DeepAI AI Chat
Log In Sign Up

Domain Page-Table Isolation

by   Claudio Canella, et al.

Modern applications often consist of different security domains that require isolation from each other. While several solutions exist, most of them rely on specialized hardware, hardware extensions, or require less-efficient software instrumentation of the application. In this paper, we propose Domain Page-Table Isolation (DPTI), a novel mechanism for hardware-enforced security domains that can be readily used on commodity off-the-shelf CPUs. DPTI uses two novel techniques for dynamic, time-limited changes to the memory isolation at security-critical points, called memory freezing and stashing. We demonstrate the versatility and efficacy of DPTI in two scenarios: First, DPTI freezes or stashes memory to support faster and more fine-grained syscall filtering than state-of-the-art seccomp-bpf. With the provided memory safety guarantees, DPTI can even securely support deep argument filtering, such as string comparisons. Second, DPTI freezes or stashes memory to efficiently confine potentially untrusted SGX enclaves, outperforming existing solutions by 14.6 same security guarantees. Our results show that DPTI is a viable mechanism to isolate domains within applications using only existing mechanisms available on modern CPUs, without relying on special hardware instructions or extensions


Shining Light On Shadow Stacks

Control-Flow Hijacking attacks are the dominant attack vector to comprom...

The Heisenberg Defense: Proactively Defending SGX Enclaves against Page-Table-Based Side-Channel Attacks

Protected-module architectures (PMAs) have been proposed to provide stro...

FlexOS: Towards Flexible OS Isolation

At design time, modern operating systems are locked in a specific safety...

Garmr: Defending the gates of PKU-based sandboxing

Memory Protection Keys for Userspace (PKU) is a recent hardware feature ...

Practical Fine-grained Privilege Separation in Multithreaded Applications

An inherent security limitation with the classic multithreaded programmi...

SLO beyond the Hardware Isolation Limits

Performance isolation is a keystone for SLO guarantees with shared resou...

Dynamic Process Isolation

In the quest for efficiency and performance, edge-computing providers el...