m 3 taking microkernels to the next level
play

M 3 : Taking Microkernels to the Next Level Nils Asmussen FOSDEM, - PowerPoint PPT Presentation

Aug 15, 2023 •123 likes •714 views

barkhauseninstitut.org M 3 : Taking Microkernels to the Next Level Nils Asmussen FOSDEM, 02/02/2020, Brussels About Me Nils Asmussen PhD last year at the OS chair of the TU Dresden Low-level system programming and microkernels Worked on

  1. barkhauseninstitut.org M 3 : Taking Microkernels to the Next Level Nils Asmussen FOSDEM, 02/02/2020, Brussels

  2. About Me Nils Asmussen PhD last year at the OS chair of the TU Dresden Low-level system programming and microkernels Worked on several microkernel-based OSes in the past Escape, own hobby OS (presented here in 2013): https://github.com/Nils-TUD/Escape NRE, userland for NOVA: https://github.com/TUD-OS/NRE M 3 , presented today: https://github.com/TUD-OS/M3 Since 2019 at the Barkhausen Institut 2 / 23

  3. Barkhausen Institut Research institute in Dresden, founded end of 2017 Currently about 30 people Low-latency and secure IoT systems Focus on research and demonstrators 2 / 23

  4. Barkhausen Institut Research institute in Dresden, founded end of 2017 Currently about 30 people Low-latency and secure IoT systems Focus on research and demonstrators RF Design Privacy Wireless MPSoC OS Lab 1 / 23

  5. Motivation Microkernel-based systems have proven valuable for several objectives Security Robustness Real time Flexibility Recently, new challenges are coming from the hardware side Heterogeneous systems Third-party components Security issues of complex general-purpose cores 2 / 23

  6. Heterogeneous Systems Demanded by performance and energy requirements Big challenge for OSes: single shared kernel on all cores does no longer work OSes need to be prepared for processing elements with different feature sets 3 / 23

  7. Third-party Components Market pressure forces us to integrate third-party components We should not trust these components Currently, ofen no isolation between them Bug in such a component can compromise whole system (see Broadcom incident) 4 / 23

  8. Security Issues of Complex General-purpose Cores 20 known atacks (and counting ...) Allow to leak private data, sometimes bypassing all security measures of the core Mitigations exist, but these are complex and costly These security holes have been lurking in CPUs for many years Should we still trust these complex cores to properly enforce the isolation between different sofware components? 5 / 23

  9. Microkernel-based System as Foundation Application Application Service Service Microkernel Core Core Core 6 / 23

  10. Microkernel-based System as Foundation Application Application Service Service Management Microkernel Core Core Core 6 / 23

  11. Microkernel-based System as Foundation Application Application Service Service Management Microkernel Enforcement Core Core Core 6 / 23

  12. Microkernel-based System as Foundation Application Application Service Service Management Microkernel Enforcement Core Core Core FPGA TPU GPU 6 / 23

  13. Outline 1 The New System Architecture M 3 : The Operating System 2 3 What are the Benefits? 7 / 23

  14. Outline 1 The New System Architecture M 3 : The Operating System 2 3 What are the Benefits? 8 / 23

  15. Hardware/Operating System Co-Design 9 / 23

  16. Hardware/Operating System Co-Design Core GPU TPU Core Core FPGA 9 / 23

  17. Hardware/Operating System Co-Design Core GPU TPU Core Core FPGA 9 / 23

  18. Hardware/Operating System Co-Design Core GPU TPU Key ideas: TCU as new hardware TCU TCU TCU component Core Core FPGA TCU TCU TCU 9 / 23

  19. Hardware/Operating System Co-Design Core GPU TPU Key ideas: TCU as new hardware TCU TCU TCU component Core Core FPGA TCU TCU TCU 9 / 23

  20. Hardware/Operating System Co-Design App App Kernel Core GPU TPU Key ideas: TCU as new hardware TCU TCU TCU component Kernel on dedicated PE App Core Serv Core FPGA Serv TCU TCU TCU 9 / 23

  21. Hardware/Operating System Co-Design Manage App App Kernel Core GPU TPU Key ideas: TCU as new hardware TCU TCU TCU Enforce Enforce Enforce component Kernel on dedicated PE Kernel manages, App Core Serv Core FPGA Serv TCU enforces Enforce TCU Enforce TCU Enforce TCU 9 / 23

  22. Hardware/Operating System Co-Design Takes µ -kernels to the next level: App App Kernel Core GPU TPU TCU as secure foundation TCU TCU TCU App Core Serv Core FPGA Serv TCU TCU TCU 9 / 23

  23. Hardware/Operating System Co-Design Takes µ -kernels to the next level: App App Kernel Core GPU TPU TCU as secure foundation Heterogeneity: TCU TCU TCU Uniform interface App Core Serv Core FPGA Serv TCU TCU TCU 9 / 23

  24. Hardware/Operating System Co-Design Takes µ -kernels to the next level: App App Kernel Core GPU TPU TCU as secure foundation Heterogeneity: TCU TCU TCU Uniform interface Untrusted HW comp.: Protected by TCU App Core Serv Core FPGA Serv TCU TCU TCU 9 / 23

  25. Hardware/Operating System Co-Design Takes µ -kernels to the next level: App App Kernel Core GPU TPU TCU as secure foundation Heterogeneity: TCU TCU TCU Uniform interface Untrusted HW comp.: Protected by TCU App Core Serv Core FPGA Serv Side channels: Physical isolation TCU TCU TCU 9 / 23

  26. Communication TCU provides endpoints to: App App Kernel Core GPU TPU Access memory (contiguous range, byte granular) TCU TCU TCU M App Core Serv Core DRAM TCU TCU 10 / 23

  27. Communication TCU provides endpoints to: App App Kernel Core GPU TPU Access memory (contiguous range, byte granular) TCU TCU TCU M S S Receive messages into a receive buffer Send messages to a App Core Serv Core receiving endpoint DRAM TCU TCU R R 10 / 23

  28. Communication TCU provides endpoints to: App App Kernel Core GPU TPU Access memory (contiguous range, byte granular) TCU TCU TCU M S S Receive messages into a receive buffer Send messages to a App Core Serv Core receiving endpoint DRAM Replies for RPC TCU TCU R R 10 / 23

  29. Isolation Kernel tile User tile User tile TCU-based isolation: App App Kernel Core GPU TPU Additional protection layer TCU TCU TCU User tile User tile App Core Serv Core DRAM TCU TCU 11 / 23

  30. Isolation Kernel tile User tile User tile TCU-based isolation: App App Kernel Core GPU TPU Additional protection layer TCU TCU TCU User tile User tile App Core Serv Core DRAM TCU TCU 11 / 23

  31. Isolation Kernel tile User tile User tile TCU-based isolation: App App Kernel Core GPU TPU Additional protection layer TCU TCU TCU M S S Only kernel tile can establish communication User tile User tile channels App Core Serv Core DRAM TCU TCU R R 11 / 23

  32. Isolation Kernel tile User tile User tile TCU-based isolation: App App Kernel Core GPU TPU Additional protection layer TCU TCU TCU M S S Only kernel tile can establish communication User tile User tile channels User tiles can only use App Core Serv Core DRAM established channels TCU TCU R R 11 / 23

  33. Outline 1 The New System Architecture M 3 : The Operating System 2 3 What are the Benefits? 12 / 23

  34. OS Design M 3 : M icrokernel-based syste m for het. m anycores M 3 FS Kernel (or L4 ± 1) Implemented from scratch in Rust and C++ Drivers, filesystems, etc. implemented on user tiles pipes App Kernel manages permissions, using capabilities TCU enforces permissions (communication, memory access) App App Kernel is independent of other tiles 13 / 23

  35. M 3 System Call User tile Kernel tile App PE Kernel PE TCU TCU R 14 / 23

  36. M 3 System Call User tile Kernel tile App PE Kernel PE TCU TCU S R 14 / 23

  37. M 3 System Call User tile Kernel tile App PE Kernel PE TCU TCU S R 14 / 23

  38. M 3 System Call User tile Kernel tile App PE Kernel PE TCU TCU S R 14 / 23

  39. M 3 System Call User tile Kernel tile App PE Kernel PE TCU TCU S R 14 / 23

  40. OS Service Access Client Server TCU TCU DRAM 15 / 23

  41. OS Service Access File Protocol: Used for: files, pipes, ... Client Server TCU TCU DRAM 15 / 23

  42. OS Service Access File Protocol: Used for: files, pipes, ... Client Server Data in memory TCU TCU DRAM 15 / 23

  43. OS Service Access File Protocol: Used for: files, pipes, ... Client Server req(in/out) Data in memory Msg channel between client and server TCU S R TCU req(in) for next input piece resp(pos,len) req(out) for next output piece DRAM 15 / 23

  44. OS Service Access File Protocol: Used for: files, pipes, ... Client Server req(in/out) Data in memory Msg channel between client and server TCU S R TCU M req(in) for next input piece resp(pos,len) req(out) for next output piece Server configures client’s memory EP DRAM 15 / 23

  45. OS Service Access File Protocol: Used for: files, pipes, ... Client Server req(in/out) Data in memory Msg channel between client and server TCU S R TCU M req(in) for next input piece resp(pos,len) req(out) for next output piece Server configures client’s memory EP DRAM Client accesses data via TCU 15 / 23

  46. Outline 1 The New System Architecture M 3 : The Operating System 2 3 What are the Benefits? 16 / 23

  47. Example System Kernel Core Core Core Core Core 5G TCU TCU TCU TCU TCU TCU 17 / 23

  48. Example System Monitor FS Net Kernel Control Core Core Core Core Core 5G TCU TCU TCU TCU TCU TCU 17 / 23

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

MICROKERNELS KISHAN VARMA VAISHALI CHANANA AGENDA MONOLITHIC KERNELS VS MICROKERNELS

MICROKERNELS KISHAN VARMA VAISHALI CHANANA AGENDA MONOLITHIC KERNELS VS MICROKERNELS

MICROKERNELS KISHAN VARMA VAISHALI CHANANA AGENDA MONOLITHIC KERNELS VS MICROKERNELS FIRST GENERATION MICROKERNELS SECOND GENERATION MICROKERNELS EXOKERNEL AEGIS AN EXOKERNEL ExOS Smaller Kernel : Easily MONOLITHIC

276 views • 12 slides
Architectures, Architectures, Microkernels, IPC, Microkernels, IPC, Capabilities Capabilities

Architectures, Architectures, Microkernels, IPC, Microkernels, IPC, Capabilities Capabilities

Architectures, Architectures, Microkernels, IPC, Microkernels, IPC, Capabilities Capabilities http://d3s.mff.cuni.cz/aosy http://d3s.mff.cuni.cz Jakub Jerm jakub.jermar@kernkonzept.com Agenda Agenda Kernel architectures Microkernels

664 views • 48 slides
Microkernels John Criswell University of Rochester 1 Onwards to user-space! 2 Microkernels 3

Microkernels John Criswell University of Rochester 1 Onwards to user-space! 2 Microkernels 3

CSC 256/456: Operating Systems Microkernels John Criswell University of Rochester 1 Onwards to user-space! 2 Microkernels 3 Monolithic Kernel (aka Everything and the Kitchen Sink) Application Application Libraries Commands

225 views • 22 slides
Financial Aid 101 Taking your Education to the Next Level! 2 Welcome We will be taking

Financial Aid 101 Taking your Education to the Next Level! 2 Welcome We will be taking

Financial Aid 101 Taking your Education to the Next Level! 2 Welcome We will be taking questions using the Q&A feature at the end of our presentation. Click the ? symbol to see the feature box on the right of your screen.

952 views • 49 slides
What Could Microkernels What Could Microkernels Learn from Monolithic Learn from Monolithic

What Could Microkernels What Could Microkernels Learn from Monolithic Learn from Monolithic

What Could Microkernels What Could Microkernels Learn from Monolithic Learn from Monolithic Kernels (and Vice Versa) Kernels (and Vice Versa) http://d3s.mff.cuni.cz http://d3s.mff.cuni.cz Martjn Dck decky@d3s.mff.cuni.cz CHARLES

528 views • 29 slides
Taking Leadership to the Next Level 1 Welcome Scott Pat 2 3 ICE-BREAKER Would better

Taking Leadership to the Next Level 1 Welcome Scott Pat 2 3 ICE-BREAKER Would better

Taking Leadership to the Next Level 1 Welcome Scott Pat 2 3 ICE-BREAKER Would better leadership Lets Get help Started your company create better results ? 4 What Makes a Great Leader 1. Bed-Side-Manner 2. Leadership Systems

276 views • 25 slides
REIMAGINING THE POLICE SCANNER IN THE ERA OF THE SDR Taking scanning to the next level using

REIMAGINING THE POLICE SCANNER IN THE ERA OF THE SDR Taking scanning to the next level using

REIMAGINING THE POLICE SCANNER IN THE ERA OF THE SDR Taking scanning to the next level using distributed RTLSDR receivers & open source software PRESENTED BY GAVIN ROZZI Cyberspectrum #23 @ DEF CON 2018 August 9th, 2018 SDR HAS THE

985 views • 22 slides
Taking you to the next level apply & Innovate 2012 , IPG Technology Conference,

Taking you to the next level apply & Innovate 2012 , IPG Technology Conference,

Taking you to the next level apply & Innovate 2012 , IPG Technology Conference, Karlsruhe, 21 and 22 June 2012 iTPMS-in-the-Loop Solution for Comprehensive Validation Tasks for indirect Tire Pressure Monitoring Systems According to the

468 views • 19 slides
Taking All Students to the Next Level: Social and Emotional Learning (SEL) District 86 Board of

Taking All Students to the Next Level: Social and Emotional Learning (SEL) District 86 Board of

Taking All Students to the Next Level: Social and Emotional Learning (SEL) District 86 Board of Education: January,2018 Brad Verthein, Director of Student Services Arwen Pokorny Lyp and Bill Walsh, Principals Robyn Corelitz, English Teacher and

452 views • 20 slides
Taking Our Safety Culture to the Next Level Vern Porter VP T&D Engineering &

Taking Our Safety Culture to the Next Level Vern Porter VP T&D Engineering &

Taking Our Safety Culture to the Next Level Vern Porter VP T&D Engineering & Construction and Chief Safety Officer The Culture We Want Openness, Trust, Learning, and Accountability Gaps Fear and Distrust Uncertainty

147 views • 14 slides
Taking Taking Taking Taking Aspiration and Aspiration and Aspiration and Aspiration and

Taking Taking Taking Taking Aspiration and Aspiration and Aspiration and Aspiration and

Michael B Arthur Taking Taking Taking Taking Aspiration and Aspiration and Aspiration and Aspiration and Possibility into Possibility into Possibility into Possibility into Emeritus Professor, Suffolk University, Boston, USA Career

921 views • 30 slides
TAKING PAYMENTS ECOSYSTEM CAPABILITIES TO THE NEXT LEVEL- FOCUS ON DIVERSITY Payments New

TAKING PAYMENTS ECOSYSTEM CAPABILITIES TO THE NEXT LEVEL- FOCUS ON DIVERSITY Payments New

TAKING PAYMENTS ECOSYSTEM CAPABILITIES TO THE NEXT LEVEL- FOCUS ON DIVERSITY Payments New Zealand- November 2016 PRESENTED BY: KRISTY DUNCAN WOMEN IN PAYMENTS, FOUNDER & CEO PRESENTATION OVERVIEW Where are we now on gender diversity?

633 views • 16 slides
Timers and event handling microkernels often require procedures to be activated at periodic

Timers and event handling microkernels often require procedures to be activated at periodic

slide 1 gaius Timers and event handling microkernels often require procedures to be activated at periodic intervals minute, second and hour hand of a graphic clock computer network protocols implementing timeouts implementing a dead mans

1.6k views • 24 slides
Taking it to the Next Level: Building your Online Presence Through Social Media Amy Hobson

Taking it to the Next Level: Building your Online Presence Through Social Media Amy Hobson

Taking it to the Next Level: Building your Online Presence Through Social Media Amy Hobson Autumn Fair - September 2019 International Digital Marketing Experts Our Accreditations & Partners Some Of Our Clients Why Social Media? The

573 views • 28 slides
TAKING FUJITEC TO THE NEXT LEVEL Asset Value Investors 25 Bury Street London SW1Y 6AL

TAKING FUJITEC TO THE NEXT LEVEL Asset Value Investors 25 Bury Street London SW1Y 6AL

TAKING FUJITEC TO THE NEXT LEVEL Asset Value Investors 25 Bury Street London SW1Y 6AL Introduction to AVI Specialised international equity boutique founded in London in 1985 long-term shareholder working with management to

1.46k views • 73 slides
Taking Synchrony Seriously: Taking Synchrony Seriously: A Perceptual-Level Model of Infant A

Taking Synchrony Seriously: Taking Synchrony Seriously: A Perceptual-Level Model of Infant A

Taking Synchrony Seriously: Taking Synchrony Seriously: A Perceptual-Level Model of Infant A Perceptual-Level Model of Infant Synchrony Detection Synchrony Detection Christopher G. Prince, George J. Hollich, Christopher G. Prince, George J.

396 views • 25 slides
Session 10: Training, Education, and Staffing Slides from A. L. Boyer, Ph.D. USA The tool

Session 10: Training, Education, and Staffing Slides from A. L. Boyer, Ph.D. USA The tool

Session 10: Training, Education, and Staffing Slides from A. L. Boyer, Ph.D. USA The tool consists of 23 modules that cover the range of instructional objectives for medical dosimetrists in radiation oncology. They can be accessed with the

59 views • 5 slides
Control Problems for Hyperbolic Equations Fabio ANCONA University of Bologna , Italy 12th

Control Problems for Hyperbolic Equations Fabio ANCONA University of Bologna , Italy 12th

Introduction Controllability & Stabilizability Optimal control problems Pontryagin Maximum Principle for Temple systems Control Problems for Hyperbolic Equations Fabio ANCONA University of Bologna , Italy 12th International Conference on

1.63k views • 137 slides
Congregation: A Journey of Companionship & Radical Belonging City of Refuge UCC March 2,

Congregation: A Journey of Companionship & Radical Belonging City of Refuge UCC March 2,

Becoming a WISE Congregation: A Journey of Companionship & Radical Belonging City of Refuge UCC March 2, 2019 Rev. Amy Petr Hill, Minister of Mental Health & Inclusion Ministries Mountain View United Church, Aurora, CO

252 views • 13 slides
Symmetry Transforms 1 1 Motivation Symmetry is everywhere 2 Motivation Symmetry is

Symmetry Transforms 1 1 Motivation Symmetry is everywhere 2 Motivation Symmetry is

Symmetry Transforms 1 1 Motivation Symmetry is everywhere 2 Motivation Symmetry is everywhere Perfect Symmetry [Blum 64, 67] [Wolter 85] [Minovic 97] [Martinet 05] 3 Motivation Symmetry is everywhere Local Symmetry

741 views • 45 slides
Educating the Future Professoriate : Summer Institute for Graduate Teaching Assistants Peter R

Educating the Future Professoriate : Summer Institute for Graduate Teaching Assistants Peter R

Educating the Future Professoriate : Summer Institute for Graduate Teaching Assistants Peter R Turner Director, Institute for STEM Education pturner@clarkson.edu Catherine Snyder Chair, Department of Education Clarkson Capital Region Campus

307 views • 17 slides
Le Lecture 9 9 R Recap ap I2DL: Prof. Niessner, Prof. Leal-Taix 1 What Wh at ar are e

Le Lecture 9 9 R Recap ap I2DL: Prof. Niessner, Prof. Leal-Taix 1 What Wh at ar are e

Le Lecture 9 9 R Recap ap I2DL: Prof. Niessner, Prof. Leal-Taix 1 What Wh at ar are e Con onvol olution ons? " = % !" = red = blue = green

1.51k views • 97 slides
10/3/2017 Declare His Praises! Wherever God is present, worship follows Declare His

10/3/2017 Declare His Praises! Wherever God is present, worship follows Declare His

10/3/2017 Declare His Praises! Wherever God is present, worship follows Declare His Praises! Wherever God is present, worship follows Where is Gods presence most uniquely experienced? The Tabernacle of God 1 10/3/2017

602 views • 7 slides
The Wilderness Tabernacle God Moses: Exodus 25 - 27 The Wilderness Tabernacle Moses Builds

The Wilderness Tabernacle God Moses: Exodus 25 - 27 The Wilderness Tabernacle Moses Builds

The Wilderness Tabernacle God Moses: Exodus 25 - 27 The Wilderness Tabernacle Moses Builds It: Exodus 36 - 38 For all the land which you see I give to you and your descendants forever. Gen 13:15 And I will establish My covenant

318 views • 8 slides

More recommend