Isolation Without Taxation: Near Zero Cost Transitions for SFI

04/30/2021
by   Matthew Kolosick, et al.
0

Almost all SFI systems use heavyweight transitions that incur significant performance overhead from saving and restoring registers when context switching between application and sandbox code. We identify a set of zero-cost conditions that characterize when sandboxed code is well-structured enough so that security can be guaranteed via lightweight zero-cost transitions. We show that using WebAssembly (Wasm) as an intermediate representation for low-level code naturally results in a SFI transition system with zero-cost transitions, and modify the Lucet Wasm compiler and its runtime to use zero-cost transitions. Our modifications speed up font and image rendering in Firefox by up to 29.7 and 10 SegmentZero32, that uses x86 segmentation and LLVM with mostly off-the-shelf passes to enforce our zero-cost conditions. While this enforcement incurs some runtime cost within the sandboxed code, we find that, on Firefox image and font rendering benchmarks, the time saved per transition allows SegmentZero32 to outperform even an idealized hardware isolation system where memory isolation incurs zero performance overhead but the use of heavyweight transitions is required.

READ FULL TEXT
POST COMMENT

Comments

There are no comments yet.

Authors

page 1

page 2

page 3

page 4

11/30/2017

An Instrumenting Compiler for Enforcing Confidentiality in Low-Level Code

We present an instrumenting compiler for enforcing data confidentiality ...
11/15/2020

Aquanims – Area-Preserving Animated Transitions based on a Hydraulic Metaphor

We propose "Aquanims" as new design metaphors for animated transitions t...
12/14/2021

Speeding up enclave transitions for IO-intensive applications

Process-based confidential computing enclaves such as Intel SGX can be u...
01/14/2018

Shai: Enforcing Data-Specific Policies with Near-Zero Runtime Overhead

Data retrieval systems such as online search engines and online social n...
03/15/2021

PACEMAKER: Avoiding HeART attacks in storage clusters with disk-adaptive redundancy

Data redundancy provides resilience in large-scale storage clusters, but...
08/13/2018

Fast Video Shot Transition Localization with Deep Structured Models

Detection of video shot transition is a crucial pre-processing step in v...
02/14/2015

Gray-Level Image Transitions Driven by Tsallis Entropic Index

The maximum entropy principle is largely used in thresholding and segmen...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.