Limitations and Opportunities of Modern Hardware Isolation Mechanisms
Offered By: USENIX via YouTube
Course Description
Overview
Explore an in-depth analysis of modern hardware isolation mechanisms in this 20-minute conference talk from USENIX ATC '24. Delve into the advantages and limitations of recent CPU technologies like Intel memory protection keys (MPK), ARM pointer authentication (PAC), ARM memory tagging extensions (MTE), and ARM Morello capabilities. Examine their suitability for isolating subsystems with tight performance budgets. Discover why these nascent technologies, despite being a significant step forward, still lack critical design principles for low-overhead isolation enforcement, zero-copy data exchange, and secure access permission revocation. Gain insights into the future of hardware-supported isolation for various systems, including browser plugins, device drivers, kernel extensions, user-defined database and network functions, and serverless cloud platforms.
Syllabus
USENIX ATC '24 - Limitations and Opportunities of Modern Hardware Isolation Mechanisms
Taught by
USENIX
Related Courses
Armv8-M Architecture FundamentalsArm Education via Coursera Memory Management in OS - Contiguous Memory Allocation
CodeHelp - by Babbar via YouTube Shreds - Fine-Grained Execution Units with Private Memory
IEEE via YouTube CHERI - A Hybrid Capability-System Architecture for Scalable Software Compartmentalization
IEEE via YouTube XMP: Selective Memory Protection for Kernel and User Space
IEEE via YouTube