2014 ACM/IEEE 41st International Symposium on Computer Architecture (ISCA) 2014
DOI: 10.1109/isca.2014.6853202
|View full text |Cite
|
Sign up to set email alerts
|

CODOMs: Protecting software with Code-centric memory Domains

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
3
1
1

Citation Types

0
36
0

Year Published

2015
2015
2024
2024

Publication Types

Select...
4
4

Relationship

1
7

Authors

Journals

citations
Cited by 24 publications
(36 citation statements)
references
References 16 publications
0
36
0
Order By: Relevance
“…Hardware-supported capability systems like CAP [47], StarOS [32], and IBM System/38 [24] extend the ISA with special instructions and registers allowing hardware to enforce protection for even small objects without mediation of a trusted entity. Other systems proposing hardware capabilities include the M-Machine [12] (adopting a capability system without compatibility requirements), CHERI [62] (retaining compatibility with capability-unaware code), and CODOMs [58] (focusing on hardware support for isolation between components).…”
Section: Capability Systemsmentioning
confidence: 99%
See 1 more Smart Citation
“…Hardware-supported capability systems like CAP [47], StarOS [32], and IBM System/38 [24] extend the ISA with special instructions and registers allowing hardware to enforce protection for even small objects without mediation of a trusted entity. Other systems proposing hardware capabilities include the M-Machine [12] (adopting a capability system without compatibility requirements), CHERI [62] (retaining compatibility with capability-unaware code), and CODOMs [58] (focusing on hardware support for isolation between components).…”
Section: Capability Systemsmentioning
confidence: 99%
“…Although capabilities were proven to be a useful concept, many previously proposed hardware implementations were based on the use of Instruction-Set Architecture (ISA) extensions. Unfortunately, extending the ISA of a processor is not an easy task, and the long delay between introducing the concept and the implementation of new ISA features hampers the adoption of schemes that rely on ISA support, such as CHERI [13,62] or CODOMS [58]. It can easily take more than 5 years from conception to market introduction, delaying the impact and reducing the commercial interest.…”
Section: Introductionmentioning
confidence: 99%
“…In some sense, CrossOver can be viewed as a hardware extension providing a new capability of cross-world call which supports up-level software to implement authorization and provide various services across worlds without the intervention of other privileged software to improve performance. CODOMs [39] provides efficient protection among multiple software components that share the same address space in a capability manner, while CrossOver allows secure, efficient and flexible cross-world calls across multiple layers not only within the same address space, but also across multiple address spaces.…”
Section: Related Workmentioning
confidence: 99%
“…This paper presents direct IPC (dIPC), an OS extension that leverages the recent CODOMs architecture [61] to marry the isolation of processes with the performance of synchronous function calls. dIPC enables threads in one process to call a function on another process, delivering the same performance as if the two were a single composite application, but without compromising their isolation.…”
Section: Introductionmentioning
confidence: 99%
“…dIPC builds on top of the CODOMs architecture [61], which was designed to isolate software components inside a single process while enabling inter-component function calls at negligible overheads. dIPC repurposes CODOMs to isolate multiple processes on a shared page table to achieve low-overhead and secure inter-process function calls.…”
Section: Introductionmentioning
confidence: 99%