Adam Belay : 2013 Security Workshop


Monday, April 15, 2013
Location: Fisher Conference Center, Arrillaga Alumni Center

"Dune: Safe User-level Access to Privileged CPU Features"


Dune provides ordinary user programs with safe and efficient access to privileged CPU features that are traditionally only available to kernels. It does so by leveraging modern virtualization hardware, enabling direct execution of privileged instructions in an unprivileged context. Dune has been implemented for Linux, using Intel's VT-x virtualization architecture to expose access to exceptions, virtual memory, privilege modes, and segmentation. By making these hardware mechanisms available at user-level, Dune creates opportunities to improve application performance and security.


Adam Belay is a Ph.D. candidate in Computer Science at Stanford University and a member of Stanford's Secure Computer Systems research group. His research focuses on the intersection of computer architecture and operating systems. He is currently exploring the use of virtualization hardware extensions to improve application performance and security.