxy driver core wireless_hw

57 Example 3: driver API variables Problem: user-space can't access API variables Solution: allocate a shadow copy and synchronize before and after RPCs Hardware driver SUD UML wireless_hw Web browser Writes to wireless_hw proxy driver core wireless_hw

58 Example 3: driver API variables Problem: user-space can't access API variables Solution: allocate a shadow copy and synchronize before and after RPCs Synchronize before driver Hardware SUD UML sending RPC wireless_hw Web browser proxy driver core wireless_hw

59 Example 3: driver API variables Problem: user-space can't access API variables Solution: allocate a shadow copy and synchronize before and after RPCs Hardware Send RPC driver SUD UML Web browser wireless_hw proxy driver core wireless_hw

60 Example 3: driver API variables Problem: user-space can't access API variables Reads updates from Solution: allocate a shadow shadow copy variableand synchronize before and after RPCs Hardware driver SUD UML wireless_hw Web browser proxy driver core wireless_hw

61 SUD overview Hardware Driver SUD UML Application HW access module Proxy driver core

62 SUD overview Hardware Driver SUD UML Application HW access module Proxy driver core

63 Attacks from hardware CPU Memory interconnect PCI bus DRAM

64 Attacks from hardware Driver configures the device to execute attacks CPU Memory interconnect PCI bus DRAM

65 Attacks from hardware Driver configures the device to execute attacks DMA to DRAM CPU Memory interconnect PCI bus DRAM

66 Attacks from hardware Driver configures the device to execute attacks DMA to DRAM Peer-to-peer messages CPU Memory interconnect PCI bus DRAM

67 Attacks from hardware Driver configures the device to execute attacks DMA to DRAM Peer-to-peer messages Interrupt storms CPU Memory interconnect PCI bus DRAM

68 Attacks from hardware Driver configures the device to execute attacks DMA to DRAM Peer-to-peer messages Interrupt storms HW access module prevents attacks Interposes on driver-device communication Uses IO virtualization to provide direct device access

69 IO virtualization hardware APIC interconnect CPU MSI Memory interconnect IOMMU PCI express switch DRAM

70 IO virtualization hardware Use IOMMU to map DMA buffer pools Prevents DMA to DRAM attacks APIC interconnect CPU MSI Memory interconnect IOMMU PCI express switch DRAM

71 IO virtualization hardware Use PCI ACS to prevent peer-to-peer messaging Prevents peer-to-peer attacks APIC interconnect CPU MSI Memory interconnect IOMMU PCI express switch DRAM

72 IO virtualization hardware Use MSI to mask interrupts Prevents interrupt storms APIC interconnect CPU MSI Memory interconnect IOMMU PCI express switch DRAM

73 Interrupt handlers in Linux MSI Driver IRQ core

74 Interrupt handlers in Linux MSI Driver IRQ core

75 Interrupt handlers in Linux Driver called with IRQs disabled (non-preemptable) MSI Driver IRQ core

76 Interrupt handlers in Linux calls driver interrupt handler Driver clears interrupt flag MSI Driver IRQ core

77 Interrupt handlers with SUD MSI Driver SUD UML HW access module IRQ core

78 Interrupt handlers with SUD calls HW access module interrupt handler HW access module masks interrupt with MSI MSI Driver SUD UML HW access module IRQ core

79 Interrupt handlers with SUD calls HW access module interrupt handler HW access module masks interrupt with MSI MSI Driver SUD UML HW access module IRQ core

80 Interrupt handlers with SUD calls HW access module interrupt handler HW access module masks interrupt with MSI Asynchronous RPC to driver MSI Driver SUD UML HW access module IRQ core

81 Interrupt handlers with SUD calls HW access module interrupt handler HW access module masks interrupt with MSI Asynchronous RPC to driver Driver clears interrupt MSI Driver SUD UML HW access module IRQ core

82 Interrupt handlers with SUD HW access module masks interrupt with MSI Asynchronous RPC to driver Driver clears interrupt HW access module unmasks MSI MSI Driver SUD UML HW access module IRQ core

83 SUD overview Hardware Driver SUD UML Application HW access module Proxy driver core

84 Prototype of SUD Trusted code Lines of code PCI access module 2800 Ethernet proxy driver 300 proxy driver 600 Audio proxy driver 550 Untrusted code Lines of code -mode runtime 5000 Drivers ,000 (each) Supports all Ethernet, wireless, USB, audio drivers Tested: e1000e, ne2k-pci, iwlagn, snd_hda_intel, ehci_hcd, uhci_hcd,...

85 Prototype of SUD Trusted code Lines of code PCI access module 2800 Ethernet proxy driver 300 proxy driver 600 Audio proxy driver 550 Untrusted code Lines of code -mode runtime 5000 Drivers ,000 (each) Supports all Ethernet, wireless, USB, audio drivers Tested: e1000e, ne2k-pci, iwlagn, snd_hda_intel, ehci_hcd, uhci_hcd,...

86 Prototype of SUD Trusted code Lines of code PCI access module 2800 Ethernet proxy driver 300 proxy driver 600 Audio proxy driver 550 Untrusted code Lines of code -mode runtime 5000 Drivers ,000 (each) Supports all Ethernet, wireless, USB, audio drivers Tested: e1000e, ne2k-pci, iwlagn, snd_hda_intel, ehci_hcd, uhci_hcd,...

87 Performance For most devices, does not matter Printers, cameras, Stress-test: e1000e gigabit network card Requires high throughput Requires low latency Many device driver interactions Test machine: 1.4GHz dual core Thinkpad

88 Performance questions? What performance does SUD get? Network throughput, latency How much does it cost? CPU cycles

89 SUD achieves same device performance 1 Throughput relative to Linux Linux Sud 0 TCP UDP TX UDP RX UDP latency Normalized throughput relative to Linux TCP: streaming (950 Mbps in both cases) UDP: one-byte-data packets

90 CPU cost is low CPU utilization Linux Sud 0 TCP UDP TX UDP RX UDP latency SUD overhead: user-kernel switch, TLB misses Overheads not significant for many workloads (packets larger than min. packet size)

91 Future directions Explore hierarchical untrusted device drivers PCI bus SATA controller SATA disk Explore giving apps direct hardware access Safe HW access for network analyzer, X server, Performance analysis and optimizations SUD specific device drivers, super pages,...

92 Related work Mircokernels (Minix, L4,...) Simple drivers, driver API designed for user-space Nooks, microdrivers Handles common bugs, many changes to kernel Languages (e.g. Termite), source code analysis Complimentary to user-space drivers No need for new OS or language

93 Summary Driver bugs lead to system crashes or exploits SUD protects Linux from malicious drivers using proxy drivers and IO virtualization HW Runs unmodified Linux device drivers High performance, low overheads Few modifications to Linux kernel

94

95 Security evaluation Manually constructed potential attacks Memory corruption, arbitrary upcall responses, not responding at all, arbitrary DMA,... Relied on security heavily during development SUD caught all bugs in user-mode driver framework No crashes / reboots required to develop drivers Ideal, but not done: red-team evaluation?

Similar documents

Tolerating Malicious Device Drivers in Linux

Tolerating Malicious Device Drivers in Linux Tolerating Malicious Device Drivers in Linux The MIT Faculty has made this article openly available. Please share how this access benefits you. Your story matters. Citation As Published Publisher Boyd-Wickizer,

More information

Part 1: Introduction to device drivers Part 2: Overview of research on device driver reliability Part 3: Device drivers research at ERTOS

Part 1: Introduction to device drivers Part 2: Overview of research on device driver reliability Part 3: Device drivers research at ERTOS Some statistics 70% of OS code is in device s 3,448,000 out of 4,997,000 loc in Linux 2.6.27 A typical Linux laptop runs ~240,000 lines of kernel code, including ~72,000 loc in 36 different device s s

More information

Advanced Computer Networks. End Host Optimization

Advanced Computer Networks. End Host Optimization Oriana Riva, Department of Computer Science ETH Zürich 263 3501 00 End Host Optimization Patrick Stuedi Spring Semester 2017 1 Today End-host optimizations: NUMA-aware networking Kernel-bypass Remote Direct

More information

Review: Hardware user/kernel boundary

Review: Hardware user/kernel boundary Review: Hardware user/kernel boundary applic. applic. applic. user lib lib lib kernel syscall pg fault syscall FS VM sockets disk disk NIC context switch TCP retransmits,... device interrupts Processor

More information

Hardware OS & OS- Application interface

Hardware OS & OS- Application interface CS 4410 Operating Systems Hardware OS & OS- Application interface Summer 2013 Cornell University 1 Today How my device becomes useful for the user? HW-OS interface Device controller Device driver Interrupts

More information

Operating System: Chap13 I/O Systems. National Tsing-Hua University 2016, Fall Semester

Operating System: Chap13 I/O Systems. National Tsing-Hua University 2016, Fall Semester Operating System: Chap13 I/O Systems National Tsing-Hua University 2016, Fall Semester Outline Overview I/O Hardware I/O Methods Kernel I/O Subsystem Performance Application Interface Operating System

More information

Last class: Today: Course administration OS definition, some history. Background on Computer Architecture

Last class: Today: Course administration OS definition, some history. Background on Computer Architecture 1 Last class: Course administration OS definition, some history Today: Background on Computer Architecture 2 Canonical System Hardware CPU: Processor to perform computations Memory: Programs and data I/O

More information

I/O Management Software. Chapter 5

I/O Management Software. Chapter 5 I/O Management Software Chapter 5 1 Learning Outcomes An understanding of the structure of I/O related software, including interrupt handers. An appreciation of the issues surrounding long running interrupt

More information

Initial Evaluation of a User-Level Device Driver Framework

Initial Evaluation of a User-Level Device Driver Framework Initial Evaluation of a User-Level Device Driver Framework Stefan Götz Karlsruhe University Germany sgoetz@ira.uka.de Kevin Elphinstone National ICT Australia University of New South Wales kevine@cse.unsw.edu.au

More information

Nooks. Robert Grimm New York University

Nooks. Robert Grimm New York University Nooks Robert Grimm New York University The Three Questions What is the problem? What is new or different? What are the contributions and limitations? Design and Implementation Nooks Overview An isolation

More information

Operating System Design Issues. I/O Management

Operating System Design Issues. I/O Management I/O Management Chapter 5 Operating System Design Issues Efficiency Most I/O devices slow compared to main memory (and the CPU) Use of multiprogramming allows for some processes to be waiting on I/O while

More information

Arrakis: The Operating System is the Control Plane

Arrakis: The Operating System is the Control Plane Arrakis: The Operating System is the Control Plane Simon Peter, Jialin Li, Irene Zhang, Dan Ports, Doug Woos, Arvind Krishnamurthy, Tom Anderson University of Washington Timothy Roscoe ETH Zurich Building

More information

I/O Management Software. Chapter 5

I/O Management Software. Chapter 5 I/O Management Software Chapter 5 1 Learning Outcomes An understanding of the structure of I/O related software, including interrupt handers. An appreciation of the issues surrounding long running interrupt

More information

Background. IBM sold expensive mainframes to large organizations. Monitor sits between one or more OSes and HW

Background. IBM sold expensive mainframes to large organizations. Monitor sits between one or more OSes and HW Virtual Machines Background IBM sold expensive mainframes to large organizations Some wanted to run different OSes at the same time (because applications were developed on old OSes) Solution: IBM developed

More information

G Xen and Nooks. Robert Grimm New York University

G Xen and Nooks. Robert Grimm New York University G22.3250-001 Xen and Nooks Robert Grimm New York University Agenda! Altogether now: The three questions! The (gory) details of Xen! We already covered Disco, so let s focus on the details! Nooks! The grand

More information

OS Extensibility: SPIN and Exokernels. Robert Grimm New York University

OS Extensibility: SPIN and Exokernels. Robert Grimm New York University OS Extensibility: SPIN and Exokernels Robert Grimm New York University The Three Questions What is the problem? What is new or different? What are the contributions and limitations? OS Abstraction Barrier

More information

Operating System Security

Operating System Security Operating System Security Operating Systems Defined Hardware: I/o...Memory.CPU Operating Systems: Windows or Android, etc Applications run on operating system Operating Systems Makes it easier to use resources.

More information

Predictable Interrupt Management and Scheduling in the Composite Component-based System

Predictable Interrupt Management and Scheduling in the Composite Component-based System Predictable Interrupt Management and Scheduling in the Composite Component-based System Gabriel Parmer and Richard West Computer Science Department Boston University Boston, MA 02215 {gabep1, richwest}@cs.bu.edu

More information

Chapter 13: I/O Systems

Chapter 13: I/O Systems Chapter 13: I/O Systems Silberschatz, Galvin and Gagne 2013! Chapter 13: I/O Systems I/O Hardware" Application I/O Interface" Kernel I/O Subsystem" Transforming I/O Requests to Hardware Operations" STREAMS"

More information

CSE 120 Principles of Operating Systems

CSE 120 Principles of Operating Systems CSE 120 Principles of Operating Systems Spring 2018 Lecture 16: Virtual Machine Monitors Geoffrey M. Voelker Virtual Machine Monitors 2 Virtual Machine Monitors Virtual Machine Monitors (VMMs) are a hot

More information

Module 11: I/O Systems

Module 11: I/O Systems Module 11: I/O Systems Reading: Chapter 13 Objectives Explore the structure of the operating system s I/O subsystem. Discuss the principles of I/O hardware and its complexity. Provide details on the performance

More information

The control of I/O devices is a major concern for OS designers

The control of I/O devices is a major concern for OS designers Lecture Overview I/O devices I/O hardware Interrupts Direct memory access Device dimensions Device drivers Kernel I/O subsystem Operating Systems - June 26, 2001 I/O Device Issues The control of I/O devices

More information

I/O Management Intro. Chapter 5

I/O Management Intro. Chapter 5 I/O Management Intro Chapter 5 1 Learning Outcomes A high-level understanding of the properties of a variety of I/O devices. An understanding of methods of interacting with I/O devices. 2 I/O Devices There

More information

Sandboxing Untrusted Code: Software-Based Fault Isolation (SFI)

Sandboxing Untrusted Code: Software-Based Fault Isolation (SFI) Sandboxing Untrusted Code: Software-Based Fault Isolation (SFI) Brad Karp UCL Computer Science CS GZ03 / M030 9 th December 2011 Motivation: Vulnerabilities in C Seen dangers of vulnerabilities: injection

More information

Speeding up Linux TCP/IP with a Fast Packet I/O Framework

Speeding up Linux TCP/IP with a Fast Packet I/O Framework Speeding up Linux TCP/IP with a Fast Packet I/O Framework Michio Honda Advanced Technology Group, NetApp michio@netapp.com With acknowledge to Kenichi Yasukata, Douglas Santry and Lars Eggert 1 Motivation

More information

Tolerating Hardware Device Failures in Software. Asim Kadav, Matthew J. Renzelmann, Michael M. Swift University of Wisconsin Madison

Tolerating Hardware Device Failures in Software. Asim Kadav, Matthew J. Renzelmann, Michael M. Swift University of Wisconsin Madison Tolerating Hardware Device Failures in Software Asim Kadav, Matthew J. Renzelmann, Michael M. Swift University of Wisconsin Madison Current state of OS hardware interaction Many device drivers assume device

More information

The Kernel Abstraction. Chapter 2 OSPP Part I

The Kernel Abstraction. Chapter 2 OSPP Part I The Kernel Abstraction Chapter 2 OSPP Part I Kernel The software component that controls the hardware directly, and implements the core privileged OS functions. Modern hardware has features that allow

More information

The Kernel Abstraction

The Kernel Abstraction The Kernel Abstraction Debugging as Engineering Much of your time in this course will be spent debugging In industry, 50% of software dev is debugging Even more for kernel development How do you reduce

More information

I/O Systems and Storage Devices

I/O Systems and Storage Devices CSC 256/456: Operating Systems I/O Systems and Storage Devices John Criswell! University of Rochester 1 I/O Device Controllers I/O devices have both mechanical component & electronic component! The electronic

More information

Demystifying Network Cards

Demystifying Network Cards Demystifying Network Cards Paul Emmerich December 27, 2017 Chair of Network Architectures and Services About me PhD student at Researching performance of software packet processing systems Mostly working

More information

Sandboxing. CS-576 Systems Security Instructor: Georgios Portokalidis Spring 2018

Sandboxing. CS-576 Systems Security Instructor: Georgios Portokalidis Spring 2018 Sandboxing CS-576 Systems Security Instructor: Georgios Portokalidis Sandboxing Means Isolation Why? Software has bugs Defenses slip Untrusted code Compartmentalization limits interference and damage!

More information

IsoStack Highly Efficient Network Processing on Dedicated Cores

IsoStack Highly Efficient Network Processing on Dedicated Cores IsoStack Highly Efficient Network Processing on Dedicated Cores Leah Shalev Eran Borovik, Julian Satran, Muli Ben-Yehuda Outline Motivation IsoStack architecture Prototype TCP/IP over 10GE on a single

More information

I/O Systems. Jo, Heeseung

I/O Systems. Jo, Heeseung I/O Systems Jo, Heeseung Today's Topics Device characteristics Block device vs. Character device Direct I/O vs. Memory-mapped I/O Polling vs. Interrupts Programmed I/O vs. DMA Blocking vs. Non-blocking

More information

HKG net_mdev: Fast-path userspace I/O. Ilias Apalodimas Mykyta Iziumtsev François-Frédéric Ozog

HKG net_mdev: Fast-path userspace I/O. Ilias Apalodimas Mykyta Iziumtsev François-Frédéric Ozog HKG18-110 net_mdev: Fast-path userspace I/O Ilias Apalodimas Mykyta Iziumtsev François-Frédéric Ozog Why userland I/O Time sensitive networking Developed mostly for Industrial IOT, automotive and audio/video

More information

Spring 2017 :: CSE 506. Device Programming. Nima Honarmand

Spring 2017 :: CSE 506. Device Programming. Nima Honarmand Device Programming Nima Honarmand read/write interrupt read/write Spring 2017 :: CSE 506 Device Interface (Logical View) Device Interface Components: Device registers Device Memory DMA buffers Interrupt

More information

Systems Programming and Computer Architecture ( ) Timothy Roscoe

Systems Programming and Computer Architecture ( ) Timothy Roscoe Systems Group Department of Computer Science ETH Zürich Systems Programming and Computer Architecture (252-0061-00) Timothy Roscoe Herbstsemester 2016 AS 2016 Exceptions 1 17: Exceptions Computer Architecture

More information

Module 12: I/O Systems

Module 12: I/O Systems Module 12: I/O Systems I/O Hardware Application I/O Interface Kernel I/O Subsystem Transforming I/O Requests to Hardware Operations Performance Operating System Concepts 12.1 Silberschatz and Galvin c

More information

Developing Real-Time Applications

Developing Real-Time Applications Developing Real-Time Applications Real Time Operating Systems and Middleware Luca Abeni luca.abeni@unitn.it Characterised by temporal constraints deadlines Concurrent (application: set of real-time tasks)

More information

An Analysis of Linux Scalability to Many Cores

An Analysis of Linux Scalability to Many Cores An Analysis of Linux Scalability to Many Cores 1 What are we going to talk about? Scalability analysis of 7 system applications running on Linux on a 48 core computer Exim, memcached, Apache, PostgreSQL,

More information

Anne Bracy CS 3410 Computer Science Cornell University

Anne Bracy CS 3410 Computer Science Cornell University Anne Bracy CS 3410 Computer Science Cornell University The slides were originally created by Deniz ALTINBUKEN. P&H Chapter 4.9, pages 445 452, appendix A.7 Manages all of the software and hardware on the

More information

VirtuOS: an operating system with kernel virtualization. Ruslan Nikolaev, Godmar Back Virginia Tech

VirtuOS: an operating system with kernel virtualization. Ruslan Nikolaev, Godmar Back Virginia Tech VirtuOS: an operating system with kernel virtualization Ruslan Nikolaev, Godmar Back Virginia Tech Motivation Component failure may lead to system failure in monolithic OS designs Lack of protection for

More information

Lecture 15: I/O Devices & Drivers

Lecture 15: I/O Devices & Drivers CS 422/522 Design & Implementation of Operating Systems Lecture 15: I/O Devices & Drivers Zhong Shao Dept. of Computer Science Yale University Acknowledgement: some slides are taken from previous versions

More information

Sugar: Secure GPU Acceleration in Web Browsers

Sugar: Secure GPU Acceleration in Web Browsers Sugar: Secure GPU Acceleration in Web Browsers Zhihao Yao, Zongheng Ma, Yingtong Liu, Ardalan Amiri Sani, Aparna Chandramowlishwaran Trustworthy Systems Lab, UC Irvine 1 WebGL was released in 2011 2 Source:

More information

Chapter 13: I/O Systems

Chapter 13: I/O Systems COP 4610: Introduction to Operating Systems (Spring 2015) Chapter 13: I/O Systems Zhi Wang Florida State University Content I/O hardware Application I/O interface Kernel I/O subsystem I/O performance Objectives

More information

CS 550 Operating Systems Spring System Call

CS 550 Operating Systems Spring System Call CS 550 Operating Systems Spring 2018 System Call 1 Recap: The need for protection When running user processes, the OS needs to protect itself and other system components For reliability: buggy programs

More information

19: I/O. Mark Handley. Direct Memory Access (DMA)

19: I/O. Mark Handley. Direct Memory Access (DMA) 19: I/O Mark Handley Direct Memory Access (DMA) 1 Interrupts Revisited Connections between devices and interrupt controller actually use interrupt lines on the bus rather than dedicated wires. Interrupts

More information

Anne Bracy CS 3410 Computer Science Cornell University

Anne Bracy CS 3410 Computer Science Cornell University Anne Bracy CS 3410 Computer Science Cornell University The slides were originally created by Deniz ALTINBUKEN. P&H Chapter 4.9, pages 445 452, appendix A.7 Manages all of the software and hardware on the

More information

I/O. Fall Tore Larsen. Including slides from Pål Halvorsen, Tore Larsen, Kai Li, and Andrew S. Tanenbaum)

I/O. Fall Tore Larsen. Including slides from Pål Halvorsen, Tore Larsen, Kai Li, and Andrew S. Tanenbaum) I/O Fall 2011 Tore Larsen Including slides from Pål Halvorsen, Tore Larsen, Kai Li, and Andrew S. Tanenbaum) Big Picture Today we talk about I/O characteristics interconnection devices & controllers (disks

More information

I/O. Fall Tore Larsen. Including slides from Pål Halvorsen, Tore Larsen, Kai Li, and Andrew S. Tanenbaum)

I/O. Fall Tore Larsen. Including slides from Pål Halvorsen, Tore Larsen, Kai Li, and Andrew S. Tanenbaum) I/O Fall 2010 Tore Larsen Including slides from Pål Halvorsen, Tore Larsen, Kai Li, and Andrew S. Tanenbaum) Big Picture Today we talk about I/O characteristics interconnection devices & controllers (disks

More information

I/O Devices. Nima Honarmand (Based on slides by Prof. Andrea Arpaci-Dusseau)

I/O Devices. Nima Honarmand (Based on slides by Prof. Andrea Arpaci-Dusseau) I/O Devices Nima Honarmand (Based on slides by Prof. Andrea Arpaci-Dusseau) Hardware Support for I/O CPU RAM Network Card Graphics Card Memory Bus General I/O Bus (e.g., PCI) Canonical Device OS reads/writes

More information

Example Networks on chip Freescale: MPC Telematics chip

Example Networks on chip Freescale: MPC Telematics chip Lecture 22: Interconnects & I/O Administration Take QUIZ 16 over P&H 6.6-10, 6.12-14 before 11:59pm Project: Cache Simulator, Due April 29, 2010 NEW OFFICE HOUR TIME: Tuesday 1-2, McKinley Exams in ACES

More information

Silberschatz and Galvin Chapter 12

Silberschatz and Galvin Chapter 12 Silberschatz and Galvin Chapter 12 I/O Systems CPSC 410--Richard Furuta 3/19/99 1 Topic overview I/O Hardware Application I/O Interface Kernel I/O Subsystem Transforming I/O requests to hardware operations

More information

I/O Systems. Amir H. Payberah. Amirkabir University of Technology (Tehran Polytechnic)

I/O Systems. Amir H. Payberah. Amirkabir University of Technology (Tehran Polytechnic) I/O Systems Amir H. Payberah amir@sics.se Amirkabir University of Technology (Tehran Polytechnic) Amir H. Payberah (Tehran Polytechnic) I/O Systems 1393/9/15 1 / 57 Motivation Amir H. Payberah (Tehran

More information

Chapter 13: I/O Systems. Operating System Concepts 9 th Edition

Chapter 13: I/O Systems. Operating System Concepts 9 th Edition Chapter 13: I/O Systems Silberschatz, Galvin and Gagne 2013 Chapter 13: I/O Systems Overview I/O Hardware Application I/O Interface Kernel I/O Subsystem Transforming I/O Requests to Hardware Operations

More information

Che-Wei Chang Department of Computer Science and Information Engineering, Chang Gung University

Che-Wei Chang Department of Computer Science and Information Engineering, Chang Gung University Che-Wei Chang chewei@mail.cgu.edu.tw Department of Computer Science and Information Engineering, Chang Gung University l Chapter 10: File System l Chapter 11: Implementing File-Systems l Chapter 12: Mass-Storage

More information

NTRDMA v0.1. An Open Source Driver for PCIe NTB and DMA. Allen Hubbe at Linux Piter 2015 NTRDMA. Messaging App. IB Verbs. dmaengine.h ntb.

NTRDMA v0.1. An Open Source Driver for PCIe NTB and DMA. Allen Hubbe at Linux Piter 2015 NTRDMA. Messaging App. IB Verbs. dmaengine.h ntb. Messaging App IB Verbs NTRDMA dmaengine.h ntb.h DMA DMA DMA NTRDMA v0.1 An Open Source Driver for PCIe and DMA Allen Hubbe at Linux Piter 2015 1 INTRODUCTION Allen Hubbe Senior Software Engineer EMC Corporation

More information

CS 5460/6460 Operating Systems

CS 5460/6460 Operating Systems CS 5460/6460 Operating Systems Fall 2009 Instructor: Matthew Flatt Lecturer: Kevin Tew TAs: Bigyan Mukherjee, Amrish Kapoor 1 Join the Mailing List! Reminders Make sure you can log into the CADE machines

More information

Virtualization, Xen and Denali

Virtualization, Xen and Denali Virtualization, Xen and Denali Susmit Shannigrahi November 9, 2011 Susmit Shannigrahi () Virtualization, Xen and Denali November 9, 2011 1 / 70 Introduction Virtualization is the technology to allow two

More information

CIS 21 Final Study Guide. Final covers ch. 1-20, except for 17. Need to know:

CIS 21 Final Study Guide. Final covers ch. 1-20, except for 17. Need to know: CIS 21 Final Study Guide Final covers ch. 1-20, except for 17. Need to know: I. Amdahl's Law II. Moore s Law III. Processes and Threading A. What is a process? B. What is a thread? C. Modes (kernel mode,

More information

Architectural Support for Operating Systems

Architectural Support for Operating Systems Architectural Support for Operating Systems (Chapter 2) CS 4410 Operating Systems [R. Agarwal, L. Alvisi, A. Bracy, M. George, E. Sirer, R. Van Renesse] Let s start at the very beginning 2 A Short History

More information

Pacifica Next Generation Architecture for Efficient Virtual Machines

Pacifica Next Generation Architecture for Efficient Virtual Machines Pacifica Next Generation Architecture for Efficient Virtual Machines Steve McDowell Division Marketing Manager Computation Products Group AMD steven.mcdowell@amd.com Geoffrey Strongin Platform Security

More information

CSE 153 Design of Operating Systems

CSE 153 Design of Operating Systems CSE 153 Design of Operating Systems Winter 19 Lecture 3: OS model and Architectural Support Last time/today Historic evolution of Operating Systems (and computing!) Today: We start our journey in exploring

More information

Chapter 13: I/O Systems

Chapter 13: I/O Systems Chapter 13: I/O Systems Chapter 13: I/O Systems I/O Hardware Application I/O Interface Kernel I/O Subsystem Transforming I/O Requests to Hardware Operations Streams Performance 13.2 Silberschatz, Galvin

More information

C02: Interrupts and I/O

C02: Interrupts and I/O CISC 7310X C02: Interrupts and I/O Hui Chen Department of Computer & Information Science CUNY Brooklyn College 2/8/2018 CUNY Brooklyn College 1 Von Neumann Computers Process and memory connected by a bus

More information

CSE 153 Design of Operating Systems Fall 18

CSE 153 Design of Operating Systems Fall 18 CSE 153 Design of Operating Systems Fall 18 Lecture 2: OS model and Architectural Support Last time/today l Historic evolution of Operating Systems (and computing!) l Today: We start our journey in exploring

More information

CSE 120 Principles of Operating Systems

CSE 120 Principles of Operating Systems CSE 120 Principles of Operating Systems Fall 2016 Lecture 2: Architectural Support for Operating Systems Geoffrey M. Voelker Administrivia Project 0 Due 10/4, done individually Homework #1 Due 10/6 Project

More information

Accessing I/O Devices Interface to CPU and Memory Interface to one or more peripherals Generic Model of IO Module Interface for an IO Device: CPU checks I/O module device status I/O module returns status

More information

5.b Principles of I/O Hardware CPU-I/O communication

5.b Principles of I/O Hardware CPU-I/O communication Three communication protocols between CPU and I/O 1. Programmed I/O (or polling or busy waiting ) the CPU must repeatedly poll the device to check if the I/O request completed 2. Interrupt-driven I/O the

More information

2 nd Half. Memory management Disk management Network and Security Virtual machine

2 nd Half. Memory management Disk management Network and Security Virtual machine Final Review 1 2 nd Half Memory management Disk management Network and Security Virtual machine 2 Abstraction Virtual Memory (VM) 4GB (32bit) linear address space for each process Reality 1GB of actual

More information

Xen Network I/O Performance Analysis and Opportunities for Improvement

Xen Network I/O Performance Analysis and Opportunities for Improvement Xen Network I/O Performance Analysis and Opportunities for Improvement J. Renato Santos G. (John) Janakiraman Yoshio Turner HP Labs Xen Summit April 17-18, 27 23 Hewlett-Packard Development Company, L.P.

More information

I/O Management Intro. Chapter 5

I/O Management Intro. Chapter 5 I/O Management Intro Chapter 5 1 Learning Outcomes A high-level understanding of the properties of a variety of I/O devices. An understanding of methods of interacting with I/O devices. An appreciation

More information

Operating Systems. Operating System Structure. Lecture 2 Michael O Boyle

Operating Systems. Operating System Structure. Lecture 2 Michael O Boyle Operating Systems Operating System Structure Lecture 2 Michael O Boyle 1 Overview Architecture impact User operating interaction User vs kernel Syscall Operating System structure Layers Examples 2 Lower-level

More information

Fault Isolation for Device Drivers

Fault Isolation for Device Drivers Fault Isolation for Device Drivers 39 th International Conference on Dependable Systems and Networks, 30 June 2009, Estoril Lisbon, Portugal Jorrit N. Herder Vrije Universiteit Amsterdam ~26% of Windows

More information

Chapter 2 Computer-System Structure

Chapter 2 Computer-System Structure Contents 1. Introduction 2. Computer-System Structures 3. Operating-System Structures 4. Processes 5. Threads 6. CPU Scheduling 7. Process Synchronization 8. Deadlocks 9. Memory Management 10. Virtual

More information

I/O Device Controllers. I/O Systems. I/O Ports & Memory-Mapped I/O. Direct Memory Access (DMA) Operating Systems 10/20/2010. CSC 256/456 Fall

I/O Device Controllers. I/O Systems. I/O Ports & Memory-Mapped I/O. Direct Memory Access (DMA) Operating Systems 10/20/2010. CSC 256/456 Fall I/O Device Controllers I/O Systems CS 256/456 Dept. of Computer Science, University of Rochester 10/20/2010 CSC 2/456 1 I/O devices have both mechanical component & electronic component The electronic

More information

CS 550 Operating Systems Spring Interrupt

CS 550 Operating Systems Spring Interrupt CS 550 Operating Systems Spring 2019 Interrupt 1 Revisit -- Process MAX Stack Function Call Arguments, Return Address, Return Values Kernel data segment Kernel text segment Stack fork() exec() Heap Data

More information

CSE 120 Principles of Operating Systems

CSE 120 Principles of Operating Systems CSE 120 Principles of Operating Systems Spring 2018 Lecture 10: Paging Geoffrey M. Voelker Lecture Overview Today we ll cover more paging mechanisms: Optimizations Managing page tables (space) Efficient

More information

Computer Science. ! Other approaches:! Special systems designed for extensibility

Computer Science. ! Other approaches:! Special systems designed for extensibility Application-Specific Service Technologies for Commodity OSes in Real-Time Environments Richard West and Gabriel Parmer Boston University Boston, MA {richwest,gabep1}@cs.bu.edu Introduction! Leverage commodity

More information

Computer Architecture Background

Computer Architecture Background CSE 5095 & ECE 4451 & ECE 5451 Spring 2017 Lecture 2b Computer Architecture Background Marten van Dijk Syed Kamran Haider, Chenglu Jin, Phuong Ha Nguyen Department of Electrical & Computer Engineering

More information

Operating Systems: Principles and Practice. Mark Zbikowski Gary Kimura (kudos to Tom Anderson)

Operating Systems: Principles and Practice. Mark Zbikowski Gary Kimura (kudos to Tom Anderson) Operating Systems: Principles and Practice Mark Zbikowski Gary Kimura (kudos to Tom Anderson) How This Course Fits in the UW CSE Curriculum CSE 333: Systems Programming Project experience in C/C++ How

More information

OpenOnload. Dave Parry VP of Engineering Steve Pope CTO Dave Riddoch Chief Software Architect

OpenOnload. Dave Parry VP of Engineering Steve Pope CTO Dave Riddoch Chief Software Architect OpenOnload Dave Parry VP of Engineering Steve Pope CTO Dave Riddoch Chief Software Architect Copyright 2012 Solarflare Communications, Inc. All Rights Reserved. OpenOnload Acceleration Software Accelerated

More information

Syscalls, exceptions, and interrupts, oh my!

Syscalls, exceptions, and interrupts, oh my! Syscalls, exceptions, and interrupts, oh my! Hakim Weatherspoon CS 3410 Computer Science Cornell University [Altinbuken, Weatherspoon, Bala, Bracy, McKee, and Sirer] Announcements P4-Buffer Overflow is

More information

Input/Output. Today. Next. Principles of I/O hardware & software I/O software layers Disks. Protection & Security

Input/Output. Today. Next. Principles of I/O hardware & software I/O software layers Disks. Protection & Security Input/Output Today Principles of I/O hardware & software I/O software layers Disks Next Protection & Security Operating Systems and I/O Two key operating system goals Control I/O devices Provide a simple,

More information

Xen and the Art of Virtualization. CSE-291 (Cloud Computing) Fall 2016

Xen and the Art of Virtualization. CSE-291 (Cloud Computing) Fall 2016 Xen and the Art of Virtualization CSE-291 (Cloud Computing) Fall 2016 Why Virtualization? Share resources among many uses Allow heterogeneity in environments Allow differences in host and guest Provide

More information

Virtual Memory. Motivations for VM Address translation Accelerating translation with TLBs

Virtual Memory. Motivations for VM Address translation Accelerating translation with TLBs Virtual Memory Today Motivations for VM Address translation Accelerating translation with TLBs Fabián Chris E. Bustamante, Riesbeck, Fall Spring 2007 2007 A system with physical memory only Addresses generated

More information

Networks and distributed computing

Networks and distributed computing Networks and distributed computing Abstractions provided for networks network card has fixed MAC address -> deliver message to computer on LAN -> machine-to-machine communication -> unordered messages

More information

Module 12: I/O Systems

Module 12: I/O Systems Module 12: I/O Systems I/O hardwared Application I/O Interface Kernel I/O Subsystem Transforming I/O Requests to Hardware Operations Performance 12.1 I/O Hardware Incredible variety of I/O devices Common

More information

I/O Devices. I/O Management Intro. Sample Data Rates. I/O Device Handling. Categories of I/O Devices (by usage)

I/O Devices. I/O Management Intro. Sample Data Rates. I/O Device Handling. Categories of I/O Devices (by usage) I/O Devices I/O Management Intro Chapter 5 There exists a large variety of I/O devices: Many of them with different properties They seem to require different interfaces to manipulate and manage them We

More information

操作系统概念 13. I/O Systems

操作系统概念 13. I/O Systems OPERATING SYSTEM CONCEPTS 操作系统概念 13. I/O Systems 东南大学计算机学院 Baili Zhang/ Southeast 1 Objectives 13. I/O Systems Explore the structure of an operating system s I/O subsystem Discuss the principles of I/O

More information

Tuned Pipes: End-to-end Throughput and Delay Guarantees for USB Devices. Ahmad Golchin, Zhuoqun Cheng and Richard West Boston University

Tuned Pipes: End-to-end Throughput and Delay Guarantees for USB Devices. Ahmad Golchin, Zhuoqun Cheng and Richard West Boston University Tuned Pipes: End-to-end Throughput and Delay Guarantees for USB Devices Ahmad Golchin, Zhuoqun Cheng and Richard West Boston University Motivations Cyber-physical applications Sensor-actuator loops Ubiquity

More information

Input / Output. Kevin Webb Swarthmore College April 12, 2018

Input / Output. Kevin Webb Swarthmore College April 12, 2018 Input / Output Kevin Webb Swarthmore College April 12, 2018 xkcd #927 Fortunately, the charging one has been solved now that we've all standardized on mini-usb. Or is it micro-usb? Today s Goals Characterize

More information

Introduction. CS3026 Operating Systems Lecture 01

Introduction. CS3026 Operating Systems Lecture 01 Introduction CS3026 Operating Systems Lecture 01 One or more CPUs Device controllers (I/O modules) Memory Bus Operating system? Computer System What is an Operating System An Operating System is a program

More information

Operating System Architecture. CS3026 Operating Systems Lecture 03

Operating System Architecture. CS3026 Operating Systems Lecture 03 Operating System Architecture CS3026 Operating Systems Lecture 03 The Role of an Operating System Service provider Provide a set of services to system users Resource allocator Exploit the hardware resources

More information

CSE 120 Principles of Operating Systems

CSE 120 Principles of Operating Systems CSE 120 Principles of Operating Systems Spring 2018 Lecture 15: Multicore Geoffrey M. Voelker Multicore Operating Systems We have generally discussed operating systems concepts independent of the number

More information

HIGH-PERFORMANCE NETWORKING :: USER-LEVEL NETWORKING :: REMOTE DIRECT MEMORY ACCESS

HIGH-PERFORMANCE NETWORKING :: USER-LEVEL NETWORKING :: REMOTE DIRECT MEMORY ACCESS HIGH-PERFORMANCE NETWORKING :: USER-LEVEL NETWORKING :: REMOTE DIRECT MEMORY ACCESS CS6410 Moontae Lee (Nov 20, 2014) Part 1 Overview 00 Background User-level Networking (U-Net) Remote Direct Memory Access

More information

Support for Smart NICs. Ian Pratt

Support for Smart NICs. Ian Pratt Support for Smart NICs Ian Pratt Outline Xen I/O Overview Why network I/O is harder than block Smart NIC taxonomy How Xen can exploit them Enhancing Network device channel NetChannel2 proposal I/O Architecture

More information

A Userspace Packet Switch for Virtual Machines

A Userspace Packet Switch for Virtual Machines SHRINKING THE HYPERVISOR ONE SUBSYSTEM AT A TIME A Userspace Packet Switch for Virtual Machines Julian Stecklina OS Group, TU Dresden jsteckli@os.inf.tu-dresden.de VEE 2014, Salt Lake City 1 Motivation

More information

Chapter 5 Input/Output. I/O Devices

Chapter 5 Input/Output. I/O Devices Chapter 5 Input/Output 5.1 Principles of I/O hardware 5.2 Principles of I/O software 5.3 I/O software layers 5.4 Disks 5.5 Clocks 5.6 Character-oriented terminals 5.7 Graphical user interfaces 5.8 Network

More information

Operating Systems. Introduction & Overview. Outline for today s lecture. Administrivia. ITS 225: Operating Systems. Lecture 1

Operating Systems. Introduction & Overview. Outline for today s lecture. Administrivia. ITS 225: Operating Systems. Lecture 1 ITS 225: Operating Systems Operating Systems Lecture 1 Introduction & Overview Jan 15, 2004 Dr. Matthew Dailey Information Technology Program Sirindhorn International Institute of Technology Thammasat

More information

Hardware Enforcement of Application Security Policies Using Tagged Memory

Hardware Enforcement of Application Security Policies Using Tagged Memory Hardware Enforcement of Application Security Policies Using Tagged Memory Nickolai Zeldovich, Hari Kannan, Michael Dalton, and Christos Kozyrakis MIT Stanford University ABSTRACT Computers are notoriously

More information
2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback