RockSalt: better, faster, stronger SFI for the x86
PLDI, pp. 395-404, 2012.
stronger sficomplicated architecturesoftware-based fault isolationdeclarative descriptionoriginal analysisMore(12+)
Software-based fault isolation (SFI), as used in Google's Native Client (NaCl), relies upon a conceptually simple machine-code analysis to enforce a security policy. But for complicated architectures such as the x86, it is all too easy to get the details of the analysis wrong. We have built a new checker that is smaller, faster, and has a...More