Microk ernels Meet Recursive Virtual Machines Bry an F o rd Mik e Hibler Ja y Lep reau P atrick T ullmann Go dma r Back Stephen Cla wson Depa rtment of Computer Science Universit y of Utah http://www.cs.utah.edu/projects/flu x/ Octob er 30, 1996 1
The Nested Pro cess Mo del Child p ro cess is encapsulated in its pa rent. Traditional Process Model Nested Process Model P a rent has complete control over the child. Parent Parent Process Process State State 2 Child Child State State Child Child State State
Supp o rts e�cient decomp osition of system services Paged Persist. Persist. App App App Realtime Process Manager Paged App App ) mo dula rit y , extensibilit y , securit y , : : : Checkpointer Process Manager 3 Realtime App Virtual Memory Manager Process Manager Fluke Microkernel
Virtual Machine Simulato rs App/OS App/OS App/OS Machine Simulator 4 Virtual Machine Simulator Processor
Virtual Machine Monito rs Processor App/OS App/OS Basic Instruction Set Virtual Machine Monitor App/OS 5 Virtual Machine Monitor Privileged and Sensitive Instructions Processor
The Fluk e Nested Pro cess Architecture Application Nester Low-level System Call API Basic Instruction Set Nester 6 Nester IPC-based Common Protocols API Microkernel Privileged and Sensitive Instructions Processor
Hiera rchical Resource Management A child can obtain resources only through its pa rent. These resources a re managed directly b y the microk ernel: � CPU time : Hiera rchical scheduling, e.g., CPU Inheritance Scheduling � Memo ry : Relative Address Spaces � Kernel objects (threads, p o rts, etc.): Relative Address Spaces 7
Relative Address Spaces Address Spaces Mapping 8 Mapping Root Space (Physical Memory)
Fluk e Lo w-level Objects Low-level Fluke Objects 9 Root Space (Physical Memory)
State Visibil it y Parent Process Passive Child State 10 Active Child Process
Relativit y of Reference � Lo w-level API includes no absolute names, p rivileges, o r resources. � Classic k ernel-mediated capabilit y mo del gives relativi t y of cross-domain references and \sho rt-circuiting" of nesting la y ers. 11
Fluk e Capabilit y Mo del Port Reference Port 12
Fluk e Architecture Comp onents Application Microkernel Processor Memory FS API Process API API Process Manager Low-level System Call API Memory FS API API Process API Basic Instruction Set Tracer/Security Monitor Memory FS API Process API API 13 Memory Manager FS Process Memory API API API IPC-based Common Protocols API Microkernel Privileged and Sensitive Instructions Processor
High-level Common Proto cols Interfaces common to a set of co op erating nesters. F o r example, Parent:: get process service get memory service Process:: create child exec Memory:: create var segment create sub pool FileSystem:: open close mkdir FileDescription:: read write map 14
Nested Pro cess Mo del Gives: � OS Mo dula rit y : each service is implemented b y a distinct p ro cess (a \nester") � Extensibilit y : a mo di�ed service can b e p rovided b y a second nester o r a mo di�ed nester � Comp osition : nesters can b e mixed and matched � Flexible scop e : can apply a service to a group of p ro cesses just as easily as to one � Securit y : strong securit y mechanisms \fo r free" � Strong resource control : p rovided b y hiera rchical structure � Flexibilit y : strict hiera rchy is enabled , not enfo rced 15
Protot yp e Implementation � Kernel: \p o rtable," unoptimized, written in C � Lib ra ries { libc : p rovides client side of Common Proto cols { libnest : p rovides server side of Common Pro- to cols � Nesters { Debugger { T racer { Pro cess Manager { Virtual Memo ry Manager { Checkp ointer { Filesystem nester � Applications: 16
Results � Absolute p erfo rmance � Relative slo wdo wn 17
T est Programs T est Fluk e F reeBSD memtest 929.1 ms 914.9 ms appel2 5.4 ms 3.6 ms readtest 125.8 ms 153.0 ms matconn 102.9 ms 71.6 ms cc1 3.83 sec 3.85 sec 18
Relative Slowdown for Full Interposition matrixconn fibforkwait 100 memtest appel2 90 80 Relative Slowdown in Percent compile 70 60 50 readtest 40 30 20 10 0 KS KS+TR KS+TR^2 KS+TR^3 KS+TR^4 Nester Configurations
Relative Slowdown for Realistic Nester Configurations matrixconn 100 compile appel2 90 80 memtest 70 Slowdown in Percent readtest 60 fibforkwait 50 40 30 20 10 0 K KP KMP KCMP KCMPT Nester Configuration
Related W o rk � CAP: ea rly nested p ro cess a rchitecture � L4, Grasshopp er: memo ry remapping � System 38, Intel i960XA: \tagged memo ry" � Amo eba, Cache Kernel: state accessibilit y , with some constraints � Stack able �lesystems & net w o rk p roto cols: domain-sp eci�c stacking 21
Status � Kernel, lib ra ries, nesters as ab ove: sup- p o rts POSIX subset on x86 � Kernel API published � Source release within a few months � P o rtable p rotot yp e not fast; ho w ever... 22
GNU Apps Running on Fluk e � compile : gcc cpp cc1 mak e ga wk bsdsed bash-batch � binutils : gas ld a r objcop y objdump ranlib size strings nm strip gp rof � �leutils : chgrp chmo d cho wn cp dd dir dircolo rs du ginstall ln ls mkdir mk�fo mkno d mv rm rmdir sync touch vdir � textutils : cat cksum comm csplit cut expand fmt fold head join md5sum nl o d paste p r so rt split sum tac tail tr unexpand uniq w c � di�utils : cmp di� di�3 sdi� � shellutils : basename date dirname echo env exp r facto r false groups hostname id logname pathchk p rintenv p rintf p wd seq sleep stt y tee test true tt y uname users who whoami y es 23
Conclusion Fluk e combines p rinciples of microk ernels and virtual machines to supp o rt: � Complete state encapsulation and control � E�ciently stack able OS services � Mo dula rized VM, p ro cess management, debugging, tracing, checkp ointing. 24
Recommend
More recommend
![B B SmartBrace responsive knee brace 18 200,000 people injure their ACL every year [1]](https://c.sambuz.com/823076/b-b-s.jpg)
