Rust is a popular memory-safe systems programming language. In order to interact with hardware or call into non-Rust libraries, Rust provides \emph{unsafe} language features that shift responsibility for ensuring memory safety to the developer. Failing to do so, may lead to memory safety violations in unsafe code which can violate safety of the entire application. In this work we explore in-process isolation with Memory Protection Keys as a mechanism to shield safe program sections from safety violations that may happen in unsafe sections. Our approach is easy to use and comprehensive as it prevents heap and stack-based violations. We further compare process-based and in-process isolation mechanisms and the necessary requirements for data serialization, communication, and context switching. Our results show that in-process isolation can be effective and efficient, permits for a high degree of automation, and also enables a notion of application rewinding where the safe program section may detect and safely handle violations in unsafe code.

翻译：Rust是一种流行的内存安全系统编程语言。为与硬件交互或调用非Rust库，Rust提供了\emph{不安全}语言特性，将确保内存安全的责任转移给开发者。若未能履行此责，不安全代码中可能发生内存安全违规，进而危及整个应用的安全性。本研究探索利用内存保护键（Memory Protection Keys）实现进程内隔离，以此保护安全程序段免受不安全段中潜在安全违规的影响。该方法易用且全面，可防止基于堆栈与堆内存的违规行为。我们进一步比较了基于进程与进程内的隔离机制，以及数据序列化、通信和上下文切换的必要条件。实验结果表明，进程内隔离既高效又有效，允许高度自动化，并能实现应用回滚机制——即安全程序段可检测并妥善处理不安全代码中的违规行为。