a kernel in a library genode s custom kernel approach
play

A kernel in a library Genodes custom kernel approach Martin Stein - PowerPoint PPT Presentation

A kernel in a library Genodes custom kernel approach Martin Stein < martin.stein@genode-labs.com > Outline 1. Motivation 2. Overview 3. Scheduling 4. Capabilities 5. Communication A kernel in a library Genodes custom kernel


  1. A kernel in a library Genode’s custom kernel approach Martin Stein < martin.stein@genode-labs.com >

  2. Outline 1. Motivation 2. Overview 3. Scheduling 4. Capabilities 5. Communication A kernel in a library Genode’s custom kernel approach 2

  3. Outline 1. Motivation 2. Overview 3. Scheduling 4. Capabilities 5. Communication A kernel in a library Genode’s custom kernel approach 3

  4. Genode on third-party Kernels The impetus of diversity NOVA, Fiasco.OC, OKL4, L4ka::Pistachio, L4/Fiasco, Linux SeL4 A kernel in a library Genode’s custom kernel approach 4

  5. Genode on third-party Kernels The impetus of diversity NOVA, Fiasco.OC, OKL4, L4ka::Pistachio, L4/Fiasco, Linux SeL4 Flexibility in development and application A kernel in a library Genode’s custom kernel approach 4

  6. Genode on third-party Kernels The impetus of diversity NOVA, Fiasco.OC, OKL4, L4ka::Pistachio, L4/Fiasco, Linux SeL4 Flexibility in development and application Versatility in testing A kernel in a library Genode’s custom kernel approach 4

  7. Genode on third-party Kernels Kernel perspective Aim for comprehensive security concept A kernel in a library Genode’s custom kernel approach 5

  8. Genode on third-party Kernels Kernel perspective Aim for comprehensive security concept Self-contained unit that mistrusts all users A kernel in a library Genode’s custom kernel approach 5

  9. Genode on third-party Kernels Kernel perspective Aim for comprehensive security concept Self-contained unit that mistrusts all users Perspective of Genode’s Core Bring Kernel concept in line with Genode API A kernel in a library Genode’s custom kernel approach 5

  10. Genode on third-party Kernels Kernel perspective Aim for comprehensive security concept Self-contained unit that mistrusts all users Perspective of Genode’s Core Bring Kernel concept in line with Genode API Must be trusted anyway A kernel in a library Genode’s custom kernel approach 5

  11. Genode on third-party Kernels Drawbacks Concepts get bend in shape (Signals) A kernel in a library Genode’s custom kernel approach 6

  12. Genode on third-party Kernels Drawbacks Concepts get bend in shape (Signals) Work is done redundantly (memory management) A kernel in a library Genode’s custom kernel approach 6

  13. Genode on third-party Kernels Drawbacks Concepts get bend in shape (Signals) Work is done redundantly (memory management) Deficiencies get worked around (Capability delegation) A kernel in a library Genode’s custom kernel approach 6

  14. Creating a custom solution Idea Kernel that trusts Core and is designed for Core’s needs A kernel in a library Genode’s custom kernel approach 7

  15. Creating a custom solution Idea Kernel that trusts Core and is designed for Core’s needs Minimalistic library that enables Core to run as root domain A kernel in a library Genode’s custom kernel approach 7

  16. Creating a custom solution Idea Kernel that trusts Core and is designed for Core’s needs Minimalistic library that enables Core to run as root domain Run most critical code in the simplest manner A kernel in a library Genode’s custom kernel approach 7

  17. Outline 1. Motivation 2. Overview 3. Scheduling 4. Capabilities 5. Communication A kernel in a library Genode’s custom kernel approach 8

  18. Kernel tasks Exception vectors A kernel in a library Genode’s custom kernel approach 9

  19. Kernel tasks Exception vectors Scheduling A kernel in a library Genode’s custom kernel approach 9

  20. Kernel tasks Exception vectors Scheduling Controls interrupts A kernel in a library Genode’s custom kernel approach 9

  21. Kernel tasks Exception vectors Scheduling Controls interrupts Communication: IPC and Signals A kernel in a library Genode’s custom kernel approach 9

  22. Kernel tasks Exception vectors Scheduling Controls interrupts Communication: IPC and Signals Capabilities A kernel in a library Genode’s custom kernel approach 9

  23. Kernel tasks Exception vectors Scheduling Controls interrupts Communication: IPC and Signals Capabilities Cache and TLB maintenance A kernel in a library Genode’s custom kernel approach 9

  24. Kernel tasks Exception vectors Scheduling Controls interrupts Communication: IPC and Signals Capabilities Cache and TLB maintenance Virtualization A kernel in a library Genode’s custom kernel approach 9

  25. Kernel interface Threads, VMs PDs, Capabilities Communication, IRQs thread new/del obj new/del signal receiver new/del thread start pd new/del signal context new/del thread pause pd update irq new/del thread resume irq ack Core-only thread route event thread quota vm new/del vm run vm pause thread pause current update data region signal context kill thread resume local update instr region signal submit thread yield cap ack signal await Common cap delete signal ack msg send request msg send reply msg await request A kernel in a library Genode’s custom kernel approach 10

  26. Qualities All dynamic memory gets accounted → No exhaustion A kernel in a library Genode’s custom kernel approach 11

  27. Qualities All dynamic memory gets accounted → No exhaustion Modeled as state machine → Low complexity → Fast kernel passes A kernel in a library Genode’s custom kernel approach 11

  28. Trusted Computing Base A kernel in a library Genode’s custom kernel approach 12

  29. Trusted Computing Base A kernel in a library Genode’s custom kernel approach 13

  30. Hardware support ARMv7 ◮ Panda Board, i.MX53 QSB, USB Armory, Wand Board, Arndale, Odroid XU, Zynq, PBXA9 ◮ SMP, Virtualization, Trustzone, ... A kernel in a library Genode’s custom kernel approach 14

  31. Hardware support ARMv7 ◮ Panda Board, i.MX53 QSB, USB Armory, Wand Board, Arndale, Odroid XU, Zynq, PBXA9 ◮ SMP, Virtualization, Trustzone, ... x86 64 Bit, Raspberry Pi (ARMv6), RISC-V, Muen Separation Kernel A kernel in a library Genode’s custom kernel approach 14

  32. Outline 1. Motivation 2. Overview 3. Scheduling 4. Capabilities 5. Communication A kernel in a library Genode’s custom kernel approach 15

  33. Scheduling Absolute priorities A kernel in a library Genode’s custom kernel approach 16

  34. Scheduling Quota-bound priorities A kernel in a library Genode’s custom kernel approach 17

  35. Scheduling Quota-bound priorities A kernel in a library Genode’s custom kernel approach 18

  36. Scheduling Donation of CPU resources from parents to their children A kernel in a library Genode’s custom kernel approach 19

  37. Outline 1. Motivation 2. Overview 3. Scheduling 4. Capabilities 5. Communication A kernel in a library Genode’s custom kernel approach 20

  38. Capabilities Automatic creation or translation on IPC delegation A kernel in a library Genode’s custom kernel approach 21

  39. Capabilities Automatic creation or translation on IPC delegation No name diversity in a PD A kernel in a library Genode’s custom kernel approach 21

  40. Capabilities Automatic creation or translation on IPC delegation No name diversity in a PD Costs get accounted via PD session quota A kernel in a library Genode’s custom kernel approach 21

  41. Capabilities Collaborative lifetime management for Capabilities A kernel in a library Genode’s custom kernel approach 22

  42. Outline 1. Motivation 2. Overview 3. Scheduling 4. Capabilities 5. Communication A kernel in a library Genode’s custom kernel approach 23

  43. Communication IPC implicitely delegates CPU resources A kernel in a library Genode’s custom kernel approach 24

  44. Communication Collaborative lifetime management for Signals A kernel in a library Genode’s custom kernel approach 25

  45. Thank you! Genode OS Framework http://genode.org Genode Labs GmbH http://genode-labs.com Source code at GitHub http://github.com/genodelabs/genode A kernel in a library Genode’s custom kernel approach 26

Recommend


More recommend