microkernel based systems summer school 2013 genode os
play

Microkernel-based Systems Summer School 2013: Genode OS Framework - PowerPoint PPT Presentation

Dec 17, 2023 •283 likes •1.28k views

Microkernel-based Systems Summer School 2013: Genode OS Framework Norman Feske < norman.feske@genode-labs.com > Outline 1. Why do we need another operating system? 2. Genode entering the picture 3. Architectural Principles 4. Core -

  1. Microkernel-based Systems Summer School 2013: Genode OS Framework Norman Feske < norman.feske@genode-labs.com >

  2. Outline 1. Why do we need another operating system? 2. Genode entering the picture 3. Architectural Principles 4. Core - the root of the process tree 5. Inter-process communication 6. Classification of components 7. Kernelization example 8. Components overview Microkernel-based Systems Summer School 2013: Genode OS Framework 2

  3. Outline 1. Why do we need another operating system? 2. Genode entering the picture 3. Architectural Principles 4. Core - the root of the process tree 5. Inter-process communication 6. Classification of components 7. Kernelization example 8. Components overview Microkernel-based Systems Summer School 2013: Genode OS Framework 3

  4. Myths Microkernel-based Systems Summer School 2013: Genode OS Framework 4

  5. Problem: Complexity Today’s commodity OSes Exceedingly complex trusted computing base (TCB) TCB of an application on Linux: Kernel + loaded kernel modules Daemons X Server + window manager Desktop environment All running processes of the user → User credentials are exposed to millions of lines of code Microkernel-based Systems Summer School 2013: Genode OS Framework 5

  6. Problem: Complexity (II) Implications: High likelihood for bugs (need for frequent security updates) Huge attack surface for directed attacks Zero-day exploits Microkernel-based Systems Summer School 2013: Genode OS Framework 6

  7. Problem: Global names Many examples on traditional systems ◮ UIDs, PIDs ◮ network interface names ◮ port numbers ◮ device nodes ◮ ... Leak information Name is a potential attack vector (ambient authority) Microkernel-based Systems Summer School 2013: Genode OS Framework 7

  8. Problem: Resource management Pretension of unlimited resources Lack of accounting → Largely indeterministic behavior → Need for complex heuristics, schedulers Microkernel-based Systems Summer School 2013: Genode OS Framework 8

  9. Key technologies Microkernels Decomponentization, kernelization Capability-based security Virtualization Microkernel-based Systems Summer School 2013: Genode OS Framework 9

  10. Tricky questions How to... ...build a system without global names? ...trade between parties that do not know each other? ...reclaim kidnapped goods from an alien? (without violence) ...deal with distributed access-control policies? ...transparently monitor communication? ...recycle a subsystem without knowing its internal structure? Microkernel-based Systems Summer School 2013: Genode OS Framework 10

  11. Even more tricky questions How to... ...avoid performance hazards through many indirections? ...translate architectural ideas into a real implementation? Microkernel-based Systems Summer School 2013: Genode OS Framework 11

  12. Outline 1. Why do we need another operating system? 2. Genode entering the picture 3. Architectural Principles 4. Core - the root of the process tree 5. Inter-process communication 6. Classification of components 7. Kernelization example 8. Components overview Microkernel-based Systems Summer School 2013: Genode OS Framework 12

  13. A bit of history Research timeline at TU Dresden Microkernel-based Systems Summer School 2013: Genode OS Framework 13

  14. A new generation of kernels on the horizon Microkernel-based Systems Summer School 2013: Genode OS Framework 14

  15. Unique feature: Cross-kernel portability When started, no suitable microkernel was available → Prototyped on Linux and L4/Fiasco → Later ported to other kernels Microkernel-based Systems Summer School 2013: Genode OS Framework 15

  16. Today: Rich OS construction kit Support of a variety of kernels OKL4, L4/Fiasco, L4ka::Pistachio, NOVA, Fiasco.OC, Linux, Codezero Preservation of special kernel features ◮ OKLinux on OKL4, ◮ L4Linux on Fiasco.OC, ◮ Vancouver on NOVA, ◮ Real-time priorities on L4/Fiasco Uniform API → kernel-independent components Many ready-to-use device drivers, protocol stacks, and 3rd-party libraries Microkernel-based Systems Summer School 2013: Genode OS Framework 16

  17. Outline 1. Why do we need another operating system? 2. Genode entering the picture 3. Architectural Principles 4. Core - the root of the process tree 5. Inter-process communication 6. Classification of components 7. Kernelization example 8. Components overview Microkernel-based Systems Summer School 2013: Genode OS Framework 17

  18. Object capabilities Delegation of rights Each process lives in a virtual environment A process that possesses a right (capability) can ◮ Use it (invoke) ◮ Delegate it to acquainted processes Microkernel-based Systems Summer School 2013: Genode OS Framework 18

  19. Recursive system structure Microkernel-based Systems Summer School 2013: Genode OS Framework 19

  20. Service announcement Microkernel-based Systems Summer School 2013: Genode OS Framework 20

  21. Session creation Microkernel-based Systems Summer School 2013: Genode OS Framework 21

  22. Session creation Microkernel-based Systems Summer School 2013: Genode OS Framework 22

  23. This works recursively → Application-specific TCB Microkernel-based Systems Summer School 2013: Genode OS Framework 23

  24. Combined with virtualization Microkernel-based Systems Summer School 2013: Genode OS Framework 24

  25. Resource management Explicit assignment of physical resources to processes Microkernel-based Systems Summer School 2013: Genode OS Framework 25

  26. Resource management (II) Resources can be attached to sessions Microkernel-based Systems Summer School 2013: Genode OS Framework 26

  27. Resource management (III) Intermediation of resource requests Microkernel-based Systems Summer School 2013: Genode OS Framework 27

  28. Resource management (IV) Virtualization of resources Microkernel-based Systems Summer School 2013: Genode OS Framework 28

  29. Resource management (V) Server-side heap partitioning Microkernel-based Systems Summer School 2013: Genode OS Framework 29

  30. Parent interface void exit(exit_value) void announce(service_name, root_capability) session_capability session(service_name, session_args) void upgrade(to_session_capability, quantum) void close(session_capability) Microkernel-based Systems Summer School 2013: Genode OS Framework 30

  31. Root interface session_capability session(session_args) void upgrade(session_capability, upgrade_args) void close(session_capability) Microkernel-based Systems Summer School 2013: Genode OS Framework 31

  32. Outline 1. Why do we need another operating system? 2. Genode entering the picture 3. Architectural Principles 4. Core - the root of the process tree 5. Inter-process communication 6. Classification of components 7. Kernelization example 8. Components overview Microkernel-based Systems Summer School 2013: Genode OS Framework 32

  33. Core services LOG RAM CAP CPU IO MEM IO PORT IRQ PD ROM RM SIGNAL Microkernel-based Systems Summer School 2013: Genode OS Framework 33

  34. Core services LOG RAM CAP CPU IO MEM IO PORT IRQ PD ROM RM SIGNAL Debug output amount write(string) Microkernel-based Systems Summer School 2013: Genode OS Framework 34

  35. Core services LOG RAM CAP CPU IO MEM IO PORT IRQ PD ROM RM SIGNAL Physical memory ram_dataspace_capability alloc(size, cached) void free(ram_dataspace_capability) void ref_account(ram_session_capability) void transfer_quota(ram_session_capability, amount) amount quota() amount used() Microkernel-based Systems Summer School 2013: Genode OS Framework 35

  36. Core services LOG RAM CAP CPU IO MEM IO PORT IRQ PD ROM RM SIGNAL Object identities capability alloc(entrypoint_capability) void free(capability) Microkernel-based Systems Summer School 2013: Genode OS Framework 36

  37. Core services LOG RAM CAP CPU IO MEM IO PORT IRQ PD ROM RM SIGNAL Threads thread_capability create_thread(name) void kill_thread(thread_capability) void start(thread_capability, ip, sp) Microkernel-based Systems Summer School 2013: Genode OS Framework 37

  38. Core services LOG RAM CAP CPU IO MEM IO PORT IRQ PD ROM RM SIGNAL Memory-mapped I/O Session arguments base , size , write-combined io_mem_dataspace_capability dataspace() Microkernel-based Systems Summer School 2013: Genode OS Framework 38

  39. Core services LOG RAM CAP CPU IO MEM IO PORT IRQ PD ROM RM SIGNAL Port-based I/O Session arguments base , size value inb(address) value inw(address) value inl(address) void outb(address, value) void outw(address, value) void outl(address, value) Microkernel-based Systems Summer School 2013: Genode OS Framework 39

  40. Core services LOG RAM CAP CPU IO MEM IO PORT IRQ PD ROM RM SIGNAL Device interrupts Session argument irq number void wait_for_irq() Microkernel-based Systems Summer School 2013: Genode OS Framework 40

  41. Core services LOG RAM CAP CPU IO MEM IO PORT IRQ PD ROM RM SIGNAL Protection domain void bind_thread(thread_capability) void assign_parent(parent_capability) Microkernel-based Systems Summer School 2013: Genode OS Framework 41

  42. Core services LOG RAM CAP CPU IO MEM IO PORT IRQ PD ROM RM SIGNAL Access to boot modules Session argument filename rom_dataspace_capability dataspace() Microkernel-based Systems Summer School 2013: Genode OS Framework 42

Recommend

Unit 15: Experimental Microkernel Systems 15.2. Chorus: Microkernel and User-space Actors AP

Unit 15: Experimental Microkernel Systems 15.2. Chorus: Microkernel and User-space Actors AP

Unit 15: Experimental Microkernel Systems 15.2. Chorus: Microkernel and User-space Actors AP 9/01 CHORUS: a new Look at Microkernel- based Operating Systems OS structuring: modular set of system servers which sit on top of a minimal

599 views • 42 slides
Introduction to a microkernel microkernel maybe self supporting initially they are built on a host

Introduction to a microkernel microkernel maybe self supporting initially they are built on a host

slide 1 gaius Introduction to a microkernel microkernel maybe self supporting initially they are built on a host and downloaded to a target during Operating systems we will be developing a microkernel which has been written in: Modula-2, C and

526 views • 28 slides
Microkernel virtualization under one roof - dare the impossible - Alexander Bttcher &lt;

Microkernel virtualization under one roof - dare the impossible - Alexander Bttcher &lt;

Microkernel virtualization under one roof - dare the impossible - Alexander Bttcher &lt; alexander.boettcher@genode-labs.com &gt; Outline 1. Introduction 2. Kernel interfaces 3. VM interface harmonization 4. VMMs harmonized 5. Conclusion

941 views • 55 slides
Live-sculpting a Genode-based operating system Norman Feske &lt; norman.feske@genode-labs.com

Live-sculpting a Genode-based operating system Norman Feske &lt; norman.feske@genode-labs.com

Live-sculpting a Genode-based operating system Norman Feske &lt; norman.feske@genode-labs.com &gt; Outline 1. Base system 2. Storage, networking 3. Extending the system 4. Road Map for 2018 Live-sculpting a Genode-based operating system 2

534 views • 32 slides
Reinforcement Learning by Narayan Hegde ME, CSA@IISc Google 2 Summer School 2013 3 Summer

Reinforcement Learning by Narayan Hegde ME, CSA@IISc Google 2 Summer School 2013 3 Summer

Reinforcement Learning by Narayan Hegde ME, CSA@IISc Google 2 Summer School 2013 3 Summer School 2013 What is it? 4 What could the mechanisms be, by which based on feedback based on our actions by the environment, we learn to act over

1.13k views • 35 slides
Towards Real-Time Checkpoint/Restore for Migration in L4 Microkernel based Operating Systems

Towards Real-Time Checkpoint/Restore for Migration in L4 Microkernel based Operating Systems

Towards Real-Time Checkpoint/Restore for Migration in L4 Microkernel based Operating Systems Sebastian Eckl, M.Sc. David Werner, M.Sc. Alexander Weidinger, B.Sc. Prof. Dr. Uwe Baumgarten Technische Universitt Mnchen Informatics

554 views • 28 slides
Microkernel-based Operating Systems - Introduction Bjoern Doebel Dresden, Oct 9 th 2007 Lecture

Microkernel-based Operating Systems - Introduction Bjoern Doebel Dresden, Oct 9 th 2007 Lecture

Faculty of Computer Science Institute for System Architecture, Operating Systems Group Microkernel-based Operating Systems - Introduction Bjoern Doebel Dresden, Oct 9 th 2007 Lecture Goals Provide deeper understanding of OS mechanisms

333 views • 12 slides
GPU-resource multiplexing in component-based systems Sebastian Sumpf &lt;

GPU-resource multiplexing in component-based systems Sebastian Sumpf &lt;

GPU-resource multiplexing in component-based systems Sebastian Sumpf &lt; sebastian.sumpf@genode-labs.com &gt; Josef Sntgen &lt; josef.soentgen@genode-labs.com &gt; Outline 1. Motivation 2. State of the art 3. GPU resource multiplexing in

689 views • 35 slides
THE SUMMER SCHOOL Based on the experience of Nazarbayev Intellectual school of Chemistry and

THE SUMMER SCHOOL Based on the experience of Nazarbayev Intellectual school of Chemistry and

ORGANIZATION OF WORK FOR THE SUMMER SCHOOL Based on the experience of Nazarbayev Intellectual school of Chemistry and Biology in Ust-Kamenogorsk Deputy Director for External affairs: Akhmetova A.K Conte tent: I I Su Summer Sc School l

268 views • 16 slides
Introducing kernel-agnostic Genode executables Norman Feske &lt; norman.feske@genode-labs.com

Introducing kernel-agnostic Genode executables Norman Feske &lt; norman.feske@genode-labs.com

Introducing kernel-agnostic Genode executables Norman Feske &lt; norman.feske@genode-labs.com &gt; Outline 1. Kernel diversity - Whats the appeal? 2. Bridging the gap between kernels Notion of components Raising the level of abstraction of

1.28k views • 90 slides
Genode - OS Security By Design Dr.-Ing. Norman Feske &lt; norman.feske@genode-labs.com &gt;

Genode - OS Security By Design Dr.-Ing. Norman Feske &lt; norman.feske@genode-labs.com &gt;

Genode - OS Security By Design Dr.-Ing. Norman Feske &lt; norman.feske@genode-labs.com &gt; Outline 1. Introduction 2. Architectural Principles 3. Showcases 4. Current Topics Genode - OS Security By Design 2 Outline 1. Introduction 2.

920 views • 33 slides
Datalog-Based Data Access over Ontology Knowledge Bases Unit 4 Systems Thomas Eiter

Datalog-Based Data Access over Ontology Knowledge Bases Unit 4 Systems Thomas Eiter

Datalog-Based Data Access over Ontology Knowledge Bases Unit 4 Systems Thomas Eiter Institut fr Informationsysteme, TU Wien ICCL Summer School 2013, August 29-30, 2013 Austrian Science Fund (FWF) grants P20841, P24090 1/36 Datalog over

518 views • 39 slides
Reaching puberty: How Genode is becoming a general-purpose OS Norman Feske &lt;

Reaching puberty: How Genode is becoming a general-purpose OS Norman Feske &lt;

Reaching puberty: How Genode is becoming a general-purpose OS Norman Feske &lt; norman.feske@genode-labs.com &gt; Outline 1. Background 2. Noux runtime for Unix software 3. Challenges of dynamic system composition 4. Fundamental features 5.

618 views • 42 slides
A MICROKERNEL-BASED OPERATING SYSTEM FOR EXASCALE COMPUTING Amnon Barak Hebrew University

A MICROKERNEL-BASED OPERATING SYSTEM FOR EXASCALE COMPUTING Amnon Barak Hebrew University

The Hebrew University of Jerusalem A MICROKERNEL-BASED OPERATING SYSTEM FOR EXASCALE COMPUTING Amnon Barak Hebrew University Jerusalem (HUJI) Hermann Hrtig TU Dresden, Operating Systems Group (TUDOS) Wolfgang Nagel TU Dresden, Center

1.04k views • 51 slides
WHAT HAVE WHAT HAVE I LEARNED I LEARNED AT THE AT THE DISC DISC SUMMER SCHOOL? SUMMER

WHAT HAVE WHAT HAVE I LEARNED I LEARNED AT THE AT THE DISC DISC SUMMER SCHOOL? SUMMER

WHAT HAVE WHAT HAVE I LEARNED I LEARNED AT THE AT THE DISC DISC SUMMER SCHOOL? SUMMER SCHOOL? Christos G. Cassandras CODES Lab. - Boston University WHY HYBRID SYSTEMS ? COMPLEXITY ( PHYSICAL , BUT MOSTLY OPERATIONAL/ORGANIZATIONAL )

691 views • 11 slides
ARM-based systems at BSC PRACE Spring School 2013 New and Emerging Technologies - Programming for

ARM-based systems at BSC PRACE Spring School 2013 New and Emerging Technologies - Programming for

www.bsc.es ARM-based systems at BSC PRACE Spring School 2013 New and Emerging Technologies - Programming for Accelerators Nikola Rajovic, Gabriele Carteni Barcelona Supercomputing Center Outline A little bit of history From vector CPUs to

787 views • 60 slides
Lectures for Marktoberdorf 2010 Summer School Software and Systems Safety: Specification and

Lectures for Marktoberdorf 2010 Summer School Software and Systems Safety: Specification and

Lectures for Marktoberdorf 2010 Summer School Software and Systems Safety: Specification and Verification Formal Methods And Argument-based Safety Cases John Rushby Computer Science Laboratory SRI International Menlo Park, CA John Rushby FM

1.29k views • 109 slides
+ Side Channel and Covert Channel A1acks on Microkernel

+ Side Channel and Covert Channel A1acks on Microkernel

+ Side Channel and Covert Channel A1acks on Microkernel Architectures WAMOS 2015 Advanced Opera3ng Systems Hochschule RheinMain Alexander Baumgrtner and

539 views • 25 slides
Summer School 2020 Canterbury Whats a summer school? summer sciool noun [C] /sm

Summer School 2020 Canterbury Whats a summer school? summer sciool noun [C] /sm

Summer School 2020 Canterbury Whats a summer school? summer sciool noun [C] /sm skul/ 1. Classes taken during the summer that make it possible to 2. An academic excursion that allows you to move more quickly towards a

258 views • 13 slides
Genode as general-purpose OS progress report and demonstration Norman Feske &lt;

Genode as general-purpose OS progress report and demonstration Norman Feske &lt;

Genode as general-purpose OS progress report and demonstration Norman Feske &lt; norman.feske@genode-labs.com &gt; Outline 1. Introduction 2. The long way towards general-purpose computing Fundamentals Functionality Resource utilization

739 views • 39 slides
Side-channel attacks in a microkernel environment Thomas Frase Thomas.b.Frase@student.hs-rm.de

Side-channel attacks in a microkernel environment Thomas Frase Thomas.b.Frase@student.hs-rm.de

Side-channel attacks in a microkernel environment Thomas Frase Thomas.b.Frase@student.hs-rm.de Fabian Seiberling Fabian.b.Seiberling@student.hs-rm.de 1st Wiesbaden Workshop on 13.02.2014 Advanced Microkernel Operating Systems Table of

580 views • 27 slides
Unit 15: Experimental Microkernel Systems 15.1. The Amoeba Distributed Operating System AP 9/01

Unit 15: Experimental Microkernel Systems 15.1. The Amoeba Distributed Operating System AP 9/01

Unit 15: Experimental Microkernel Systems 15.1. The Amoeba Distributed Operating System AP 9/01 The Amoeba Distributed Operating System Research vehicle for distributed and parallel operating systems, runtime systems, languages, and

549 views • 20 slides
The impact of Meltre and Specdown on microkernel systems Matthias Lange, Kernkonzept GmbH, FOSDEM

The impact of Meltre and Specdown on microkernel systems Matthias Lange, Kernkonzept GmbH, FOSDEM

The impact of Meltre and Specdown on microkernel systems Matthias Lange, Kernkonzept GmbH, FOSDEM 2019 We need to talk about Meltre and Specdown. Conf call with customer, early 2018 The impact of Meltdown and Spectre on the L4Re

621 views • 47 slides
Third International SAT/SMT Summer School 2013 Keijo Heljanko, Tomi Janhunen, and Matti

Third International SAT/SMT Summer School 2013 Keijo Heljanko, Tomi Janhunen, and Matti

Third International SAT/SMT Summer School 2013 Keijo Heljanko, Tomi Janhunen, and Matti Jrvisalo Venue: Aalto University, Otaniemi Campus Espoo, Finland, July 35, 2013 http://satsmt2013.ics.aalto.fi/ Welcoming Words Dr. Ilkka Niemel

439 views • 14 slides

More recommend