Dawson Engler, Frans Kaashoek, James O’Toole

Slides:



Advertisements
Similar presentations
Northwestern University 2007 Winter – EECS 443 Advanced Operating Systems Exokernel: An Operating System Architecture for Application-Level Resource Management.
Advertisements

CS533 Concepts of Operating Systems Class 14 Virtualization and Exokernels.
More on Processes Chapter 3. Process image _the physical representation of a process in the OS _an address space consisting of code, data and stack segments.
Extensibility, Safety and Performance in the SPIN Operating System Presented by Allen Kerr.
1.1 Advanced Operating Systems  -kernels The idea of  -kernel is minimizing the kernel. I.e. implementing outside the kernel whatever possible. The 
Exokernel: An Opertion System Architecture for Application-Level Resource Management SIGCOMM ’ 96, PDOS-MIT Presented by Ahn Seunghoon Dawson R. Engler,
CMPT 300: Operating Systems I Dr. Mohamed Hefeeda
Extensible Kernels: Exokernel and SPIN Presented by Hakim Weatherspoon (Based on slides from Edgar Velázquez-Armendáriz and Ken Birman)
Extensible Kernels Edgar Velázquez-Armendáriz September 24 th 2009.
G Robert Grimm New York University Extensibility: SPIN and exokernels.
Dawson R. Engler, M. Frans Kaashoek, and James O’Toole Jr.
G Robert Grimm New York University Disco.
CS533 Concepts of Operating Systems Class 16 Exokernel.
Dawson R. Engler, M. Frans Kaashoek, and James O'Tool Jr.
G Robert Grimm New York University Extensibility: SPIN and exokernels.
Disco Running Commodity Operating Systems on Scalable Multiprocessors.
OS Spring’03 Introduction Operating Systems Spring 2003.
1 Extensible Kernels Ken, with slides by Amar Phanishayee.
Microkernels: Mach and L4
Figure 1.1 Interaction between applications and the operating system.
1 Last Class: Introduction Operating system = interface between user & architecture Importance of OS OS history: Change is only constant User-level Applications.
Exokernel: An Operating System Architecture for Application-Level Resource Management Dawson R. Engler, M. Frans Kaashoek, and James O’Toole Jr. M.I.T.
Extensible Kernels Mingsheng Hong. OS Kernel Types Monolithic Kernels Microkernels – Flexible (?) – Module Design – Reliable – Secure Extensible Kernels.
CS533 Concepts of OS Class 16 ExoKernel by Constantia Tryman.
1 Extensible Kernels Amar Phanishayee. 2 Traditional OS services – Management and Protection Provides a set of abstractions Processes, Threads, Virtual.
1 OS & Computer Architecture Modern OS Functionality (brief review) Architecture Basics Hardware Support for OS Features.
Xen and the Art of Virtualization. Introduction  Challenges to build virtual machines Performance isolation  Scheduling priority  Memory demand  Network.
Basics of Operating Systems March 4, 2001 Adapted from Operating Systems Lecture Notes, Copyright 1997 Martin C. Rinard.
M. Frans Kaashoek, Dawson R. Engler, Gregory R. Ganger, Hector M. Bricefio, Russell Hunt, David Mazikres, Thomas Pinckney, Robert Grimm, John Jannotti.
Microkernels, virtualization, exokernels Tutorial 1 – CSC469.
Operating System Architectures
APPLICATION PERFORMANCE AND FLEXIBILITY ON EXOKERNEL SYSTEMS M. F. Kaashoek, D. R. Engler, G. R. Ganger H. M. Briceño, R. Hunt, D. Mazières, T. Pinckney,
Paper by Engler, Kaashoek, O’Toole Presentation by Charles Haiber.
CS533 Concepts of Operating Systems Jonathan Walpole.
1 Micro-kernel. 2 Key points Microkernel provides minimal abstractions –Address space, threads, IPC Abstractions –… are machine independent –But implementation.
Exokernel: An Operating System Architecture for Application-Level Resource Management" by Dawson R. Engler, M. Frans Kaashoek, and James O'Toole Jr. Chris.
Disco : Running commodity operating system on scalable multiprocessor Edouard et al. Presented by Vidhya Sivasankaran.
MIT’s Exokernel Presented by Victoria Barrow Kyle Safford Sean Sommers.
4-Dec-15CSE 60641: Operating Systems1 -Exokernel: an operating system architecture for application-level resource management. Dawson R. Engler, M. Frans.
Operating Systems Security
Processes and Virtual Memory
Overview of the MIT Exokernel Operating System James Madison University CS 450 Abzug MWF 10:10-11:00 12/2/02 Steven Petzinger Billy Lehner.
Full and Para Virtualization
Lecture 26 Virtual Machine Monitors. Virtual Machines Goal: run an guest OS over an host OS Who has done this? Why might it be useful? Examples: Vmware,
Advanced Operating Systems (CS 202) Extensible Operating Systems Jan, 11, 2016.
Operating Systems: Summary INF1060: Introduction to Operating Systems and Data Communication.
Advanced Operating Systems (CS 202) Extensible Operating Systems (II) Jan, 13, 2016.
Exokernel: An Operating System Architecture for Application-Level Resource Management By Dawson R. Engler, M. Frans Kaashoek, James O’Toole Jr. Presented.
CSCI/CMPE 4334 Operating Systems Review: Exam 1 1.
1 Chapter 2: Operating-System Structures Services Interface provided to users & programmers –System calls (programmer access) –User level access to system.
Exokernel Operating System: An Introduction Liming Shu COSC 513, Summer 2002.
Exokernel: An Operating System Architecture for Application-Level Resource Management by Dawson R. Engler, M. Frans Kaashoek, and James O'Toole Jr. Presented.
Introduction to Operating Systems Concepts
Introduction to Operating Systems
Extensible OSes Exokernel and SPIN (Lecture 9, cs262a)
Chapter 1: Introduction
Introduction to Operating Systems
Dawson R. Engler, M. Frans Kaashoek, and James O’Toole Jr [SOSP’97]
Modern Systems: Extensible KERNELS AND containers
Introduction to Operating Systems
Computer-System Architecture
Virtual Memory Overcoming main memory size limitation
CSE 451: Operating Systems Autumn 2003 Lecture 2 Architectural Support for Operating Systems Hank Levy 596 Allen Center 1.
EXOKERNEL Gabriel Beltran John Blackman David Martin Kurt Rohrbacher
CSE 451: Operating Systems Autumn 2001 Lecture 2 Architectural Support for Operating Systems Brian Bershad 310 Sieg Hall 1.
CSE 451: Operating Systems Winter 2003 Lecture 2 Architectural Support for Operating Systems Hank Levy 412 Sieg Hall 1.
Operating Systems Structure
Advanced Operating Systems (CS 202) Operating System Structure
In Today’s Class.. General Kernel Responsibilities Kernel Organization
Presentation transcript:

Dawson Engler, Frans Kaashoek, James O’Toole Exokernel: An Operating System Architecture for Application-Level Resource Management Dawson Engler, Frans Kaashoek, James O’Toole MIT Laboratory for Computer Science

Function of Traditional Kernel Provides abstraction(s) of the hardware Processes Virtual Memory File System Provides Protection Hardware Kernel Itself Users From Each Other

Motivation: A Database I/O Abstraction: Cooked I/O Operating System buffers I/O Database Requirement Cannot tell a Database user that transaction has committed until log pages have hit the surface of the disk Database may need to sequence writes Database better at predicting future I/O

The Ever Shrinking Kernel Linux Windows –VM,FS.. MicroKernels – Fewer Abstractions: rm FS Mach L4 Virtual Machines (VMM is between OS and hardware) -- Virtualization DISCO Xen ExoKernel -- Multiplexing Aegis XOK

Exokernel Architecture Environments Request Revoke

Securely Expose Hardware Disks, Physical Memory, TLB, Frame Buffer, Network Access Less Tangible Resources: CPU Time Slices Interrupts, Exceptions, Cross Domain Calls DMA Privileged Instructions Exokernel Exports (readonly): Freelists, cached TLB entries, disk arm positions

Exokernel Functions Resource Allocation (Inter-environment) Grant (or not) Resource Requests (Policy <- SysAd) Process Release (Dealloc) Requests Revoke Resources Visible Revocation (May get to chose which to free) Abort Note: Usually some resources exempt: page table mem Track Resource Ownership Guard all resource usage or binding points Environment  better word VM, DOMAIN revoke is an event vs. exception

Resource Allocation Allocation (almost always explicit) Deallocation Alloc system call Deallocation Dealloc System Call Visible Revocation E.g.: Loss of the CPU when time slices expires: Library OS must save required processor state Abort Protocol Break all existing secure bindings Library OS gets a Repossession Exception – includes a Repossession Vector Loss of CPU 5.1.1 delivered in a manner similar to exceptions

Secure Bindings Break up protection into bind and access Can be implemented in: Hardware TLB Frame Buffer Ownership Tag Software STLB Downloading Code into ExoKernel Dynamic Packet Filter

Examples Physical Page Network Access Bind: Get Exokernel to Load Mapping into TLB Page allocation Exokernel grants self-authenticating capability (R/W) LibOS stores capability in Page Table Passes Capability, Mapping on TLB write request Access: LibOS/Application code uses TLB Network Access Bind: Download DPF (Dynamic Packet Filter) Access: Exokernel Runs DPF on every incoming pkt Sends packets to correct Environment

strcpy(m, “The Ever Shrinking Kernel”); m = malloc (3000); . . . emacs strcpy(m, “The Ever Shrinking Kernel”); Virtual Physical CAP Library OS 17 2 R only freelist Req Alloc 2 2 2 5 STLB v RW ExoKernel freelist Check 2 5 Miss TLB Hardware MIPs 1 2 3 4 5

Downloading Code Advantages: Specification Avoid Kernel Crossing Executed when environment is not scheduled Allowed because execution time is bounded Specification High Level Language Individual DPF code can be merged Safety by Language C Application Specific Handlers Dynamic Message Vectoring Message Initiation Protection: SFI (Sandboxing), Infinite Loop??

TLB Miss in Aegis Aegis checks if mapping is in STLB. If so, load into TLB. If the virtual address is one of the pinned pages, Aegis loads the mapping into the TLB. Environment checks its page tables for segmentation fault. If not, use page tables to get physical page and associated capability. Aegis checks the capability. If valid, loads mapping into TLB. Control returned to the environment.

Protected Control Transfer Two Properties  Use Registers to Pass Msg Operation is Atomic No overwrite of environment-visible registers Acall Donate remainder of Current Timeslice Scall Donate all timeslices

Micro benchmarks

IPC Performance ExOS vs. Ultrix

Performance Summary Microbenchmarks: 10X Cheetah web server (XOK) 8X

Persistent Storage Disk Block Shadowing Disk Block tag Low level metadata language Untrusted Deterministic Function

Persistent storage emacs ExOS Library OS ExOS Library OS XOK Disk PhD Thesis emacs ExOS Library OS ExOS Library OS XOK crash Disk

Conclusions Microbenchmarks and #Kernel Crossings not critical Power (E.g. downloaded code) is critical factor Top Down vs. Bottom Up Encourages Innovation Writing an OS is like writing a compiler Operating System is Untrusted Untrusted Code Evolves Faster than Trusted Processor for ultrix is MIPS?????

… and Caveats Hardware Specific: MIPs vs. 486 Persistent Storage is Complex MultiCPU and scaleability?? Are all of the DISCO tricks available here?? Processor for ultrix is MIPS?????

Additional References Application Performance and Flexibility on Exokernel Systems, Frans Kaashoek, Dawson Engler, Gregory Ganger et al Pdos.csail.mit.edu/exo/exo-slides/sld001.htm

Overriding Abstractions OS Extensions How to override generic abstractions implemented in protected kernel, with better application specific abstractions in user space Even if possible, won’t be efficient OS extensions: sandboxing SFI also mach and L4? Kernel download code interpret high lvl compile, sfi, modula3

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.