Architectures, Architectures, Microkernels, IPC, Microkernels, - PowerPoint PPT Presentation

Architectures, Architectures, Microkernels, IPC, Microkernels, IPC, Capabilities Capabilities http://d3s.mff.cuni.cz/aosy http://d3s.mff.cuni.cz Jakub Jermář jakub.jermar@kernkonzept.com

Agenda Agenda Kernel architectures Microkernels IPC Capabilitjes Jakub Jermář , Advanced Operatjng Systems, February 28 th 2019 Architectures 2

Recall: Common OS Taxonomy Recall: Common OS Taxonomy Special-purpose operatjng systems Real-tjme operatjng systems Hypervisors (type 1) ... General-purpose operatjng systems Monolithic kernel Single-server microkernel Multjserver microkernel Hybrid kernel (?) Jakub Jermář , Advanced Operatjng Systems, February 28 th 2019 Architectures 3

Monolithic Kernel Monolithic Kernel applicatjon applicatjon applicatjon unprivileged mode privileged mode monolithic kernel memory device fjle system user network scheduler IPC ... mgmt drivers drivers mgmt stack hardware Jakub Jermář , Advanced Operatjng Systems, February 28 th 2019 Architectures 4

Some Obvious Issues Some Obvious Issues Security Applicatjons trust all kernel components Kernel components trust all other kernel components Reliability Kernel components are a single point of failure Availability Kernel components cannot be updated independently Justjfjability Who says fjle systems, networking, device drivers, etc. belong to the kernel? Jakub Jermář , Advanced Operatjng Systems, February 28 th 2019 Architectures 5

Some Obvious Issues (2) Some Obvious Issues (2) Extensibility How to extend the system without modifying the kernel Too many communicatjon mechanisms Unix: pipes, fjles, shared memory, sockets, signals, System V IPC, System V shared memory, System V semaphores… Kernel has many built-in policies Sofuware design principles Interfaces between kernel components are usually implicit, not well-defjned Jakub Jermář , Advanced Operatjng Systems, February 28 th 2019 Architectures 6

Single-server Microkernel Single-server Microkernel applicatjon applicatjon applicatjon system server device fjle system user network ... drivers drivers mgmt stack unprivileged mode privileged mode memory microkernel scheduler IPC mgmt hardware Jakub Jermář , Advanced Operatjng Systems, February 28 th 2019 Architectures 7

Multjserver Microkernel Multjserver Microkernel applicatjon applicatjon applicatjon network security device fjle system stack server multjplexer multjplexer naming locatjon device driver device driver device driver fjle system fjle system fjle system ... server server server server server driver server driver server driver server unprivileged mode privileged mode memory microkernel scheduler IPC mgmt hardware Jakub Jermář , Advanced Operatjng Systems, February 28 th 2019 Architectures 8

Examples Examples Monolithic kernel Linux, Solaris (UTS), Windows, FreeBSD, NetBSD, OpenBSD, OpenVMS, MS-DOS, RISC OS Microkernel (the microkernel on its own) CMU Mach, GNU Mach, L4::Pistachio, Fiasco.OC, seL4 Single-server microkernel CMU Mach (with 4.3BSD server), MkLinux, L4Linux Multjserver microkernel L4Re, HelenOS, MINIX 3, Genode, GNU/Hurd Jakub Jermář , Advanced Operatjng Systems, February 28 th 2019 Architectures 9

Multjserver Microkernel (reprise) Multjserver Microkernel (reprise) applicatjon applicatjon applicatjon network security device fjle system stack server multjplexer multjplexer naming locatjon device driver device driver device driver fjle system fjle system fjle system ... server server server server server driver server driver server driver server unprivileged mode privileged mode memory microkernel scheduler IPC mgmt hardware Jakub Jermář , Advanced Operatjng Systems, February 28 th 2019 Architectures 10

Hypervisor (Type 1) Hypervisor (Type 1) operatjng system operatjng system operatjng system app app app app app app app app app app app app unprivileged mode unprivileged mode unprivileged mode privileged mode privileged mode privileged mode kernel kernel kernel privileged mode hyper-privileged mode memory hypervisor scheduler comm mgmt hardware Jakub Jermář , Advanced Operatjng Systems, February 28 th 2019 Architectures 11

Common Cloud Deployment Common Cloud Deployment operatjng system operatjng system operatjng system app app app unprivileged mode unprivileged mode unprivileged mode privileged mode privileged mode privileged mode kernel kernel kernel privileged mode hyper-privileged mode memory hypervisor scheduler comm mgmt hardware Jakub Jermář , Advanced Operatjng Systems, February 28 th 2019 Architectures 12

Unikernel Unikernel unikernel unikernel unikernel app app app component component component kernel kernel kernel component component component privileged mode hyper-privileged mode memory hypervisor scheduler comm mgmt hardware Jakub Jermář , Advanced Operatjng Systems, February 28 th 2019 Architectures 13

Unikernel (2) Unikernel (2) Library operatjng system Approach to building operatjng systems Unikernel Architecture Binary artjfact Jakub Jermář , Advanced Operatjng Systems, February 28 th 2019 Architectures 14

Unikernel (3) Unikernel (3) Library operatjng system Payload (applicatjon) merged with the kernel Kernel component acts as a library providing access to the hardware, threading, fjle systems, etc. Only necessary functjonality Mostly statjc (single image), but there are dynamic variants Code runs in privileged ( less privileged ) mode and single address space No mode switches, address space switches Syscalls can be replaced by functjon calls Isolatjon/security provided by the underlying hypervisor ( more privileged mode ) Jakub Jermář , Advanced Operatjng Systems, February 28 th 2019 Architectures 15

Unikernel (4) Unikernel (4) Madhavapeddy, A., Scotu, D., J.: Unikernels: Rise of the Virtual Library Operatjng System , ACM Queue, 2013 MirageOS University of Cambridge, Docker Clean-slate components writuen in OCaml Used in Docker for Mac, VPNKit Jakub Jermář , Advanced Operatjng Systems, February 28 th 2019 Architectures 16

Unikernel (5) Unikernel (5) Porter, D., E., et al.: Rethinking the library OS from the top down , ASPLOS, 2011 Drawbridge Microsofu Research (2011– ?) Librarifjed Windows Used in MSSQL Server for Linux (2016) Kantee, A.: The Rise and Fall of the Operatjng System , ;login:, October 2015, Vol. 40, No. 5 Rumpkernel Librarifjed NetBSD Popular source of components for any kernels (NetBSD, rumprun, Hurd, Genode, …) Jakub Jermář , Advanced Operatjng Systems, February 28 th 2019 Architectures 17

Future Hardware Predictjons Future Hardware Predictjons More of Complex interconnects & cache hierarchies Cache-coherency protocols even more expensive Diversity Difgerent cores together → same optjmizatjons won’t work anymore Heterogeneity Multjple ISAs → can’t have a single-image OS Less of / lack of Cache coherency Shared memory Jakub Jermář , Advanced Operatjng Systems, February 28 th 2019 Architectures 18

Optjons for general purpose OS’s Optjons for general purpose OS’s Resign Make it easy to build specialized OS’s Unikernels Redesign Atuack the problem from difgerent angle Multjkernels Jakub Jermář , Advanced Operatjng Systems, February 28 th 2019 Architectures 19

Implicit Message Passing in Hardware Implicit Message Passing in Hardware Memory L2 Cache L2 Cache L1 Cache L1 Cache L1 Cache L1 Cache CPU CPU CPU CPU read CPU CPU CPU CPU write write L1 Cache L1 Cache L1 Cache L1 Cache L2 Cache L2 Cache Shared Memory data Jakub Jermář , Advanced Operatjng Systems, February 28 th 2019 Architectures 20

Multjkernel Paradigm Shifu Multjkernel Paradigm Shifu Inside the OS layer Do not assume coherent shared-memory SMP If available, use to optjmize message passing No implicit inter-core state sharing Simple, single-threaded, event-driven code Explicit inter-core communicatjon via message passing Global state replica maintained by distributed algorithms Jakub Jermář , Advanced Operatjng Systems, February 28 th 2019 Architectures 21

Multjkernel Multjkernel applicatjon applicatjon applicatjon applicatjon applicatjon server server server server server server unprivileged mode State State State replica replica replica privileged mode kernel kernel kernel CPU CPU CPU Jakub Jermář , Advanced Operatjng Systems, February 28 th 2019 Architectures 22

Multjkernel (2) Multjkernel (2) Kernel-userspace boundary not characteristjc of multjkernels Baumann, A., et al.: The Multjkernel: A new OS architecture for scalable multjcore systems , SOSP ‘09 Barrelfjsh ETH Zürich, Microsofu Research Jakub Jermář , Advanced Operatjng Systems, February 28 th 2019 Architectures 23

Inter-Process Communicatjon Inter-Process Communicatjon Sharing data between processes (tasks) Crossing the process isolatjon in a managed and predictable way Technically, any means of sharing data can be considered IPC (e.g. fjles, networking, middleware) In monolithic systems, this usually works without using a dedicated IPC mechanism Crucial for microkernel systems In microkernel systems, even fjles and networking cannot be implemented without an IPC mechanism Jakub Jermář , Advanced Operatjng Systems, February 28 th 2019 Architectures 24