随着计算机和互联网的快速发展，大量的计算机应用程序和网络应用程序层出不穷，其中不乏恶意应用。早期的恶意应用以破坏用户的计算机系统为目的，但随着互联网经济崛起，恶意应用开始以窃取用户隐私数据、伪装用户进行交易、利用用户计算机作为攻击跳板和破坏数据从而勒索钱财等为目的。恶意应用利用各种漏洞进行攻击，这些漏洞存在于应用软件、系统软件甚至硬件中，数量众多，形式各异且不断涌现，封堵漏洞的解决方式并不现实。应用隔离技术提供了一种可行的保护，它通过在安全的隔离执行环境中运行包含敏感数据的应用，从而降低恶意应用可能的攻击面以保护系统和数据的安全。隔离的技术栈纵贯硬件和软件层面。在应用程序级别，SELinux 和 AppArmor 等强制访问控制系统实现了资源隔离，这些系统为应用程序分配定义的角色，使其仅能访问具有特定标签的资源。在 Linux 内核中，SECCOMP 通过约束应用程序可使用的系统调用来实现沙箱隔离，许多容器基础设施则利用内核中的控制组和命名空间来提供进程组之间的资源隔离。现代的硬件实现也提供了安全隔离机制，例如，Intel? SGX 和 Arm? TrustZone 在硬件级别提供可信计算基础并在其上构建可信软件运行环境，确保数据和代码的安全性。此外，IOMMU/SMMU 等技术通过限制 I/O 设备对内存的访问来增强内存安全性，而 Intel? VT 和 AMD-V 等硬件虚拟化解决方案则促生了一些基于虚拟化的安全隔离技术。本文提出了一个全栈安全隔离方案 Xen-Se，基于 RISC-V Hypervisoer 扩展提供的硬件虚拟化、利用 PMP 提供的强制内存访问控制和 IOMMU 保证的 I/O 内存隔离，提供了一个综合软件上下文隔离和硬件隔离机制的整体方案。我们修改了Xen 虚拟机管理器使其能够兼容 RISC-V 指令集，并能够创建由硬件隔离的安全虚拟机，在安全虚拟机中运行的工作负责拥有与普通环境隔离的独立特权级和硬件资源以保证其不受其他虚拟机的影响。为了简化应用程序移植并减少性能损失，我们使用 UniKernel Library OS 作为完整操作系统的替换选项来实现虚拟化环境中的系统调用。实验表明，我们提出的方案在可接受的性能损失下提供了较好的安全防护能力。

With the rapid development of computers and the Internet, a large number of computer applications and web applications have emerged, including many malicious applications. Initially focused on disrupting users‘ computer systems, the objectives of these malicious applications have evolved in tandem with the ascent of the Internet economy, now encompassing the theft of users‘ sensitive data, fraudulent transactions through user impersonation, utilization of users‘ computers as launchpads for attacks, and data manipulation for extortion purposes. Exploiting a spectrum of emerging vulnerabilities spanning both software and hardware domains, the effective mitigation of these threats presents a formidable challenge. In response to this escalating threat landscape, application isolation technology emerges as a viable defense mechanism. By segregating high-security applications housing sensitive data from their untrustworthy counterparts, this approach mitigates the potential attack surface of malicious applications, thereby safeguarding system integrity and data confidentiality.Technology stacks of isolation encompass both hardware and software components. At the application layer, isolation is achievable through Mandatory Access Control (MAC) systems like SELinux and AppArmor, which allocate defined roles to applications and confine access to authorized resources. In the Linux kernel, SECCOMP achieves isolation by constraining the system calls accessible to applications, laying the groundwork for sandboxing. Container infrastructures leverage kernel features such as cgroup(control group) and namespace to provide resource isolation among groups of processes. Many modern hardware implementations also provide secure isolation features. Intel? SGX and Arm? TrustZone, for instance, furnishes a Trusted Computing Base (TCB) at the hardware layer and provides a confidential software running environment, ensuring the confidentiality of both data and code. Additionally, technologies such as IOMMU/SMMU fortify high-security memory spaces by controlling I/O devices‘ access to memory, while hardware virtualization solutions such as Intel? VT-x and AMD-V facilitate virtualization-based security isolation techniques.In this thesis, we introduce Xen-Se, a full-stack secure isolation leveraging hardware virtualization through the RISC-V Hypervisor extension, mandatory memory access control via Physical Memory Protection (PMP), and I/O memory access isolation assured by IOMMU. Xen-Se provides a unified approach that encompasses both permission management at the application software layer and isolation implementation at the hardware layer. We modified the Xen hypervisor to be compatible with the RISC-V ISA and able to create secure VMs with hardware isolation. Workloads running in secure VMs have independent privilege levels and hardware resources isolated from normal environments with minimal performance overhead. To ease application porting and reduce performance loss, we utilized UniKernel library OS as an alternative to a monolithic kernel to handle system calls within VMs. The evaluation shows that our system achieved the expected isolation with acceptable performance overhead.