Virtual memory is an essential mechanism for enforcing security boundaries, but its relaxed-memory concurrency semantics has not previously been investigated in detail. The concurrent systems code managing virtual memory has been left on an entirely informal basis, and OS and hypervisor verification has had to make major simplifying assumptions. We explore the design space for relaxed virtual memory semantics in the Armv8-A architecture, to support future system-software verification. We identify many design questions, in discussion with Arm; develop a test suite, including use cases from the pKVM production hypervisor under development by Google; delimit the design space with axiomatic-style concurrency models; prove that under simple sta...
Hypervisors are a popular mechanism for implementing software virtualization. Since hypervisors exec...
Virtual memory is a classic computer science abstraction and is ubiquitous in all scales of computin...
International audienceComputing relies on architecture specifications to decouple hardware and softw...
Copyright is held by the owner/author(s). In this paper we develop semantics for key aspects of the ...
The isolation of security critical components from an untrusted OS allows to both protect applicatio...
The isolation of security critical components from an untrusted OS allows to both protect applicatio...
We present an analysis of the virtualizability of the ARMv7-A architecture carried out in the contex...
ARM has a relaxed memory model, previously specified in informal prose for ARMv7 and AR...
ARM has a relaxed memory model, previously specified in informal prose for ARMv7 and ARMv8. Over tim...
AbstractComputing relies on architecture specifications to decouple hardware and software developmen...
This work was partly funded by the EPSRC Programme Grant REMS: Rigorous Engineering for Mainstream S...
This paper presents the first results from the ongoing research project HASPOC, developing a high as...
In order to host a general purpose operating system, hypervisors need to virtualize the CPU memory s...
ARM has a relaxed memory model, previously specified in informal prose for ARMv7 and ARMv8. Over tim...
International audienceIn this paper we develop semantics for key aspects of the ARMv8 multiprocessor...
Hypervisors are a popular mechanism for implementing software virtualization. Since hypervisors exec...
Virtual memory is a classic computer science abstraction and is ubiquitous in all scales of computin...
International audienceComputing relies on architecture specifications to decouple hardware and softw...
Copyright is held by the owner/author(s). In this paper we develop semantics for key aspects of the ...
The isolation of security critical components from an untrusted OS allows to both protect applicatio...
The isolation of security critical components from an untrusted OS allows to both protect applicatio...
We present an analysis of the virtualizability of the ARMv7-A architecture carried out in the contex...
ARM has a relaxed memory model, previously specified in informal prose for ARMv7 and AR...
ARM has a relaxed memory model, previously specified in informal prose for ARMv7 and ARMv8. Over tim...
AbstractComputing relies on architecture specifications to decouple hardware and software developmen...
This work was partly funded by the EPSRC Programme Grant REMS: Rigorous Engineering for Mainstream S...
This paper presents the first results from the ongoing research project HASPOC, developing a high as...
In order to host a general purpose operating system, hypervisors need to virtualize the CPU memory s...
ARM has a relaxed memory model, previously specified in informal prose for ARMv7 and ARMv8. Over tim...
International audienceIn this paper we develop semantics for key aspects of the ARMv8 multiprocessor...
Hypervisors are a popular mechanism for implementing software virtualization. Since hypervisors exec...
Virtual memory is a classic computer science abstraction and is ubiquitous in all scales of computin...
International audienceComputing relies on architecture specifications to decouple hardware and softw...