Robert Wahbe,
Steven Lucco, Thomas Anderson, and Susan Graham.
Efficient Software-Based Fault Isolation. Proc.
Fourteenth ACM Symposium on Operating Systems Principles (SOSP), December
1993, pages 203 - 216.
Abstract:
One way to provide fault isolation among cooperating
software modules is to place each in its own address space. However, for
tightly-coupled modules, this solution incurs prohibitive context switch
overhead. In this paper, we present a software approach to implementing fault
isolation within a single address space. Our approach has two parts.
First, we load the code and data for a distrusted module into its own fault
do main, a logically separate portion of the application's address space.
Second, we modify the object code of a distrusted module to prevent it from
writing or jumping to an address outside its fault domain. Both these software
operations are portable and programming language independent. Our approach
poses a tradeoff relative to hardware fault isolation: substantially faster
communication between fault domains, at a cost of slightly increased execution
time for distrusted modules. We demonstrate that for frequently communicating
modules, implementing fault isolation in software rather than hardware can
substantially improve end-to-end application performance.