DOCSLIB.ORG

Venti Analysis and Memventi Implementation

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Venti Analysis and Memventi Implementation Master’s thesis Venti analysis and memventi implementation Designing a trace-based simulator and implementing a venti with in-memory index Mechiel Lukkien [email protected] August 8, 2007 Committee: Faculty of EEMCS prof. dr. Sape J. Mullender DIES, Distributed and Embedded Systems ir. J. Scholten University of Twente ir. P.G. Jansen Enschede, The Netherlands 2 Abstract [The next page has a Dutch summary] Venti is a write-once content-addressed archival storage system, storing its data on magnetic disks: each data block is addressed by its 20-byte SHA-1 hash (called score). This project initially aimed to design and implement a trace-based simula- tor matching Venti behaviour closely enough to be able to use it to determine good configuration parameters (such as cache sizes), and for testing new opti- misations. A simplistic simulator has been implemented, but it does not model Venti behaviour accurately enough for its intended goal, nor is it polished enough for use. Modelled behaviour is inaccurate because the advanced optimisations of Venti have not been implemented in the simulator. However, implementation suggestions for these optimisations are presented. In the process of designing the simulator, the Venti source code has been investigated, the optimisations have been documented, and disk and Venti per- formance have been measured. This allowed for recommendations about per- formance, even without a simulator. Beside magnetic disks, also flash memory and the upcoming mems-based storage devices have been investigated for use with Venti; they may be usable in the near future, but require explicit support. The focus of this project has shifted towards designing and implementing memventi, an alternative implementation of the venti protocol. Memventi keeps a small part of the scores in main memory for lookups (whereas Venti keeps them on separate index disks). Memventi therefore does not scale to high storage capacity, but is much easier to set up, much simpler in design, and has good performance. 4 Abstract [The remainder of this report is written in English.] Venti is een programma dat blokken data opslaat op magnetische harde schijven. Een eenmaal geschreven blok data kan nooit meer verwijderd of over- schreven worden; het kan uitsluitend worden geadresseerd aan de hand van de 20-byte SHA-1 hash (genaamd de score) van de data. In eerste instantie was het doel van dit project het ontwerpen en imple- menteren van een trace-based simulator die Venti’s gedrag nauwkeurig genoeg simuleert om gebruikt te kunnen worden voor het bepalen van configuratiepa- rameters zoals groottes van de diverse caches, maar ook voor het testen van nieuwe optimalisaties. De ge¨ımplementeerde simulator is echter niet nauwkeurig genoeg om hiervoor te kunnen worden gebruikt, en is ook niet genoeg door- ontwikkeld voor normaal gebruik. Het gemodelleerde gedrag wijkt te veel af voornamelijk doordat de geavanceerde optimalisaties die in Venti aanwezig zijn niet in de simulator zijn ge¨ımplementeerd. Wel worden ontwerpen voor, en opmerkingen over mogelijke simulatorimplementaties van deze optimalisaties vermeld. Tijdens het ontwerpen van de simulator is de broncode van Venti gelezen, zijn de aanwezige optimalisaties gedocumenteerd, en zijn benchmarks van harde schrijven en van Venti uitgevoerd. Met het inzicht dat hiermee verkregen is, kun- nen ook zonder simulator aanbevelingen worden gedaan over goed presenterende Venti configuraties. Behalve magnetische harde schijven zijn ook flash geheugen en de nog in ontwikkeling zijnde mems-schijven onderzocht voor gebruik met Venti. Ze zullen in de toekomst te gebruiken zijn, maar hebben dan expliciete ondersteuning nodig in Venti. De focus van dit project is verschoven naar het ontwerpen en implementeren van memventi, een alternatieve implementatie van het venti protocol. Memventi houdt van elke aanwezige score een klein deel van de 20 bytes in het geheugen, precies genoeg om de kans op dubbelen hierin klein genoeg te houden (Venti zelf bewaart alle scores op index schijven). Memventi gebruikt relatief weinig geheugen, maar schaalt niet naar de hoge opslagcapaciteit waar Venti wel naar schaalt. Memventi is echter veel eenvoudiger in ontwerp en om in gebruik te nemen, en levert goede prestaties. 6 Preface I would like to thank everyone who has helped me with my master’s project, both on technical and non-technical level. This master’s thesis has taken me longer to finish than I (and others) had hoped, but I am content with the results. I am very thankful to Sape Mullender for supervising this project, helping with technical issues and being patient and helpful from start to finish. The same goes for Axel Belinfante, our regular progress talks have been very useful on the technical level and have helped keeping this thesis on track. I hope you enjoy reading this thesis. I am continuing development of tools related to Venti, so please direct further questions or discussion to my e-mail address, [email protected]. Mechiel Lukkien Enschede, July 11th 2007 8 Contents 1 Introduction 13 1.1 Protocol ................................ 15 1.2 Hash trees ............................... 15 1.3 Performance requirements ...................... 18 1.4 Report ................................. 20 2 Venti design 21 2.1 Index sections, Arenas ........................ 21 2.2 Terminology .............................. 22 2.3 Optimisations ............................. 25 2.3.1 Disk block cache, dcache ................... 25 2.3.2 Index entry cache, icache .................. 26 2.3.3 Lump cache, lcache ...................... 26 2.3.4 Bloom filter .......................... 27 2.3.5 Queued writes ........................ 27 2.3.6 Lump compression ...................... 27 2.3.7 Disk block read-ahead .................... 28 2.3.8 Lump read-ahead ....................... 28 2.3.9 Prefetch index entries .................... 28 2.3.10 Sequential writes of index entries .............. 28 2.3.11 Sequential writes of disk blocks ............... 28 2.3.12 Opportunistic hash collision checking ............ 29 2.3.13 Scheduler ........................... 29 2.3.14 Zero-copy packets ...................... 29 3 Venti clients 31 3.1 Vac ................................... 31 3.2 Fossil .................................. 34 3.3 Conclusion .............................. 35 4 Disks & performance 37 4.1 Disk internals ............................. 37 4.1.1 Implications for Venti .................... 39 4.2 Operating system disk handling ................... 40 4.3 Testing hard disks .......................... 40 4.4 SCSI disk results ........................... 42 4.5 IDE disk results ............................ 44 4.6 Conclusion .............................. 45 9 4.7 Alternatives to magnetic disks .................... 46 4.7.1 Compact-flash memory ................... 46 4.7.2 MEMS-based storage ..................... 50 5 Venti performance 53 5.1 Basic Venti performance ....................... 53 5.1.1 Analysis ............................ 54 5.2 SHA-1 performance .......................... 55 5.3 Whack performance ......................... 55 6 Venti simulator 57 6.1 Design ................................. 58 6.2 Trace files ............................... 60 6.3 Vsim and vtrace ........................... 62 6.4 Future work .............................. 63 6.4.1 Bloom filter .......................... 63 6.4.2 Index entry prefetch from arena directory ......... 63 6.4.3 Better disk model and multiple disks ............ 64 6.5 Conclusions .............................. 64 7 Memventi design & implementation 67 7.1 Storing only a part of the score ................... 68 7.2 Implementation ............................ 70 7.2.1 Features ............................ 71 7.2.2 Data integrity ......................... 73 7.2.3 Differences with design .................... 74 7.2.4 Performance ......................... 75 7.2.5 Problems ........................... 79 7.2.6 Future work .......................... 79 7.2.7 Conclusion .......................... 82 8 Conclusions 83 9 Future work 87 Bibliography 93 A Test setup 95 B Disk tests 97 B.1 SCSI disk ............................... 97 B.2 IDE disk ................................ 97 C Basic Venti tests 103 C.1 sametest ................................ 103 D Memventi tests 105 E Compact flash tests 107 E.1 IDE to flash adaptor ......................... 107 E.2 USB flash memory card reader ................... 107 10 F Technical documentation 111 F.1 Pseudo code for handling venti operations ............. 111 G Tools 115 G.1 ptio.c ................................. 115 G.2 test-sha1.c ............................... 120 G.3 test-whack.c .............................. 121 11 12 Chapter 1 Introduction Venti [1, 2, 3] is a write-once content-addressed archival block storage server. It is a user-space daemon communicating with software clients over tcp connec- tions. The blocks stored can be up to 56kb in size. Once stored, blocks can never be removed. The address of the data is the 160-bits SHA-1 hash (called a score) of that data. SHA-1 is a cryptographic secure hash, the implications of which are explained later in this section. Data blocks are stored on magnetic disk allowing for fast random access. In essence, Venti provides the following two functions: 1. write(data, type) → score 2. read(score, type) → data Venti only stores data, and retrieves it later on request. It does not interpret the data, nor does it need to. The type parameter to the read and write functions is part of the address, and used mostly for convenience,
Load more

Recommended publications
  • Persistent 9P Sessions for Plan 9
    Persistent 9P Sessions for Plan 9 Gorka Guardiola, [email protected] Russ Cox, [email protected] Eric Van Hensbergen, [email protected] ABSTRACT Traditionally, Plan 9 [5] runs mainly on local networks, where lost connections are rare. As a result, most programs, including the kernel, do not bother to plan for their file server connections to fail. These programs must be restarted when a connection does fail. If the kernel’s connection to the root file server fails, the machine must be rebooted. This approach suffices only because lost connections are rare. Across long distance networks, where connection failures are more common, it becomes woefully inadequate. To address this problem, we wrote a program called recover, which proxies a 9P session on behalf of a client and takes care of redialing the remote server and reestablishing con- nection state as necessary, hiding network failures from the client. This paper presents the design and implementation of recover, along with performance benchmarks on Plan 9 and on Linux. 1. Introduction Plan 9 is a distributed system developed at Bell Labs [5]. Resources in Plan 9 are presented as synthetic file systems served to clients via 9P, a simple file protocol. Unlike file protocols such as NFS, 9P is stateful: per-connection state such as which files are opened by which clients is maintained by servers. Maintaining per-connection state allows 9P to be used for resources with sophisticated access control poli- cies, such as exclusive-use lock files and chat session multiplexers. It also makes servers easier to imple- ment, since they can forget about file ids once a connection is lost.
    [Show full text]
  • HTTP-FUSE Xenoppix
    HTTP-FUSE Xenoppix Kuniyasu Suzaki† Toshiki Yagi† Kengo Iijima† Kenji Kitagawa†† Shuichi Tashiro††† National Institute of Advanced Industrial Science and Technology† Alpha Systems Inc.†† Information-Technology Promotion Agency, Japan††† {k.suzaki,yagi-toshiki,k-iijima}@aist.go.jp [email protected], [email protected] Abstract a CD-ROM. Furthermore it requires remaking the entire CD-ROM when a bit of data is up- dated. The other solution is a Virtual Machine We developed “HTTP-FUSE Xenoppix” which which enables us to install many OSes and ap- boots Linux, Plan9, and NetBSD on Virtual plications easily. However, that requires in- Machine Monitor “Xen” with a small bootable stalling virtual machine software. (6.5MB) CD-ROM. The bootable CD-ROM in- cludes boot loader, kernel, and miniroot only We have developed “Xenoppix” [1], which and most part of files are obtained via Internet is a combination of CD/DVD bootable Linux with network loopback device HTTP-FUSE “KNOPPIX” [2] and Virtual Machine Monitor CLOOP. It is made from cloop (Compressed “Xen” [3, 4]. Xenoppix boots Linux (KNOP- Loopback block device) and FUSE (Filesys- PIX) as Host OS and NetBSD or Plan9 as Guest tem USErspace). HTTP-FUSE CLOOP can re- OS with a bootable DVD only. KNOPPIX construct a block device from many small block is advanced in automatic device detection and files of HTTP servers. In this paper we describe driver integration. It prepares the Xen environ- the detail of the implementation and its perfor- ment and Guest OSes don’t need to worry about mance. lack of device drivers.
    [Show full text]
  • Plan 9 from Bell Labs
    Plan 9 from Bell Labs “UNIX++ Anyone?” Anant Narayanan Malaviya National Institute of Technology FOSS.IN 2007 What is it? Advanced technology transferred via mind-control from aliens in outer space Humans are not expected to understand it (Due apologies to lisperati.com) Yeah Right • More realistically, a distributed operating system • Designed by the creators of C, UNIX, AWK, UTF-8, TROFF etc. etc. • Widely acknowledged as UNIX’s true successor • Distributed under terms of the Lucent Public License, which appears on the OSI’s list of approved licenses, also considered free software by the FSF What For? “Not only is UNIX dead, it’s starting to smell really bad.” -- Rob Pike (circa 1991) • UNIX was a fantastic idea... • ...in it’s time - 1970’s • Designed primarily as a “time-sharing” system, before the PC era A closer look at Unix TODAY It Works! But that doesn’t mean we don’t develop superior alternates GNU/Linux • GNU’s not UNIX, but it is! • Linux was inspired by Minix, which was in turn inspired by UNIX • GNU/Linux (mostly) conforms to ANSI and POSIX requirements • GNU/Linux, on the desktop, is playing “catch-up” with Windows or Mac OS X, offering little in terms of technological innovation Ok, and... • Most of the “modern ideas” we use today were “bolted” on an ancient underlying system • Don’t believe me? A “modern” UNIX Terminal Where did it go wrong? • Early UNIX, “everything is a file” • Brilliant! • Only until people started adding “features” to the system... Why you shouldn’t be working with GNU/Linux • The Socket API • POSIX • X11 • The Bindings “rat-race” • 300 system calls and counting..
    [Show full text]
  • (Brief) 2. an Extensible Compiler for Systems Programming
    Show and Tell 1. Plan 9 Things (brief) 2. An Extensible Compiler for Systems Programming Russ Cox rsc@plan9 1127 Show and Tell April 19, 2005 who am i ................................................................................................................. ‘‘Neighborhood kid’’ 1995 summer hacking Excel (jlb) 1995-1997 cable modems (nls, tom) 1997-1999 annoying Plan 9 user 1999 summer doing Plan 9 graphics (rob, jmk) 1999-present assorted Plan 9 hacking Plan 9 Things ........................................................................................................ VBE ߝ use BIOS to set up VGA modes ߝ requires switching into real mode and back Venti ߝ reworked significantly ߝ aggressive caching, prefetching, batching, delayed writes ߝ Bloom filter to avoid index misses Plan 9 from User Space (plan9port) ߝ port bulk of Plan 9 software to Unix systems ߝ Linux, FreeBSD, NetBSD, SunOS, Mac OS X .................................................................................................................................... An Extensible Compiler for Systems Programming Russ Cox Frans Kaashoek Eddie Kohler [email protected] Outline ..................................................................................................................... Why bother? What could it do? How could it work? Ground rules: ߝ interrupt with questions ߝ work in progress ߝ show and tell, not a job talk Man vs. Machine ߝ Linguistic Tensions ................................................... The most important readers of a program are people.
    [Show full text]
  • The Effectiveness of Deduplication on Virtual Machine Disk Images
    The Effectiveness of Deduplication on Virtual Machine Disk Images Keren Jin Ethan L. Miller Storage Systems Research Center Storage Systems Research Center University of California, Santa Cruz University of California, Santa Cruz [email protected] [email protected] ABSTRACT quired while preserving isolation between machine instances. Virtualization is becoming widely deployed in servers to ef- This approach better utilizes server resources, allowing many ficiently provide many logically separate execution environ- different operating system instances to run on a small num- ments while reducing the need for physical servers. While ber of servers, saving both hardware acquisition costs and this approach saves physical CPU resources, it still consumes operational costs such as energy, management, and cooling. large amounts of storage because each virtual machine (VM) Individual VM instances can be separately managed, allow- instance requires its own multi-gigabyte disk image. More- ing them to serve a wide variety of purposes and preserving over, existing systems do not support ad hoc block sharing the level of control that many users want. However, this between disk images, instead relying on techniques such as flexibility comes at a price: the storage required to hold overlays to build multiple VMs from a single “base” image. hundreds or thousands of multi-gigabyte VM disk images, Instead, we propose the use of deduplication to both re- and the inability to share identical data pages between VM duce the total storage required for VM disk images and in- instances. crease the ability of VMs to share disk blocks. To test the One approach saving disk space when running multiple effectiveness of deduplication, we conducted extensive eval- instances of operating systems on multiple servers, whether uations on different sets of virtual machine disk images with physical or virtual, is to share files between them; i.
    [Show full text]
  • Persistent 9P Sessions for Plan 9
    Persistent 9P Sessions for Plan 9 Gorka Guardiola, [email protected] Russ Cox, [email protected] Eric Van Hensbergen, [email protected] ABSTRACT Traditionally, Plan 9 [5] runs mainly on local networks, where lost connections are rare. As a result, most programs, including the kernel, do not bother to plan for their file server connections to fail. These programs must be restarted when a connection does fail. If the kernel’s connection to the root file server fails, the machine must be rebooted. This approach suffices only because lost connections are rare. Across long distance networks, where connection failures are more common, it becomes woefully inadequate. To address this problem, we wrote a program called recover, which proxies a 9P session on behalf of a client and takes care of redialing the remote server and reestablishing connec- tion state as necessary, hiding network failures from the client. This paper presents the design and implementation of recover, along with performance benchmarks on Plan 9 and on Linux. 1. Introduction Plan 9 is a distributed system developed at Bell Labs [5]. Resources in Plan 9 are presented as synthetic file systems served to clients via 9P, a simple file protocol. Unlike file protocols such as NFS, 9P is stateful: per-connection state such as which files are opened by which clients is maintained by servers. Maintaining per-connection state allows 9P to be used for resources with sophisticated access control poli- cies, such as exclusive-use lock files and chat session multiplexers. It also makes servers easier to imple- ment, since they can forget about file ids once a connection is lost.
    [Show full text]
  • Large Scale Disk Image Storage and Deployment in the Emulab Network Testbed
    EMUSTORE: LARGE SCALE DISK IMAGE STORAGE AND DEPLOYMENT IN THE EMULAB NETWORK TESTBED by Raghuveer Pullakandam A thesis submitted to the faculty of The University of Utah in partial fulfillment of the requirements for the degree of Master of Science in Computer Science School of Computing The University of Utah August 2014 Copyright !c Raghuveer Pullakandam 2014 All Rights Reserved The University of Utah Graduate School STATEMENT OF THESIS APPROVAL Raghuveer Pullakandam The thesis of has been approved by the following supervisory committee members: Robert Ricci 07/26/2012 , Chair Date Approved Ganesh Gopalakrishnan 08/31/2011 , Member Date Approved Matthew Flatt 08/31/2011 , Member Date Approved Alan Davis and by , Chair of Comput the School of ing and by, Dean of The Graduate School. ABSTRACT The Emulab network testbed deploys and installs disk images on client nodes upon request. A disk image is a custom representation of filesystem which typically corresponds to an operating system configuration. Making a large variety of disk images available to Emulab users greatly encourages heterogeneous experimentation. This requires a significant amount of disk storage space. Data deduplication has the potential to dramatically reduce the amount of disk storage space required to store disk images. Since most disk images in Emulab are derived by customizing a few golden disk images, there is a substantial amount of data redundancy within and among these disk images. This work proposes a method of storing disk images in Emulab with maximizing storage utilization, minimal impact on performance, and nonintrusiveness as primary goals. We propose to design, implement, and evaluate EmuStore — a system built on top of a data deduplication infrastructure for efficiently storing disk images in the Emulab network testbed.
    [Show full text]
  • DASH 1 JDA@O?KmanjOok=HAHA=@EncHECDJNom,>KJEn>OokBohm
    '.4ON6 .4-37-N6L; 37-561ON-, )N59-45 6DEI >ook M=I JOFAIAJ troff -ms -mpictures|lp -dstdout|ps2pdf En LK?E@= 5=nI >OJDA=KJDoH,KIEnC=6DEnk2=@:$6=>lAJHKnnEnCJDA'BHonJoFAH=JEnCIOIJAm. 4An@AHA@: -%-" '.4ON6 'BHonJ.oHC 15*N-!:'%'&%!" '%& 6DEI EI = MoHk oB BE?JEon. N=mAI, ?D=H=?JAHI, Fl=?AI =n@ En?E@AnJI AEJDAH =HA JDA FHo@K?J oB JDA =KJDoHߣI Em=CEn=JEon oH =HA KIA@ BE?JEJEoKIlO, =n@ =nO HAIAm>l=n?A Jo =?JK=l FAH­ IonI, lELEnC oH @A=@, >KIEnAIIAI, ?omF=nEAI, ALAnJI oH lo?=lAI EI AnJEHAlO ?oEn?E@AnJ=l. 4E?D=H@ MEllAH =n@ 5JALA 5J=llEon =HA noJ =BBElE=JA@ MEJD 'BHonJ. 6DA oFAH=JEnC IOIJAm @oAInoJD=LA=noBBE?E=lFoHJIJHAA. M16/++/2K>lE?,om=En The study of this Book is forbidden. It is wise to destroy this copy after the first reading. Whosoever disregards this does so at his own risk and peril. These are most dire. Those who discuss the contents of this Book are to be shunned by all, as centres of pestilence. All questions of the Law are to be decided only by appeal to my writings, each for himself. There is no law beyond Do what thou wilt. 9FRONT FREQUENTLY QUESTIONED ANSWERS ACHTUNG! 'BHonJ@=IDm=nK=lEIMHEJJAn>O=n@BoH'BHonJKIAHI. Those who can do, those who can’t write and those who can’t write make ezines. ߞ 5=FAMKllAn@AH ACHTUNG! 1nBoHm=JEon FHoLE@A@ >O JDEI @o?KmAnJ EI 7NO..1+1)L =n@ m=O >A oKJ@=JA@ oHjKIJFl=En94ON/.7IAOoKH>H=En.NO4-.7N,5.
    [Show full text]
  • Untitled (To the Innovator of Wheeling Peachblow), '$&
    6DEI >ook M=I JOFAIAJ troff -ms -mpictures|lp -dstdout|ps2pdf En LK?E@= 5=nI >O JDA =KJDoH, KIEnC = LAnoLo 6DEnk2=@ : ! 6=>lAJ HKnnEnC JDA 'BHonJ oFAH=JEnC IOI­ JAm. 4An@AHA@: &--$ '.4ON6 'BHonJ.oHC 6DEI EI = MoHk oB BE?JEon. N=mAI, ?D=H=?JAHI, Fl=?AI =n@ En?E@AnJI AEJDAH =HA JDA FHo@K?J oB JDA =KJDoHߣI Em=CEn=JEon oH =HA KIA@ BE?JEJEoKIlO, =n@ =nO HAIAm>l=n?A Jo =?JK=l FAH­ IonI,lELEnCoH@A=@,>KIEnAIIAI,?omF=nEAI,ALAnJIoHlo?=lAIEIAnJEHAlO?oEn?E@AnJ=l. M16/++/2K>lE?,om=En 9FRONT FREQUENTLY QUESTIONED ANSWERS Those who can do, those who can’t write and those who can’t write make ezines. ߞ 5=FAMKllAn@AH ACHTUNG! 6DEI @o?KmAnJߣI 5647+674- ߞ =n@ IomA oB EJI 6-:6 ߞ EI Fl=CE=HEzA@ ߞ BHomJDAO2-N*5,.)3 ACHTUNG! 601515NO6)52)+- ACHTUNG! 1nBoHm=JEon FHoLE@A@ >O JDEI @o?KmAnJ m=O >A oKJ@=JA@ oH jKIJ Fl=En MHonC.7IAOoKH>H=En.NO4-.7N,5. _sl’s info is incorrect. ߞ =nJD_N i really hate the openbsd content in the fqa ߞ =EjK 0 − Introduction to Plan 9 .-9D=JEI2l=n'? ..-2l=n'EInoJ7N1: ...-2l=n'EInoJFl=n'FoHJ ... -2l=n'EInoJ1nBAHno .. -2l=n'EInoJ=FHo@K?J ..!-2l=n'EInoJBoHOoK . -9DO2l=n'? . .-9D=J@oFAoFlAlEkA=>oKJ2l=n'? . ..-9D=J@oOoKKIA2l=n'BoH? . -9D=J@oFAoFlAD=JA=>oKJ2l=n'? . .-9D=JEInoJEn2l=n' . .!-9DO@E@2l=n'ߣI?HA=JoHICELAKFon2l=n'? . ."-9D=JEIJDA@A=lMEJD2l=n'ߣIMAEH@lE?AnIA? . .".-4E?D=H@5J=llm=nD=JAIJDA2l=nNEnAlE?AnIA?EH?= .
    [Show full text]
  • Plan 9 Authentication in Linux
    Plan 9 Authentication in Linux ∗ Ashwin Ganti Google Inc. [email protected] ABSTRACT password and various information about the user (such as In Linux, applications like su and login currently run as her home directory and default shell). Applications heavily root in order to access authentication information and set depended on these files which led to less extensible code. or alter the identity of the process. In such cases, if the ap- Moreover if a new authentication mechanism was introduced plication is compromised while running as a privileged user, it required all the applications (like login, su etc.) that use the entire system can become vulnerable. An alternative the authentication information be rewritten to support it. approach is taken by the Plan 9 operating system from Bell Labs, which runs such applications as a non-privileged user Pluggable Authentication Modules (PAM) [10] [2] were cre- and relies on a kernel-based capability device working in co- ated to provide more effective ways to authenticate users. ordination with an authentication server to provide the same PAM provides a generic framework enabling uniform au- services. This avoids the risk of an application vulnerability thentication of user applications. It enables user applica- becoming a system vulnerability. tions to perform authentication without actually knowing the implementation details of the underlying mechanisms. This paper discusses the extension of Linux authentication It is usually done through a password based authentication mechanisms to allow the use of the Plan 9 approach with mechanism but also supports a challenge response interac- existing Linux applications in order to reduce the security tion.
    [Show full text]
  • Glen Or Glenda Empowering Users and Applications with Private Namespaces
    Glen or Glenda Empowering Users and Applications with Private Namespaces Eric Van Hensbergen IBM Research [email protected] Abstract in a network, and reference resources within a file system. Within each of these cate- gories names are evaluated in a specific con- Private name spaces were first introduced into text. Program variables have scope, database LINUX during the 2.5 kernel series. Their use indexes are evaluated within tables, networks has been limited due to name space manipu- machine names are valid within a particular lation being considered a privileged operation. domain, and file names provide a mapping to Giving users and applications the ability to cre- underlying resources within a particular name ate private name spaces as well as the ability to space. This paper is primarily concerned with mount and bind resources is the key to unlock- the evaluation and manipulation of names and ing the full potential of this technology. There name space contexts for file systems under the are serious performance, security and stability LINUX operating system. issues involved with user-controlled dynamic private name spaces in LINUX. This paper pro- File systems evolved from flat mappings of poses mechanisms and policies for maintain- names to multi-level mappings where each cat- ing system integrity while unlocking the power alog (or directory) provided a context for name of dynamic name spaces for normal users. It resolution. This design was carried further discusses relevant potential applications of this by MULTICS[1] with deep hierarchies of di- technology including its use with FILESYSTEM rectories including the concept of links be- IN USERSPACE[24], V9FS[8] (the LINUX port tween directories within the hierarchy[5].
    [Show full text]
  • Dash1.Gz.Pdf
    6DEI >ook M=I JOFAIAJ troff -ms -mpictures|lp -dstdout|ps2pdf En LK?E@= 5=nI >O JDA =KJDoH, KIEnC = LAnoLo 6DEnk2=@ : ! 6=>lAJ HKnnEnC JDA 'BHonJ oFAH=JEnC IOI­ JAm. 4An@AHA@: %--$ '.4ON6 'BHonJ.oHC 6DEI EI = MoHk oB BE?JEon. N=mAI, ?D=H=?JAHI, Fl=?AI =n@ En?E@AnJI AEJDAH =HA JDA FHo@K?J oB JDA =KJDoHߣI Em=CEn=JEon oH =HA KIA@ BE?JEJEoKIlO, =n@ =nO HAIAm>l=n?A Jo =?JK=l FAH­ IonI,lELEnCoH@A=@,>KIEnAIIAI,?omF=nEAI,ALAnJIoHlo?=lAIEIAnJEHAlO?oEn?E@AnJ=l. M16/++/2K>lE?,om=En 9FRONT FREQUENTLY QUESTIONED ANSWERS Those who can do, those who can’t write and those who can’t write make ezines. ߞ 5=FAMKllAn@AH ACHTUNG! 6DEI @o?KmAnJߣI 5647+674- ߞ =n@ IomA oB EJI 6-:6 ߞ EI Fl=CE=HEzA@ ߞ BHomJDAO2-N*5,.)3 ACHTUNG! 601515NO6)52)+- ACHTUNG! 1nBoHm=JEon FHoLE@A@ >O JDEI @o?KmAnJ m=O >A oKJ@=JA@ oH jKIJ Fl=En MHonC.7IAOoKH>H=En.NO4-.7N,5. _sl’s info is incorrect. ߞ =nJD_N i really hate the openbsd content in the fqa ߞ =EjK 0 − Introduction to Plan 9 .-9D=JEI2l=n'? ..-2l=n'EInoJ7N1: ...-2l=n'EInoJFl=n'FoHJ ... -2l=n'EInoJ1nBAHno .. -2l=n'EInoJ=FHo@K?J ..!-2l=n'EInoJBoHOoK . -9DO2l=n'? . .-9D=J@oFAoFlAlEkA=>oKJ2l=n'? . ..-9D=J@oOoKKIA2l=n'BoH? . -9D=J@oFAoFlAD=JA=>oKJ2l=n'? . .-9D=JEInoJEn2l=n' . .!-9DO@E@2l=n'ߣI?HA=JoHICELAKFon2l=n'? . ."-9D=JEIJDA@A=lMEJD2l=n'ߣIMAEH@lE?AnIA? . .".-4E?D=H@5J=llm=nD=JAIJDA2l=nNEnAlE?AnIA?EH?= .
    [Show full text]