leaving legacy behind
play

Leaving legacy behind Reducing carbon footprint of network services - PowerPoint PPT Presentation

May 20, 2023 •316 likes •689 views

Leaving legacy behind Reducing carbon footprint of network services with MirageOS unikernels Hannes Mehnert, https://hannes.nqsb.io 36c3, 27th December 2019, Leipzig 1 / 37 Stack Application Binary Con fi guration Files Programming language

  1. Leaving legacy behind Reducing carbon footprint of network services with MirageOS unikernels Hannes Mehnert, https://hannes.nqsb.io 36c3, 27th December 2019, Leipzig 1 / 37

  2. Stack Application Binary Con fi guration Files Programming language runtime • Unix applications depend on System libraries (libc) Crypto (libssl) libraries and configuration files. • Kernel isolates processes from System calls, Sockets API each other using virtual memory. File system Scheduler Network • Compromise is contained to a User Process Hardware single process. Management Management Drivers • Privilege escalation by flaws in the Hardware (CPU, disk, NIC, memory) system call API (568 in sys/syscall.h ). 2 / 37

  3. Hypervisor stack Application Binary Con fi guration Files Programming language runtime • The hypervisor manages the Crypto (libssl) System libraries (libc) resources, and splits them across virtual machines. Hardware is System calls, Sockets API emulated. File system Scheduler Network • Scheduling is done by the User Process Hardware hypervisor (VMs) and by each Management Management Drivers virtual machines (processes). Emulated Hardware and assigned resources • The hypervisor isolates virtual Hypervisor vmm.ko machines from each other. - Resource management - Scheduling of VMs Kernel Hardware (CPU, disk, NIC, memory) 3 / 37

  4. . 4 / 37

  5. . Memory corruption issues are the root-cause of 68% of listed CVEs. Ben Hawkes analysed 108 CVE since start of Google’s Project Zero in 2014, 0day "In the Wild" https://googleprojectzero.blogspot.com/p/0day.html (published 2019-05-15) 5 / 37

  6. Goals • Reducing attack vectors (memory safety), • Reducing attack surface, • Reducing run-time complexity, • Reducing the carbon footprint. 6 / 37

  7. MirageOS unikernel - library operating system • Each service (i.e. DNS resolver, web server) is a separate MirageOS unikernel • Functional programming language OCaml with automated memory management • Only the libraries needed are compiled into the binary • Libraries are developed independently and reused across unikernels • Cooperative tasks, no interrupts • Single address space, single core, single process • No user management, no process management, no file system, no virtual memory • Executed as virtual machine 7 / 37

  8. MirageOS Hypervisor integration App App VM VM MirageOS Virtio Virtio hypercall • Custom solo5-hvt monitor process in the host system KVM/qemu KVM/qemu solo5-hvt • Sets up memory, loads unikernel image, System calls, Sockets API sets up VCPU File system Scheduler Network • Boot: jmp 0x100000 User Process Hardware • Hypercalls: main, yield, argv, clock, Management Management Drivers console, block device, network interface Hypervisor vmm.ko - Resource management - Scheduling of VMs Hardware (CPU, disk, NIC, memory) 8 / 37

  9. MirageOS unikernel in detail Application code TLS TCP/IP RNG lwt X.509 crypto C code in a MirageOS unikernel net-solo5 ASN.1 • OCaml runtime: ~25 kloc OCaml runtime libgmp • nolibc : malloc , strcmp , . . . : ~8 kloc nolibc solo5-bindings libm Hypercalls • solo5-bindings : ~2 kloc tender: solo5-hvt • libm : openlibm ~22 kloc 9 / 37

  10. Solo5 - sandboxed execution environment for unikernels • Resources (memory, network interface, block devices) are allocated statically • Minimalist hypercall interface (14 functions) • Bindings for various targets (KVM, Genode, Virtio, seccomp) • Sandboxed host system tender where applicable • https://github.com/solo5/solo5 10 / 37

  11. Solo5 - compared to virtual machine and container 11 / 37

  12. Solo5 - hardware virtualised tender and sandboxed process tender 12 / 37

  13. Solo5 - separation kernel Muen • Muen is a tiny separation kernel developed in Ada • Using SPARK to guarantee memory isolation • Static resource management (communication channels, memory, devices) 13 / 37

  14. . Perfection is achieved, not when there is nothing more to add, but when there is nothing left to take away. Antoine de Saint-Exupery (1900 - 1944) 14 / 37

  15. Programming language OCaml • Multi-paradigm programming language initially released in 1996 • Declarative code is the goal • Focus on the problem, do not distract with boilerplate • Abstractions (variables, functions, higher order functions) • Expressive static type system spots violations at build time • Type inference allows concise code • Types are erased during compilation • Compiles to native machine code 15 / 37

  16. OCaml module system • Each value is defined in a module (e.g. filename or explicit module ) • Each module has an interface, its signature • Functors are compile-time functions from module to module, and allow parametrization, i.e. Map.Make(String) • In MirageOS, each resource (network interface) has a signature, and target-specific (virtio, xen, spt) implementations 16 / 37

  17. MirageOS OCaml style • Using immutable data whenever sensible • Value passing style: state and data in, state and reply out • Errors are explicitly declared in the API, and have to be handled by the caller • Concurrent programming with promises • Ability to express strong invariants (read-only buffer) in the type system 17 / 37

  18. Case study Bitcoin Piñata 18 / 37

  19. Case study Bitcoin Piñata • Marketing of our from-scratch TLS implementation • Transparent and self-serving security bait • Web server which contains a private key for a Bitcoin wallet • If a peer authenticates (using TLS and client certificates), it sends the private key • Online since February 2015 with 10 BTC until March 2018 • The Piñata was not hacked, the BTC were only borrowed and reused in other projects • See http://ownme.ipredator.se 19 / 37

  20. Size of Bitcoin Piñata unikernel vs openssl on Linux 20 / 37

  21. Performance analysis of nqsb-TLS (2015, on a laptop) • Throughput • Handshakes (number per second) nqsb OpenSSL Polar RSA 698 723 672 DHE-RSA 601 515 367 21 / 37

  22. Case study CalDAV server • Developed in 2018 with a grant from Prototypefund • Interoperable with widely used clients (Android, Linux, macOS) • Stores data in a remote git repository • Image size ~10MB (HTTP server, WebDAV, CalDAV, ics, git, IP stack) • CalDavZAP integration, a calendar in JavaScript • Demo server at https://calendar.robur.coop (data repository https://git.robur.io/?p=calendar-data.git ) • Source https://github.com/roburio/caldav 22 / 37

  23. Resource consumption 23 / 37

  24. CPU consumption 24 / 37

  25. Case study authoritative DNS server • Domain Name System, used for translating hostnames into Internet addresses • Authoritative server replies to DNS requests • Data (zone) is kept in memory, no block device • Storage in a git remote in zone file format • Configuration (ip address, git remote, syslog, ..) via boot arguments 25 / 37

  26. Case study authoritative DNS server • Domain Name System, used for translating hostnames into Internet addresses • Authoritative server replies to DNS requests • Data (zone) is kept in memory, no block device • Storage in a git remote in zone file format • Configuration (ip address, git remote, syslog, ..) via boot arguments • Modification via git commit and push, sending a notify (RFC 1996) to server • Or DNS update (RFC 2136), authenticated with DNS-TSIG (RFC 2845) • Successful nsupdate will git push by the server to the repository • Other servers are notified on update, and start zone transfer (AXFR RFC 5936, incremental IXFR RFC 1995) 26 / 37

  27. Case study authoritative DNS server • Domain Name System, used for translating hostnames into Internet addresses • Authoritative server replies to DNS requests • Data (zone) is kept in memory, no block device • Storage in a git remote in zone file format • Configuration (ip address, git remote, syslog, ..) via boot arguments • Modification via git commit and push, sending a notify (RFC 1996) to server • Or DNS update (RFC 2136), authenticated with DNS-TSIG (RFC 2845) • Successful nsupdate will git push by the server to the repository • Other servers are notified on update, and start zone transfer (AXFR RFC 5936, incremental IXFR RFC 1995) • Image size ~9MB (IP stack, DNS, git, ssh) • Let’s encrypt integration, signing requests and certificates stored in DNS • https://hannes.nqsb.io/Posts/DnsServer 27 / 37

  28. Case study QubesOS firewall • QubesOS is a "reasonable secure operating system" • Uses Xen for isolation of workspaces and applications (i.e. pdf reader) • Qubes-Mirage-firewall is a small replacement for the Linux-based firewall in OCaml • Instead of 300MB, only consumes 32MB resident memory • Support for dynamic rules for Qubes 4.0 is under review • https://github.com/mirage/qubes-mirage-firewall 28 / 37

  29. MirageOS libraries • https://github.com/mirage • https://github.com/roburio 29 / 37

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

6/18/2018 Legacy Something handed down from one generation to the next! Are you leaving a

6/18/2018 Legacy Something handed down from one generation to the next! Are you leaving a

6/18/2018 Legacy Something handed down from one generation to the next! Are you leaving a GODLY legacy to the children in your family? Pass The Torch! (not the buck) Godly legacy-leavers do their homework, not relying on the church to

140 views • 3 slides
Bridging the Gap in Global Diversity: Inclusion and Integration Leaving a Legacy Presented

Bridging the Gap in Global Diversity: Inclusion and Integration Leaving a Legacy Presented

Bridging the Gap in Global Diversity: Inclusion and Integration Leaving a Legacy Presented by: Neal Goodman, Ph.D. President GDI Global Dynamics Inc. 3201 NE 183 rd St. Suite 2008 Aventura, FL 33160 USA ngoodman@global-dynamics.com

539 views • 12 slides
Working and Embracing Your Legacy Pipeline Ligia Pea, M.Sc., CFRE Global Legacy Manager

Working and Embracing Your Legacy Pipeline Ligia Pea, M.Sc., CFRE Global Legacy Manager

2/6/2018 Working and Embracing Your Legacy Pipeline Ligia Pea, M.Sc., CFRE Global Legacy Manager Greenpeace International lpena@greenpeace.org @ligiafpena 1 2/6/2018 A Few Facts Number of people leaving gifts is going up (UK) from

311 views • 15 slides
MARK 10:1-31 SPIRITUAL LEGACY SPIRITUAL LEGACY Legacy in Marriage v. 1-12 Legacy in

MARK 10:1-31 SPIRITUAL LEGACY SPIRITUAL LEGACY Legacy in Marriage v. 1-12 Legacy in

MARK 10:1-31 SPIRITUAL LEGACY SPIRITUAL LEGACY Legacy in Marriage v. 1-12 Legacy in Children v. 13-16 Legacy in Eternity v. 17-31 LEGACY IN MARRIAGE 2 Schools of thought 1. Rabbi Sammai- Strict interpretation. Divorce only

775 views • 9 slides
Legacy Yen Tu Live the legacy Deeply rooted in Vietnams history, the Tran dynastys legacy

Legacy Yen Tu Live the legacy Deeply rooted in Vietnams history, the Tran dynastys legacy

Legacy Yen Tu Live the legacy Deeply rooted in Vietnams history, the Tran dynastys legacy and the spirit of Truc Lam Yen Zen Buddhism, the Legacy Yen Tu is an inspiring journey into the past. It offers travelers a stay filled with storied

688 views • 32 slides
L E G A C Y R E S I D E N T S A S S O C I A T I O N A N N U A L M E E T I N G 1 WELCOME The

L E G A C Y R E S I D E N T S A S S O C I A T I O N A N N U A L M E E T I N G 1 WELCOME The

L E G A C Y R E S I D E N T S A S S O C I A T I O N A N N U A L M E E T I N G 1 WELCOME The Legacy Residents Association was created for the homeowners of Legacy, with the intent of augmenting the lifestyle in Legacy. The goal is to create

1.18k views • 56 slides
L E G A C Y R E S I D E N T S A S S O C I A T I O N A N N U A L G E N E R A L M E E T I N G

L E G A C Y R E S I D E N T S A S S O C I A T I O N A N N U A L G E N E R A L M E E T I N G

L E G A C Y R E S I D E N T S A S S O C I A T I O N A N N U A L G E N E R A L M E E T I N G WELCOME The Legacy Residents Association was created for the homeowners of Legacy, with the intent of augmenting the lifestyle in Legacy. The goal

412 views • 40 slides
LEAVE A LEGACY Qubec And your legacy! What will it be? Action Plan 2010 LEAVE A LEGACY TM

LEAVE A LEGACY Qubec And your legacy! What will it be? Action Plan 2010 LEAVE A LEGACY TM

LEAVE A LEGACY Qubec And your legacy! What will it be? Action Plan 2010 LEAVE A LEGACY TM Qubec , is comprised of 163 charitable organizations that support its mission which is to encourage the population of Quebec to make a planned

312 views • 18 slides
Lasting Legacy Here are the songs we sang this Sunday. This shows the song name, the artist who

Lasting Legacy Here are the songs we sang this Sunday. This shows the song name, the artist who

Leaving a Lasting Legacy Here are the songs we sang this Sunday. This shows the song name, the artist who performed the song, and the cd that contains the song. Love the Lord Lincoln Brewster Let the Praises Ring: the Best of Lincoln

1k views • 43 slides
Migrating Legacy.com Migrating a top 50 most visited site in the U.S. onto Drupal - Legacy.com

Migrating Legacy.com Migrating a top 50 most visited site in the U.S. onto Drupal - Legacy.com

Migrating Legacy.com Migrating a top 50 most visited site in the U.S. onto Drupal - Legacy.com Case Study Migrating Legacy.com Jordan Ryan Product Owner Ankur Gupta Lead Developer Bassam Ismail Front-end Lakshmi Narasimhan RESTful

458 views • 45 slides
LEGACY/PACIFICSOURCE JOINT VENTURE George Brown, M.D. President and CEO, Legacy Health Systems

LEGACY/PACIFICSOURCE JOINT VENTURE George Brown, M.D. President and CEO, Legacy Health Systems

LEGACY/PACIFICSOURCE JOINT VENTURE George Brown, M.D. President and CEO, Legacy Health Systems I. Legacy Outline I. Legacy a) Mission and History b) People, Services, and Locations c) Financial Strength II. Partnership a)

603 views • 26 slides
TRANSITION 2019-2020 YEAR WHY DO TRANSITION YEAR? IMPORTANCE OF 5TH YEAR LEAVING

TRANSITION 2019-2020 YEAR WHY DO TRANSITION YEAR? IMPORTANCE OF 5TH YEAR LEAVING

TRANSITION 2019-2020 YEAR WHY DO TRANSITION YEAR? IMPORTANCE OF 5TH YEAR LEAVING CERTIFICATE CHOICES/LIFE CHOICES IMPROVED LEAVING CERTIFICATE MATURITY/CONFIDENCE GREATER EMOTIONAL READINESS FOR THE LEAVING CERT AND FOR

492 views • 15 slides
YOUR LEGACY ROTARYS PROMISE How will your legacy change the world? He believed he would

YOUR LEGACY ROTARYS PROMISE How will your legacy change the world? He believed he would

YOUR LEGACY ROTARYS PROMISE How will your legacy change the world? He believed he would get better, but As People of Action, we come the medical clinic didnt have the together to secure a future where resources to help him Rotary

549 views • 7 slides
5/24/2018 Legacy Health Legacy is a 7-hospital health system with locations throughout

5/24/2018 Legacy Health Legacy is a 7-hospital health system with locations throughout

5/24/2018 Legacy Health Legacy is a 7-hospital health system with locations throughout Portland-Vancouver metro area to the Mid-Willamette Valley Two tertiary, teaching medical centers Emanuel Level 1 Trauma Center Good

173 views • 3 slides
SUBJECT CHOICE LEAVING CERTIFICATE 2022 TUESDAY 25 TH FEBRUARY 2020 To complete choices on VSWare

SUBJECT CHOICE LEAVING CERTIFICATE 2022 TUESDAY 25 TH FEBRUARY 2020 To complete choices on VSWare

SUBJECT CHOICE LEAVING CERTIFICATE 2022 TUESDAY 25 TH FEBRUARY 2020 To complete choices on VSWare Subject choice demo video Options after the Leaving Certificate Work Year Out Apprenticeships Further Education (Post Leaving

1.1k views • 39 slides
Material legacy an amount of money or property left to someone in a will Non-material legacy a

Material legacy an amount of money or property left to someone in a will Non-material legacy a

Material legacy an amount of money or property left to someone in a will Non-material legacy a thing handed down by a predecessor Mark Meckler, Citizens for Self- Governance President Dr. Tom Coburn, former Oklahoma Senator Today if

915 views • 35 slides
Telematics 2 & Performance Evaluation Chapter 7 Complex Queuing System (Acknowledgement:

Telematics 2 & Performance Evaluation Chapter 7 Complex Queuing System (Acknowledgement:

Telematics 2 & Performance Evaluation Chapter 7 Complex Queuing System (Acknowledgement: These slides have been prepared by Prof. Dr. Holger Karl) Telematics 2 / Performance Evaluation (WS 17/18): 07 Complex Queuing System 1 Goal of

823 views • 26 slides
web security (part 2) 1 Changelog Corrections made in this version not in fjrst posting: 25

web security (part 2) 1 Changelog Corrections made in this version not in fjrst posting: 25

web security (part 2) 1 Changelog Corrections made in this version not in fjrst posting: 25 April 2017: removed text about reading contents without sending cokoies from operations not requiring same origin slide. (This can be done with

998 views • 77 slides
: ODF on the web FOSDEM 2014 Jos van den Oever Overview What is it? Demo Viewer.js

: ODF on the web FOSDEM 2014 Jos van den Oever Overview What is it? Demo Viewer.js

: ODF on the web FOSDEM 2014 Jos van den Oever Overview What is it? Demo Viewer.js ODF editor Collaborative ODF editor How does it work? ODF in the browser Collaborative editing How to use it? : ODF on the web

576 views • 15 slides
Charlie Garrod Bogdan Vasilescu School of Computer Science 17-214 1 So3ware is everywhere 17-214

Charlie Garrod Bogdan Vasilescu School of Computer Science 17-214 1 So3ware is everywhere 17-214

Principles of So3ware Construc9on: Objects, Design, and Concurrency Part 1: Introduc9on Course overview and introduc9on to so3ware design Charlie Garrod Bogdan Vasilescu School of Computer Science 17-214 1 So3ware is everywhere 17-214 2

1.31k views • 95 slides
Smart Software License Manager Gabrile Saucier Design and Reuse IP SoC Santa Clara 2018

Smart Software License Manager Gabrile Saucier Design and Reuse IP SoC Santa Clara 2018

Smart Software License Manager Gabrile Saucier Design and Reuse IP SoC Santa Clara 2018 Why Most enterprises are not aware of their sofware requirements They may spend money on softaae licenses that aae no longea in use

704 views • 21 slides
HTML Basics CS 115 Computing for the Socio-Techno Web Instructor: Brian Brubach HTML

HTML Basics CS 115 Computing for the Socio-Techno Web Instructor: Brian Brubach HTML

HTML Basics CS 115 Computing for the Socio-Techno Web Instructor: Brian Brubach HTML Hypertext Markup Language (HTML) Hypertext Electronic text with hyperlink references Markup Like a print editor marking a page with format

389 views • 17 slides
FIFA Ultimate Team at REST Dr. Harold Chaput, Technical Director, EA Canada Friday, October 8,

FIFA Ultimate Team at REST Dr. Harold Chaput, Technical Director, EA Canada Friday, October 8,

FIFA Ultimate Team at REST Dr. Harold Chaput, Technical Director, EA Canada Friday, October 8, 2010 1 Acknowledgements Server Dev Team W eb Dev Team Andrew Tjew Neale Genereux Chris Brown Andrey Soubbotin Mohammed Raihan Mark Obsniuk

696 views • 50 slides
Multiprocessor Support for Event-Driven Programs Nickolai Zeldovich, Alexander Yip, Frank Dabek,

Multiprocessor Support for Event-Driven Programs Nickolai Zeldovich, Alexander Yip, Frank Dabek,

Multiprocessor Support for Event-Driven Programs Nickolai Zeldovich, Alexander Yip, Frank Dabek, Robert T Morris, David Mazires, Frans Kaashoek MIT Laboratory for Computer Science Usenix Technical, June 2003 Introduction Many internet

442 views • 30 slides

More recommend