Att-SFI: Attestable Software Sandboxing with Control Flow Integrity
摘要
Software Fault Isolation (SFI) is an effective sandboxing technique that prevents potentially vulnerable code from impacting the rest of the system. SFI requires an effective Control Flow Integrity (CFI) mechanism to ensure the proper enforcement of isolation. However, existing SFI schemes often use coarse-grained CFI or assume sufficient CFI protection, lacking effective implementation and thorough evaluation of CFI. SFIs relying on hardware-assisted CFI are also constrained by platform-specific limitations. We propose an architecture-neutral SFI with fine-grained CFI, achieving run-time security for sandboxed programs at a 21.9% performance overhead, suitable for high-security scenarios such as confidential computing in IoT and cloud environments. Our approach enhances the isolation of confidential workloads while enabling attestable run-time security guarantees.