[HN Gopher] Vx32: Portable, efficient, safe user-space execution... ___________________________________________________________________ Vx32: Portable, efficient, safe user-space execution of untrusted x86 code (2008) Author : nateb2022 Score : 41 points Date : 2023-07-18 18:59 UTC (4 hours ago) (HTM) web link (pdos.csail.mit.edu) (TXT) w3m dump (pdos.csail.mit.edu) | karmakaze wrote: | Ah. I can see how this might be useful for supporting a large | library of plugins for various applications and industries. | | > Vx32 is similar in purpose to the Java or .NET virtual | machines, but it runs native x86 code, so plug-ins can be written | in ANY language, not just Java or C#. | jgrahamc wrote: | Paging majke who used this a lot at Cloudflare at one point. | pizlonator wrote: | The link to the paper in that page doesn't work but I found it | here: https://pdos.csail.mit.edu/papers/vx32:usenix08.pdf | | Very cool technique, but I'm not enough of a DBT expert to judge | how significant it is compared to the many many DBTs that folks | have built before and since. | Karliss wrote: | I guess at this point same process native code sandboxing | approaches like Vx32 and NaCl are more or less dead due to the | various speculative execution attacks that came up in the recent | few years. | yjftsjthsd-h wrote: | Super cool project; I think it's kind of sad that it didn't get | picked up and become more popular. The Plan 9 port is | particularly impressive, in my opinion:) (It would be interesting | to compare that to User Mode Linux, come to think of it) | [deleted] | littlestymaar wrote: | (2008) | nneonneo wrote: | Also see Unicorn (https://www.unicorn-engine.org/), a QEMU-based | emulator-as-a-library that handles a wide range of processors | (ARM, AArch64, x86, x64, PowerPC, MIPS, SPARC, ...) and comes | with bindings for many popular languages (C, Python, Rust, Java, | ...). | | Unicorn is used quite widely for reverse engineering and malware | analysis; the Qiling project (https://qiling.io/) extends it to | OS-level emulation. | muricula wrote: | Was this the predecessor to Google Native Client? | https://en.wikipedia.org/wiki/Google_Native_Client | Karliss wrote: | There are some similarities to the 32 bit x86 NaCL and one of | the early NaCl paper mentions this. | https://storage.googleapis.com/pub-tools-public-publication-... | | They both use x86 memory segment functionality for limiting | memory access, but seems like there are also plenty of things | they do differently. And the x86_64 and ARM versions of NaCl | are even more different, they can't use the segment registers | so they use masking instead. | redog wrote: | Doesn't look like it: | https://www.chromium.org/nativeclient/reference/external-res... ___________________________________________________________________ (page generated 2023-07-18 23:00 UTC)