[cap-talk] SPAM-LOW: Language-based OS domain separation.

Jonathan S. Shapiro shap at eros-os.com
Tue Jun 12 10:06:11 EDT 2007


On Tue, 2007-06-12 at 09:33 -0400, Sandro Magi wrote:

> Indeed. LLVM has some interesting work in this area called the "Secure
> Virtual Architecture" (SVA). They perform a flow sensitive analysis of
> unmodified C and can ensure that pointers cause no errors. They can't
> eliminate the dangling pointers, but they can apparently make them
> harmless. The reported overhead is less than 30% IIRC.

Some of the existing sandboxing work is down closer to 3%, which is
comparable to the cost of hardware-based protection.




More information about the cap-talk mailing list