A kernel in a library Genodes custom kernel approach Martin Stein - - PowerPoint PPT Presentation

a kernel in a library genode s custom kernel approach
SMART_READER_LITE
LIVE PREVIEW

A kernel in a library Genodes custom kernel approach Martin Stein - - PowerPoint PPT Presentation

Mar 15, 2023 345 likes •800 views

A kernel in a library Genodes custom kernel approach Martin Stein < martin.stein@genode-labs.com > Outline 1. Motivation 2. Overview 3. Scheduling 4. Capabilities 5. Communication A kernel in a library Genodes custom kernel

slide-1
SLIDE 1

A kernel in a library Genode’s custom kernel approach

Martin Stein <martin.stein@genode-labs.com>

slide-2
SLIDE 2

Outline

  • 1. Motivation
  • 2. Overview
  • 3. Scheduling
  • 4. Capabilities
  • 5. Communication

A kernel in a library Genode’s custom kernel approach 2

slide-3
SLIDE 3

Outline

  • 1. Motivation
  • 2. Overview
  • 3. Scheduling
  • 4. Capabilities
  • 5. Communication

A kernel in a library Genode’s custom kernel approach 3

slide-4
SLIDE 4

Genode on third-party Kernels

The impetus of diversity NOVA, Fiasco.OC, OKL4, L4ka::Pistachio, L4/Fiasco, Linux SeL4

A kernel in a library Genode’s custom kernel approach 4

slide-5
SLIDE 5

Genode on third-party Kernels

The impetus of diversity NOVA, Fiasco.OC, OKL4, L4ka::Pistachio, L4/Fiasco, Linux SeL4 Flexibility in development and application

A kernel in a library Genode’s custom kernel approach 4

slide-6
SLIDE 6

Genode on third-party Kernels

The impetus of diversity NOVA, Fiasco.OC, OKL4, L4ka::Pistachio, L4/Fiasco, Linux SeL4 Flexibility in development and application Versatility in testing

A kernel in a library Genode’s custom kernel approach 4

slide-7
SLIDE 7

Genode on third-party Kernels

Kernel perspective Aim for comprehensive security concept

A kernel in a library Genode’s custom kernel approach 5

slide-8
SLIDE 8

Genode on third-party Kernels

Kernel perspective Aim for comprehensive security concept Self-contained unit that mistrusts all users

A kernel in a library Genode’s custom kernel approach 5

slide-9
SLIDE 9

Genode on third-party Kernels

Kernel perspective Aim for comprehensive security concept Self-contained unit that mistrusts all users Perspective of Genode’s Core Bring Kernel concept in line with Genode API

A kernel in a library Genode’s custom kernel approach 5

slide-10
SLIDE 10

Genode on third-party Kernels

Kernel perspective Aim for comprehensive security concept Self-contained unit that mistrusts all users Perspective of Genode’s Core Bring Kernel concept in line with Genode API Must be trusted anyway

A kernel in a library Genode’s custom kernel approach 5

slide-11
SLIDE 11

Genode on third-party Kernels

Drawbacks Concepts get bend in shape (Signals)

A kernel in a library Genode’s custom kernel approach 6

slide-12
SLIDE 12

Genode on third-party Kernels

Drawbacks Concepts get bend in shape (Signals) Work is done redundantly (memory management)

A kernel in a library Genode’s custom kernel approach 6

slide-13
SLIDE 13

Genode on third-party Kernels

Drawbacks Concepts get bend in shape (Signals) Work is done redundantly (memory management) Deficiencies get worked around (Capability delegation)

A kernel in a library Genode’s custom kernel approach 6

slide-14
SLIDE 14

Creating a custom solution

Idea Kernel that trusts Core and is designed for Core’s needs

A kernel in a library Genode’s custom kernel approach 7

slide-15
SLIDE 15

Creating a custom solution

Idea Kernel that trusts Core and is designed for Core’s needs Minimalistic library that enables Core to run as root domain

A kernel in a library Genode’s custom kernel approach 7

slide-16
SLIDE 16

Creating a custom solution

Idea Kernel that trusts Core and is designed for Core’s needs Minimalistic library that enables Core to run as root domain Run most critical code in the simplest manner

A kernel in a library Genode’s custom kernel approach 7

slide-17
SLIDE 17

Outline

  • 1. Motivation
  • 2. Overview
  • 3. Scheduling
  • 4. Capabilities
  • 5. Communication

A kernel in a library Genode’s custom kernel approach 8

slide-18
SLIDE 18

Kernel tasks

Exception vectors

A kernel in a library Genode’s custom kernel approach 9

slide-19
SLIDE 19

Kernel tasks

Exception vectors Scheduling

A kernel in a library Genode’s custom kernel approach 9

slide-20
SLIDE 20

Kernel tasks

Exception vectors Scheduling Controls interrupts

A kernel in a library Genode’s custom kernel approach 9

slide-21
SLIDE 21

Kernel tasks

Exception vectors Scheduling Controls interrupts Communication: IPC and Signals

A kernel in a library Genode’s custom kernel approach 9

slide-22
SLIDE 22

Kernel tasks

Exception vectors Scheduling Controls interrupts Communication: IPC and Signals Capabilities

A kernel in a library Genode’s custom kernel approach 9

slide-23
SLIDE 23

Kernel tasks

Exception vectors Scheduling Controls interrupts Communication: IPC and Signals Capabilities Cache and TLB maintenance

A kernel in a library Genode’s custom kernel approach 9

slide-24
SLIDE 24

Kernel tasks

Exception vectors Scheduling Controls interrupts Communication: IPC and Signals Capabilities Cache and TLB maintenance Virtualization

A kernel in a library Genode’s custom kernel approach 9

slide-25
SLIDE 25

Kernel interface

Threads, VMs PDs, Capabilities Communication, IRQs thread new/del

  • bj new/del

signal receiver new/del thread start pd new/del signal context new/del thread pause pd update irq new/del thread resume irq ack Core-only thread route event thread quota vm new/del vm run vm pause thread pause current update data region signal context kill thread resume local update instr region signal submit thread yield cap ack signal await Common cap delete signal ack msg send request msg send reply msg await request

A kernel in a library Genode’s custom kernel approach 10

slide-26
SLIDE 26

Qualities

All dynamic memory gets accounted → No exhaustion

A kernel in a library Genode’s custom kernel approach 11

slide-27
SLIDE 27

Qualities

All dynamic memory gets accounted → No exhaustion Modeled as state machine → Low complexity → Fast kernel passes

A kernel in a library Genode’s custom kernel approach 11

slide-28
SLIDE 28

Trusted Computing Base

A kernel in a library Genode’s custom kernel approach 12

slide-29
SLIDE 29

Trusted Computing Base

A kernel in a library Genode’s custom kernel approach 13

slide-30
SLIDE 30

Hardware support

ARMv7

◮ Panda Board, i.MX53 QSB, USB Armory, Wand Board,

Arndale, Odroid XU, Zynq, PBXA9

◮ SMP, Virtualization, Trustzone, ... A kernel in a library Genode’s custom kernel approach 14

slide-31
SLIDE 31

Hardware support

ARMv7

◮ Panda Board, i.MX53 QSB, USB Armory, Wand Board,

Arndale, Odroid XU, Zynq, PBXA9

◮ SMP, Virtualization, Trustzone, ...

x86 64 Bit, Raspberry Pi (ARMv6), RISC-V, Muen Separation Kernel

A kernel in a library Genode’s custom kernel approach 14

slide-32
SLIDE 32

Outline

  • 1. Motivation
  • 2. Overview
  • 3. Scheduling
  • 4. Capabilities
  • 5. Communication

A kernel in a library Genode’s custom kernel approach 15

slide-33
SLIDE 33

Scheduling

Absolute priorities

A kernel in a library Genode’s custom kernel approach 16

slide-34
SLIDE 34

Scheduling

Quota-bound priorities

A kernel in a library Genode’s custom kernel approach 17

slide-35
SLIDE 35

Scheduling

Quota-bound priorities

A kernel in a library Genode’s custom kernel approach 18

slide-36
SLIDE 36

Scheduling

Donation of CPU resources from parents to their children

A kernel in a library Genode’s custom kernel approach 19

slide-37
SLIDE 37

Outline

  • 1. Motivation
  • 2. Overview
  • 3. Scheduling
  • 4. Capabilities
  • 5. Communication

A kernel in a library Genode’s custom kernel approach 20

slide-38
SLIDE 38

Capabilities

Automatic creation or translation on IPC delegation

A kernel in a library Genode’s custom kernel approach 21

slide-39
SLIDE 39

Capabilities

Automatic creation or translation on IPC delegation No name diversity in a PD

A kernel in a library Genode’s custom kernel approach 21

slide-40
SLIDE 40

Capabilities

Automatic creation or translation on IPC delegation No name diversity in a PD Costs get accounted via PD session quota

A kernel in a library Genode’s custom kernel approach 21

slide-41
SLIDE 41

Capabilities

Collaborative lifetime management for Capabilities

A kernel in a library Genode’s custom kernel approach 22

slide-42
SLIDE 42

Outline

  • 1. Motivation
  • 2. Overview
  • 3. Scheduling
  • 4. Capabilities
  • 5. Communication

A kernel in a library Genode’s custom kernel approach 23

slide-43
SLIDE 43

Communication

IPC implicitely delegates CPU resources

A kernel in a library Genode’s custom kernel approach 24

slide-44
SLIDE 44

Communication

Collaborative lifetime management for Signals

A kernel in a library Genode’s custom kernel approach 25

slide-45
SLIDE 45

Thank you!

Genode OS Framework http://genode.org Genode Labs GmbH http://genode-labs.com Source code at GitHub http://github.com/genodelabs/genode

A kernel in a library Genode’s custom kernel approach 26