Dune provides ordinary user programs with safe and efficient access to privileged CPU features that are traditionally only available to kernels. It does so by leveraging modern virtualization hardware, enabling direct execution of privileged instructions in an unprivileged context. We have implemented Dune for Linux, using Intel's VT-x virtualization architecture to expose access to exceptions, virtual memory, privilege modes, and segmentation. By making these hardware mechanisms available at user-level, Dune creates opportunities to deploy novel systems without specialized kernel modifications.



Dune can be downloaded using git and the following command:
git clone https://github.com/project-dune/dune.git
For instructions on how to compile and install Dune please see the README file included in the top-level directory of the source tree.


Stanford Secure Computer Systems group