a kernel in a library genode s custom kernel approach
play

A kernel in a library Genodes custom kernel approach Martin Stein - PowerPoint PPT Presentation

Mar 15, 2023 •345 likes •798 views

A kernel in a library Genodes custom kernel approach Martin Stein < martin.stein@genode-labs.com > Outline 1. Motivation 2. Overview 3. Scheduling 4. Capabilities 5. Communication A kernel in a library Genodes custom kernel

  1. A kernel in a library Genode’s custom kernel approach Martin Stein < martin.stein@genode-labs.com >

  2. Outline 1. Motivation 2. Overview 3. Scheduling 4. Capabilities 5. Communication A kernel in a library Genode’s custom kernel approach 2

  3. Outline 1. Motivation 2. Overview 3. Scheduling 4. Capabilities 5. Communication A kernel in a library Genode’s custom kernel approach 3

  4. Genode on third-party Kernels The impetus of diversity NOVA, Fiasco.OC, OKL4, L4ka::Pistachio, L4/Fiasco, Linux SeL4 A kernel in a library Genode’s custom kernel approach 4

  5. Genode on third-party Kernels The impetus of diversity NOVA, Fiasco.OC, OKL4, L4ka::Pistachio, L4/Fiasco, Linux SeL4 Flexibility in development and application A kernel in a library Genode’s custom kernel approach 4

  6. Genode on third-party Kernels The impetus of diversity NOVA, Fiasco.OC, OKL4, L4ka::Pistachio, L4/Fiasco, Linux SeL4 Flexibility in development and application Versatility in testing A kernel in a library Genode’s custom kernel approach 4

  7. Genode on third-party Kernels Kernel perspective Aim for comprehensive security concept A kernel in a library Genode’s custom kernel approach 5

  8. Genode on third-party Kernels Kernel perspective Aim for comprehensive security concept Self-contained unit that mistrusts all users A kernel in a library Genode’s custom kernel approach 5

  9. Genode on third-party Kernels Kernel perspective Aim for comprehensive security concept Self-contained unit that mistrusts all users Perspective of Genode’s Core Bring Kernel concept in line with Genode API A kernel in a library Genode’s custom kernel approach 5

  10. Genode on third-party Kernels Kernel perspective Aim for comprehensive security concept Self-contained unit that mistrusts all users Perspective of Genode’s Core Bring Kernel concept in line with Genode API Must be trusted anyway A kernel in a library Genode’s custom kernel approach 5

  11. Genode on third-party Kernels Drawbacks Concepts get bend in shape (Signals) A kernel in a library Genode’s custom kernel approach 6

  12. Genode on third-party Kernels Drawbacks Concepts get bend in shape (Signals) Work is done redundantly (memory management) A kernel in a library Genode’s custom kernel approach 6

  13. Genode on third-party Kernels Drawbacks Concepts get bend in shape (Signals) Work is done redundantly (memory management) Deficiencies get worked around (Capability delegation) A kernel in a library Genode’s custom kernel approach 6

  14. Creating a custom solution Idea Kernel that trusts Core and is designed for Core’s needs A kernel in a library Genode’s custom kernel approach 7

  15. Creating a custom solution Idea Kernel that trusts Core and is designed for Core’s needs Minimalistic library that enables Core to run as root domain A kernel in a library Genode’s custom kernel approach 7

  16. Creating a custom solution Idea Kernel that trusts Core and is designed for Core’s needs Minimalistic library that enables Core to run as root domain Run most critical code in the simplest manner A kernel in a library Genode’s custom kernel approach 7

  17. Outline 1. Motivation 2. Overview 3. Scheduling 4. Capabilities 5. Communication A kernel in a library Genode’s custom kernel approach 8

  18. Kernel tasks Exception vectors A kernel in a library Genode’s custom kernel approach 9

  19. Kernel tasks Exception vectors Scheduling A kernel in a library Genode’s custom kernel approach 9

  20. Kernel tasks Exception vectors Scheduling Controls interrupts A kernel in a library Genode’s custom kernel approach 9

  21. Kernel tasks Exception vectors Scheduling Controls interrupts Communication: IPC and Signals A kernel in a library Genode’s custom kernel approach 9

  22. Kernel tasks Exception vectors Scheduling Controls interrupts Communication: IPC and Signals Capabilities A kernel in a library Genode’s custom kernel approach 9

  23. Kernel tasks Exception vectors Scheduling Controls interrupts Communication: IPC and Signals Capabilities Cache and TLB maintenance A kernel in a library Genode’s custom kernel approach 9

  24. Kernel tasks Exception vectors Scheduling Controls interrupts Communication: IPC and Signals Capabilities Cache and TLB maintenance Virtualization A kernel in a library Genode’s custom kernel approach 9

  25. Kernel interface Threads, VMs PDs, Capabilities Communication, IRQs thread new/del obj new/del signal receiver new/del thread start pd new/del signal context new/del thread pause pd update irq new/del thread resume irq ack Core-only thread route event thread quota vm new/del vm run vm pause thread pause current update data region signal context kill thread resume local update instr region signal submit thread yield cap ack signal await Common cap delete signal ack msg send request msg send reply msg await request A kernel in a library Genode’s custom kernel approach 10

  26. Qualities All dynamic memory gets accounted → No exhaustion A kernel in a library Genode’s custom kernel approach 11

  27. Qualities All dynamic memory gets accounted → No exhaustion Modeled as state machine → Low complexity → Fast kernel passes A kernel in a library Genode’s custom kernel approach 11

  28. Trusted Computing Base A kernel in a library Genode’s custom kernel approach 12

  29. Trusted Computing Base A kernel in a library Genode’s custom kernel approach 13

  30. Hardware support ARMv7 ◮ Panda Board, i.MX53 QSB, USB Armory, Wand Board, Arndale, Odroid XU, Zynq, PBXA9 ◮ SMP, Virtualization, Trustzone, ... A kernel in a library Genode’s custom kernel approach 14

  31. Hardware support ARMv7 ◮ Panda Board, i.MX53 QSB, USB Armory, Wand Board, Arndale, Odroid XU, Zynq, PBXA9 ◮ SMP, Virtualization, Trustzone, ... x86 64 Bit, Raspberry Pi (ARMv6), RISC-V, Muen Separation Kernel A kernel in a library Genode’s custom kernel approach 14

  32. Outline 1. Motivation 2. Overview 3. Scheduling 4. Capabilities 5. Communication A kernel in a library Genode’s custom kernel approach 15

  33. Scheduling Absolute priorities A kernel in a library Genode’s custom kernel approach 16

  34. Scheduling Quota-bound priorities A kernel in a library Genode’s custom kernel approach 17

  35. Scheduling Quota-bound priorities A kernel in a library Genode’s custom kernel approach 18

  36. Scheduling Donation of CPU resources from parents to their children A kernel in a library Genode’s custom kernel approach 19

  37. Outline 1. Motivation 2. Overview 3. Scheduling 4. Capabilities 5. Communication A kernel in a library Genode’s custom kernel approach 20

  38. Capabilities Automatic creation or translation on IPC delegation A kernel in a library Genode’s custom kernel approach 21

  39. Capabilities Automatic creation or translation on IPC delegation No name diversity in a PD A kernel in a library Genode’s custom kernel approach 21

  40. Capabilities Automatic creation or translation on IPC delegation No name diversity in a PD Costs get accounted via PD session quota A kernel in a library Genode’s custom kernel approach 21

  41. Capabilities Collaborative lifetime management for Capabilities A kernel in a library Genode’s custom kernel approach 22

  42. Outline 1. Motivation 2. Overview 3. Scheduling 4. Capabilities 5. Communication A kernel in a library Genode’s custom kernel approach 23

  43. Communication IPC implicitely delegates CPU resources A kernel in a library Genode’s custom kernel approach 24

  44. Communication Collaborative lifetime management for Signals A kernel in a library Genode’s custom kernel approach 25

  45. Thank you! Genode OS Framework http://genode.org Genode Labs GmbH http://genode-labs.com Source code at GitHub http://github.com/genodelabs/genode A kernel in a library Genode’s custom kernel approach 26

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Introducing kernel-agnostic Genode executables Norman Feske &lt; norman.feske@genode-labs.com

Introducing kernel-agnostic Genode executables Norman Feske &lt; norman.feske@genode-labs.com

Introducing kernel-agnostic Genode executables Norman Feske &lt; norman.feske@genode-labs.com &gt; Outline 1. Kernel diversity - Whats the appeal? 2. Bridging the gap between kernels Notion of components Raising the level of abstraction of

1.28k views • 90 slides
Genode Components Performance Penalty And Challenges FOSDEM Micro-kernel Devroom, 04/02/17

Genode Components Performance Penalty And Challenges FOSDEM Micro-kernel Devroom, 04/02/17

Dual Execution and Comparison For Genode Components Performance Penalty And Challenges FOSDEM Micro-kernel Devroom, 04/02/17 Parfait T okponnon Marc Lobelle mahoukpego.tokponnon@uclouvain.be marc.lobelle@uclouvain.be Outline 2

406 views • 29 slides
Tight Kernel Query Complexity of Kernel Ridge Regression and Kernel -means Clustering Manuel

Tight Kernel Query Complexity of Kernel Ridge Regression and Kernel -means Clustering Manuel

Tight Kernel Query Complexity of Kernel Ridge Regression and Kernel -means Clustering Manuel Fernndez V, David P. Woodruff, Taisuke Yasuda Kernel Method Many machine learning tasks can be expressed as a function of the inner product

389 views • 22 slides
1 Kernel methods &amp; optimization One example of a kernel that is frequently used in practice

1 Kernel methods &amp; optimization One example of a kernel that is frequently used in practice

Machine Learning Class Notes 9-25-12 Prof. David Sontag 1 Kernel methods &amp; optimization One example of a kernel that is frequently used in practice and which allows for highly non-linear discriminant functions is the Gaussian kernel,

240 views • 5 slides
Tight Kernel Query Complexity of Kernel Ridge Regression and Kernel -means Clustering Manuel

Tight Kernel Query Complexity of Kernel Ridge Regression and Kernel -means Clustering Manuel

Tight Kernel Query Complexity of Kernel Ridge Regression and Kernel -means Clustering Manuel Fernndez V, David P. Woodruff, Taisuke Yasuda Overview Preliminaries Kernel ridge regression Kernel -means clustering

476 views • 25 slides
Debugging the Linux Kernel with GDB Kieran Bingham Debugging the Linux Kernel with GDB Many

Debugging the Linux Kernel with GDB Kieran Bingham Debugging the Linux Kernel with GDB Many

Debugging the Linux Kernel with GDB Kieran Bingham Debugging the Linux Kernel with GDB Many of us need to debug the Linux kernel Proprietary tools like Trace32 and DS-5 are $$$ Open source debuggers like GDB lack kernel

884 views • 40 slides
Linux Kernel Synchronization System Calls Synchronization in Kernel the kernel RCU File

Linux Kernel Synchronization System Calls Synchronization in Kernel the kernel RCU File

3/1/20 COMP 790: OS Implementation COMP 790: OS Implementation Logical Diagram Binary Memory Threads Formats Allocators User Todays Lecture Linux Kernel Synchronization System Calls Synchronization in Kernel the kernel RCU File

647 views • 8 slides
D-Bus in the Kernel LinuxCon 2014, Tokyo, Japan May 2014 D-Bus in the Kernel Who? Greg

D-Bus in the Kernel LinuxCon 2014, Tokyo, Japan May 2014 D-Bus in the Kernel Who? Greg

D-Bus in the Kernel LinuxCon 2014, Tokyo, Japan May 2014 D-Bus in the Kernel Who? Greg Kroah-Hartman, David Herrmann, Daniel Mack, Lennart Poettering, Kay Sievers with help from Tejun Heo D-Bus in the Kernel Most newer OS designs started

1.35k views • 111 slides
Linux Kernel Debugging Your kernel just oopsed - What do you do, hotshot? Muli Ben-Yehuda

Linux Kernel Debugging Your kernel just oopsed - What do you do, hotshot? Muli Ben-Yehuda

Linux Kernel Debugging Your kernel just oopsed - What do you do, hotshot? Muli Ben-Yehuda mulix@mulix.org IBM Haifa Research Lab Kernel Debugging, Haifux 2003 p.1/19 Kernel Debugging - Why? Why would we want to debug the kernel? after

308 views • 19 slides
1 Theres a kernel security researcher named Dan Rosenberg whose done a lot of linux kernel

1 Theres a kernel security researcher named Dan Rosenberg whose done a lot of linux kernel

1 Theres a kernel security researcher named Dan Rosenberg whose done a lot of linux kernel vulnerability research Thats unavoidable, but the linux kernel developers dont do very much to make the situation any better. -- Basically, the

625 views • 36 slides
Kernel PCA for SNe Kernel PCA for SNe photometric classification photometric classification

Kernel PCA for SNe Kernel PCA for SNe photometric classification photometric classification

Kernel PCA for SNe Kernel PCA for SNe photometric classification photometric classification Emille E. O. Ishida IAG University of Sao Paulo, Brazil In collaboration with Rafael S. De Souza (KASI) astro-ph/1201.6676 IAU General Assembly,

155 views • 14 slides
The Kernel (and Process) Abstraction Chapter 2-3 OSPP Part I Announcements Today: kernel

The Kernel (and Process) Abstraction Chapter 2-3 OSPP Part I Announcements Today: kernel

The Kernel (and Process) Abstraction Chapter 2-3 OSPP Part I Announcements Today: kernel Asynchrony Processes Protection Kernel The software component that controls the hardware directly and implements the core privileged OS

934 views • 62 slides
D-Bus in the Kernel FOSDEM 2014, Brussels, Belgium January 2014 D-Bus in the Kernel Who? Greg

D-Bus in the Kernel FOSDEM 2014, Brussels, Belgium January 2014 D-Bus in the Kernel Who? Greg

D-Bus in the Kernel FOSDEM 2014, Brussels, Belgium January 2014 D-Bus in the Kernel Who? Greg Kroah-Hartman, Daniel Mack, Lennart Poettering, Kay Sievers with help from Tejun Heo D-Bus in the Kernel Most newer OS designs started around

1.27k views • 111 slides
Skoltech Skolkovo Institute of Science and Technology Kernel Methods Refresher Kernel trick:

Skoltech Skolkovo Institute of Science and Technology Kernel Methods Refresher Kernel trick:

Quadrature-based Features for Kernel Approximation Marina Munkhoeva , Yermek Kapushev, Evgeny Burnaev, Ivan Oseledets Skoltech Skolkovo Institute of Science and Technology Kernel Methods Refresher Kernel trick: compute

1.01k views • 17 slides
TOS Arno Puder 1 Demo Kernel /* tos/kernel/main.c */ #include &lt;kernel.h&gt; WINDOW

TOS Arno Puder 1 Demo Kernel /* tos/kernel/main.c */ #include &lt;kernel.h&gt; WINDOW

TOS Arno Puder 1 Demo Kernel /* tos/kernel/main.c */ #include &lt;kernel.h&gt; WINDOW window_top = {0, 0, 80, 12, 0, 0, ' '}; WINDOW window_bottom = {0, 12, 80, 13, 0, 0, ' '}; void kernel_main() { for (int x = 0; x &lt; 80 * 25 * 2; x++)

830 views • 7 slides
Introduction to Linux Kernel Modules Luca Abeni luca.abeni@santannapisa.it Linux Kernel Modules

Introduction to Linux Kernel Modules Luca Abeni luca.abeni@santannapisa.it Linux Kernel Modules

Introduction to Linux Kernel Modules Luca Abeni luca.abeni@santannapisa.it Linux Kernel Modules Kernel module: code that can be dynamically loaded/unloaded into the kernel at runtime Change the kernel code without needing to reboot

545 views • 13 slides
Fun with Lambdas @coreyhaines Zak 2 Squeaks 3 Pistachio 4 Questions? Please remember to

Fun with Lambdas @coreyhaines Zak 2 Squeaks 3 Pistachio 4 Questions? Please remember to

Fun with Lambdas @coreyhaines Zak 2 Squeaks 3 Pistachio 4 Questions? Please remember to evaluate via the GOTO Guide App

312 views • 5 slides
Architectures, Architectures, Microkernels, IPC, Microkernels, IPC, Capabilities Capabilities

Architectures, Architectures, Microkernels, IPC, Microkernels, IPC, Capabilities Capabilities

Architectures, Architectures, Microkernels, IPC, Microkernels, IPC, Capabilities Capabilities http://d3s.mff.cuni.cz/aosy http://d3s.mff.cuni.cz Jakub Jerm jakub.jermar@kernkonzept.com Agenda Agenda Kernel architectures Microkernels

664 views • 48 slides
Course Logistics Intelligence Winter 2019 Textbook: Introduction &amp; Agents Artificial

Course Logistics Intelligence Winter 2019 Textbook: Introduction &amp; Agents Artificial

1/11/2019 CSEP 573: Artificial Course Logistics Intelligence Winter 2019 Textbook: Introduction &amp; Agents Artificial Intelligence: A Modern Approach, Russell and Norvig (3 rd ed) Dan Weld Work: Programming Assignments Paper Reviews

464 views • 14 slides
Bringing Up Cielo: Experiences with a Cray XE6 System Or, Getting Started with Your New 140k

Bringing Up Cielo: Experiences with a Cray XE6 System Or, Getting Started with Your New 140k

Bringing Up Cielo: Experiences with a Cray XE6 System Or, Getting Started with Your New 140k Processor System Cory Lueninghoener Daryl Grunau Quellyn Snead Tim Harrington Los Alamos National Laboratory U N C L A S S I F I E D Slide 1

298 views • 9 slides
15-112 Fundamentals of Programming Week 2 - Lecture 4: Graphics. May 26, 2016 Pop Quiz Pop

15-112 Fundamentals of Programming Week 2 - Lecture 4: Graphics. May 26, 2016 Pop Quiz Pop

15-112 Fundamentals of Programming Week 2 - Lecture 4: Graphics. May 26, 2016 Pop Quiz Pop Quiz Fill in the blank: Lists are . awesome T/F: A variable stores the value of an object. T/F: To make a copy of the list a =

973 views • 53 slides
to Prove Cryptographic Protocols Franois Dupressoir (Open University) Andrew D. Gordon

to Prove Cryptographic Protocols Franois Dupressoir (Open University) Andrew D. Gordon

Guiding a General-Purpose C Verifier to Prove Cryptographic Protocols Franois Dupressoir (Open University) Andrew D. Gordon (Microsoft Research and University of Edinburgh) Jan Jrjens (TU Dortmund) David A. Naumann (Stevens Institute of

273 views • 25 slides
Verifying Authentication Properties of C Protocol Code Using VCC Franois Dupressoir (Open

Verifying Authentication Properties of C Protocol Code Using VCC Franois Dupressoir (Open

Verifying Authentication Properties of C Protocol Code Using VCC Franois Dupressoir (Open University) Andrew D. Gordon (MSR Cambridge) Jan Jrjens (TU Dortmund) Verifying Security Code Assume a security API specification.

397 views • 24 slides
How to Solve CCPA and GDPR's Toughest Compliance Mandates Automating Data Privacy and Security

How to Solve CCPA and GDPR's Toughest Compliance Mandates Automating Data Privacy and Security

WEBINAR How to Solve CCPA and GDPR's Toughest Compliance Mandates Automating Data Privacy and Security for API-based Services Welcome and Introductions Elias Terman Chandan Golla Shan Zhou VP of Global Marketing Head of Product Management

506 views • 34 slides

More recommend