DOCSLIB.ORG

L4 Microkernel

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

10 Years L4-Based Systems L4/Nizza Secure-System Architecture TU Dresden Operating Hermann Härtig Systems Group et al. mult. 10 Years Your Passwords, Secrets, ... L4-Based Your Passwords, Secrets, ... Systems applet Linux App Firefox jvm X11 source: Linux Understanding Data Lifetime via Hermann Härtig Whole System Simulation et al. Jim Chow, Ben Pfaff, Tal mult. Garfinkel, Kevin Christopher, TU and Mendel Rosenblum, Dresden Operating keyboard Stanford University Systems Usenix Security 04 Group 2 SEVECOM Budapest 2006 10 Years Outline L4-Based Outline Systems L4 etc . the microkernel vision . early experience: MACH etc . what is L4 ? . L4 and legacy: L4Linux and DDE . DROPS: L4 and Real-Time . L4Env: a multi-server environment for L4 apps Hermann . major L4 projects Härtig et al. mult. TU L4/Nizza Secure System Architecture Dresden Operating What's Up Next? Systems Group Conclusion 3 SEVECOM Budapest 2006 Microkernels - 10 Years Microkernels - L4-Based vision and earlier experience Systems vision and earlier experience . monolithic systems – large – complex – hard to add real-time – large trusted computing bases Applications Applications User Applications – new additional Mode components often crash system Privileged File Network Kernel Hermann Systems Stacks Härtig Mode et al. Memory Processe mult. Manage Drivers s ment TU Dresden Monolithic Operating Operating System Systems Group Hardware 4 SEVECOM Budapest 2006 10 Years The Microkernel Vision L4-Based The Microkernel Vision Systems . small operating system kernel – kernel-mode action less error prone – allows strict validation . system services implemented as user-level servers with their own address spaces – flexibility – extensibility – customizable Hermann . more robust systems Härtig et al. – protected individual system components (e.g., drivers) mult. – small trusted computing base TU – allow coexistence of different OS personalities Dresden Operating . Systems reuse legacy OS (slightly modified) Group 5 SEVECOM Budapest 2006 10 Years IBM Workplace OS L4-Based IBM Workplace OS Systems OS/2 OS/400 AIX Windows OS/2 OS/400 AIX Windows Applicati Applicati Applicati Applicati Applicati Applicati Applicati Applicati ons ons ons ons ons ons ons ons OS/2 DOS OS/400 AIX Windows Personality Personality Personality Personality Personality Network Power File Server Security Hermann Service Management Härtig Device et al. Default Pager Bootstrap Name Service mult. Support TU Microkernel Dresden Power Operating ARM MIPS IA32 Alpha Systems PC Group 6 SEVECOM Budapest 2006 Reality in Mid 90ties: 10 Years Reality in Mid 90ties: L4-Based MACH-Based Systems Systems MACH-Based Systems . disappointments – performance – complexity – drivers back in kernel . e.g., IBM is said to have invested and lost over 1 Billion US $ Hermann Härtig et al. mult. TU Dresden Operating Systems Group 7 SEVECOM Budapest 2006 10 Years L4-Based LL44 MMiicrcrookkeerrnneell Systems Jochen Liedtke(ca 96): “A microkernel does no real work, but does it efficiently” . kernel provides only inevitable mechanisms no policies enforced by the kernel what is inevitable? Hermann . Härtig address spaces et al. mult. threads & scheduling TU . inter process communication Dresden Operating Systems Group L4/Fiasco(ca 98): first HLL / Real-Time scheduling 8 SEVECOM Budapest 2006 TUDOS: Emphasis on Real-Time 10 Years TUDOS: Emphasis on Real-Time L4-Based and Security Systems and Security approach . run legacy software on legacy OS Appli- Appli- cation cation Hermann Härtig legacy OS et al. mult. TU Dresden Operating Systems L4/Fiasco Microkernel Group Hardware 9 SEVECOM Budapest 2006 TUDOS: Emphasis on Real-Time 10 Years TUDOS: Emphasis on Real-Time L4-Based and Security Systems and Security approach . run legacy software on legacy OS . run critical applications besides legacy OS Appli- Appli- critical cation cation Hermann Härtig legacy OS et al. mult. TU Resource Management Dresden L4Env & Basic Resource Manager Operating Systems L4/Fiasco Microkernel Group Hardware 10 SEVECOM Budapest 2006 TUDOS: Emphasis on Real-Time 10 Years TUDOS: Emphasis on Real-Time L4-Based and Security Systems and Security approach . run legacy software on legacy OS . run critical applications besides legacy OS Appli- hybrid critical cation Hermann Härtig legacy OS et al. mult. TU Resource Management Dresden L4Env & Basic Resource Manager Operating Systems L4/Fiasco Microkernel Group Hardware 11 SEVECOM Budapest 2006 TUDOS: Emphasis on Real-Time 10 Years TUDOS: Emphasis on Real-Time L4-Based and Security Systems and Security approach . run legacy software on legacy OS . run critical applications besides legacy OS – real-time Appli- Appli- RT Media cation cation Controller Player Hermann Härtig legacy OS ? et al. mult. TU Resource Management Dresden L4Env & Basic Resource Manager Operating Systems L4/Fiasco Microkernel Group Hardware 12 SEVECOM Budapest 2006 TUDOS: Emphasis on Real-Time 10 Years TUDOS: Emphasis on Real-Time L4-Based and Security Systems and Security approach . run legacy software on legacy OS . run critical applications besides legacy OS – real-time – high security Appli- Appli- E-sign VPN cation cation Hermann Härtig legacy OS ? et al. mult. TU Resource Management Dresden L4Env & Basic Resource Manager Operating Systems L4/Fiasco Microkernel Group Hardware 13 SEVECOM Budapest 2006 TUDOS: Emphasis on Real-Time 10 Years TUDOS: Emphasis on Real-Time L4-Based and Security Systems and Security approach . run legacy software on legacy OS . run critical applications besides legacy OS – real-time – high security split application: internet transaction put together sign & pay . split applications shopping cart shopping cart and reuse legacy software for Hermann Härtig uncritical parts legacy OS ? et al. mult. TU Resource Management Dresden L4Env & Basic Resource Manager Operating Systems L4/Fiasco Microkernel Group Hardware 14 SEVECOM Budapest 2006 TUDOS: Emphasis on Real-Time 10 Years TUDOS: Emphasis on Real-Time L4-Based and Security Systems and Security approach . run critical applications ithout legacy OS critical Hermann Härtig et al. mult. TU Resource Management Dresden L4Env & Basic Resource Manager Operating Systems L4/Fiasco Microkernel Group Hardware 15 SEVECOM Budapest 2006 10 Years What you see ... L4-Based What you see ... Systems Appli- Appli- Presenter cation cation L4Linux Server GUI: DOpE Hermann Härtig Windowmanager: Nitpicker et al. mult. DMphys L4IO Names ... TU L4/Fiasco Microkernel Dresden Operating Systems Hardware Group 16 SEVECOM Budapest 2006 10 Years L4 IPC L4-Based L4 IPC Systems address space A address space B send(msg,…) receive(msg, …) Hermann Härtig et al. synchronous (no buffering) mult. diverse payloads TU Dresden Operating Systems Group 17 SEVECOM Budapest 2006 10 Years L4 IPC Payloads L4-Based L4 IPC Payloads Systems . registers only (short IPC), fast . strings (long IPC) . access rights (“mappings”) – memory pages transfer page table entries – IO ports – ... can be revoked (“unmap”) Hermann . faults Härtig et al. mult. interrupts TU Dresden Operating Systems Group 18 SEVECOM Budapest 2006 LLeeggaacycy SSooffttwwaarree ffoorr LL44:: 10 Years 4 L4-Based L Linux and DDE Systems L Linux and DDE objectives . inherit large base of legacy software binary compatible . get it out of the way for more interesting applications . but reuse it also for interesting applications and . reuse drivers Hermann Härtig et al. mult. TU Dresden Operating Systems Group 19 SEVECOM Budapest 2006 10 Years L4-Based LLiinnuuxx KKeerrnneell StStrruuccttuurree Systems User Application Application Application Application Mode Privileged Mode Arch- Depend. System-Call Interface Linux File Systems Networkin Processes Memory Kernel – VFS g – Scheduling Managemen – File System – Sockets – IPC Impl. t Arch- – Protocols – Page allocation Independ. Device Drivers – Address spaces – Swapping Hermann Arch- Hardware Access Härtig Depend. et al. mult. Software Hardwar TU Hardware CPU, Memory, PCI, Devices, … e Dresden Operating Systems Group 20 SEVECOM Budapest 2006 10 Years L4-Based LLiinnuuxx KKeerrnneell StStrruuccttuurree Systems . Kernel entry – System calls – Exceptions (page faults, …) User Application Application Application A. pSpiglincaatl iodnelivery Mode . Copy from/to user address space Arch- System-Call Interface Depend. CPU state, features . Initialization Linux File Systems Networkin . LPowro-lceesvesl emsemoryM emmanoarygement Kernel – VFS g –– SMcMheUd u(plinagge tabMleasn, TaLgBe)men – File System – Sockets . L–o wIPC-level interrupt support Impl. t Arch- – Protocols . Low-level device –s Puapgpeo arltlocation Independ. Device Drivers – Memory-mappe– dA dId/Ore,s sI/ sOp apcoesrts – DMA – Swapping Hermann Arch- Hardware Access Härtig Depend. et al. mult. Privileged Mode L4 TU Dresden Software Operating Hardware Systems Hardware Group CPU, Memory, PCI, Devices, … 21 SEVECOM Budapest 2006 10 Years Linux Systemcalls L4-Based Linux Systemcalls Systems L4Linux Server Arch-Dependent Syscall Dispatcher L4Linux User Process 2 INT 0x80 1 3 Application Arch-Independent L4/Fiasco Kernel Hermann Härtig 4 et al. L Linux server receives exception IPC mult. L4Linux server handles system call TU . L4Linux server sends an exception reply Dresden Operating . L4 kernel receives reply and sets new state of thread Systems Group 22 SEVECOM Budapest 2006 10 Years Address Spaces L4-Based Address Spaces Systems Application Li4nLuxinux K eSrenervler Memory thread_inf Management – Page allocation o – Address spaces – Swapping Architecture- Dependent
Recommended publications
  • Ebook - Informations About Operating Systems Version: August 15, 2006 | Download

    Ebook - Informations About Operating Systems Version: August 15, 2006 | Download

    eBook - Informations about Operating Systems Version: August 15, 2006 | Download: www.operating-system.org AIX Internet: AIX AmigaOS Internet: AmigaOS AtheOS Internet: AtheOS BeIA Internet: BeIA BeOS Internet: BeOS BSDi Internet: BSDi CP/M Internet: CP/M Darwin Internet: Darwin EPOC Internet: EPOC FreeBSD Internet: FreeBSD HP-UX Internet: HP-UX Hurd Internet: Hurd Inferno Internet: Inferno IRIX Internet: IRIX JavaOS Internet: JavaOS LFS Internet: LFS Linspire Internet: Linspire Linux Internet: Linux MacOS Internet: MacOS Minix Internet: Minix MorphOS Internet: MorphOS MS-DOS Internet: MS-DOS MVS Internet: MVS NetBSD Internet: NetBSD NetWare Internet: NetWare Newdeal Internet: Newdeal NEXTSTEP Internet: NEXTSTEP OpenBSD Internet: OpenBSD OS/2 Internet: OS/2 Further operating systems Internet: Further operating systems PalmOS Internet: PalmOS Plan9 Internet: Plan9 QNX Internet: QNX RiscOS Internet: RiscOS Solaris Internet: Solaris SuSE Linux Internet: SuSE Linux Unicos Internet: Unicos Unix Internet: Unix Unixware Internet: Unixware Windows 2000 Internet: Windows 2000 Windows 3.11 Internet: Windows 3.11 Windows 95 Internet: Windows 95 Windows 98 Internet: Windows 98 Windows CE Internet: Windows CE Windows Family Internet: Windows Family Windows ME Internet: Windows ME Seite 1 von 138 eBook - Informations about Operating Systems Version: August 15, 2006 | Download: www.operating-system.org Windows NT 3.1 Internet: Windows NT 3.1 Windows NT 4.0 Internet: Windows NT 4.0 Windows Server 2003 Internet: Windows Server 2003 Windows Vista Internet: Windows Vista Windows XP Internet: Windows XP Apple - Company Internet: Apple - Company AT&T - Company Internet: AT&T - Company Be Inc. - Company Internet: Be Inc. - Company BSD Family Internet: BSD Family Cray Inc.
  • Improving the Reliability of Commodity Operating Systems

    Improving the Reliability of Commodity Operating Systems

    Improving the Reliability of Commodity Operating Systems MICHAEL M. SWIFT, BRIAN N. BERSHAD, and HENRY M. LEVY University of Washington Despite decades of research in extensible operating system technology, extensions such as device drivers remain a significant cause of system failures. In Windows XP, for example, drivers account for 85% of recently reported failures. This paper describes Nooks, a reliability subsystem that seeks to greatly enhance OS reliability by isolating the OS from driver failures. The Nooks approach is practical: rather than guaranteeing complete fault tolerance through a new (and incompatible) OS or driver architecture, our goal is to prevent the vast majority of driver-caused crashes with little or no change to existing driver and system code. Nooks isolates drivers within lightweight protection domains inside the kernel address space, where hardware and software prevent them from corrupting the kernel. Nooks also tracks a driver’s use of kernel resources to facilitate automatic clean-up during recovery. To prove the viability of our approach, we implemented Nooks in the Linux operating system and used it to fault-isolate several device drivers. Our results show that Nooks offers a substantial increase in the reliability of operating systems, catching and quickly recovering from many faults that would otherwise crash the system. Under a wide range and number of fault conditions, we show that Nooks recovers automatically from 99% of the faults that otherwise cause Linux to crash. While Nooks was designed for drivers, our techniques generalize to other kernel extensions. We demonstrate this by isolating a kernel-mode file system and an in-kernel Internet service.
  • Occupational Health and Safety Risks in the Healthcare Sector

    Occupational Health and Safety Risks in the Healthcare Sector

    Occupational health and safety risks in the healthcare sector Guide to prevention and good practice This publication is supported by the European Union Programme for Employment and Social Solidarity - PROGRESS (2007-2013). This programme is implemented by the European Commission. It was established to financially support the implementation of the objectives of the European Union in the employment, social affairs and equal oppor- tunities area, and thereby contribute to the achievement of the Europe 2020 Strategy goals in these fields. The seven-year Programme targets all stakeholders who can help shape the development of appropriate and effective employment and social legislation and policies, across the EU-27, EFTA-EEA and EU candidate and pre-candidate countries. For more information see: http://ec.europa.eu/progress Occupational health and safety risks in the healthcare sector European Commission Directorate-General for Employment, Social Affairs and Inclusion Unit B.3 Manuscript completed in December 2010 Neither the European Commission nor any person acting on behalf of the Commission may be held responsible for the use that may be made of the information contained in this publication. © Cover photos: iStock For any use or reproduction of photos which are not under European Union copyright, permission must be sought directly from the copyright holder(s). This guide has been produced by the Bundesanstalt für Arbeitsschutz und Arbeitsmedizin (BAuA), Berufsgenossenschaft für Gesundheitsdienst und Wohlfahrtspflege (BGW), contec Gesellschaft für Organisationsentwicklung mbH, Deutsches Netz Gesundheitsfördernder Krankenhäuser (DNGfK) and BAD/ Team Prevent GmbH. Europe Direct is a service to help you find answers to your questions about the European Union Freephone number (*): 00 800 6 7 8 9 10 11 (*) Certain mobile telephone operators do not allow access to 00 800 numbers or these calls may be billed.
  • Rights Reserved. Permission to Make Digital Or Hard Copies of All Or Part Of

    Rights Reserved. Permission to Make Digital Or Hard Copies of All Or Part Of

    Copyright © 1994, by the author(s). All rights reserved. Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. To copy otherwise, to republish, to post on servers or to redistribute to lists, requires prior specific permission. MICROSOFT WINDOWS NT AND THE COMPETITION FOR DESKTOP COMPUTING by Brad Peters, William R. Bush, and A. Richard Newton Memorandum No. UCB/ERL M94/3 31 January 1994 MICROSOFT WINDOWS NT AND THE COMPETITION FOR DESKTOP COMPUTING by Brad Peters, William R. Bush, and A. Richard Newton Memorandum No. UCB/ERL M94/3 31 January 1994 MICROSOFT WINDOWS NT AND THE COMPETITION FOR DESKTOP COMPUTING by Brad Peters, William R. Bush, and A. Richard Newton Memorandum No. UCB/ERL M94/3 31 January 1994 ELECTRONICS RESEARCH LABORATORY College ofEngineering University ofCalifornia, Berkeley 94720 MICROSOFT WINDOWS NT AND THE COMPETITION FOR DESKTOP COMPUTING by Brad Peters, William R. Bush, and A. Richard Newton Memorandum No. UCB/ERL M94/3 31 January 1994 ELECTRONICS RESEARCH LABORATORY College ofEngineering University ofCalifornia, Berkeley 94720 Microsoft Windows NT And The Competition for Desktop Computing January 1994 Department ofElectrical Engineering and Computer Sciences University ofCalifornia Berkeley, California 94720 Abstract This report contains two papers, An Introduction to Microsoft Windows NT And Its Competitors, and The Status ofWindows NT and Its Competitors At The End of1993. The first paper, written in April 1993,presents an overview of the technology of Windows NT, and analyzes the competitors and competitive factors in the desktop operating system race.
  • Integrated Report 2019

    Integrated Report 2019

    Integrated Report 2019 JP TOWER, 2-7-2 Marunouchi, Chiyoda-ku, Tokyo 100-7015, Japan Phone: +81-3-6250-2111 https://konicaminolta.com CONTENTS On the Release of Integrated Report 2019 1 On the Release of Integrated Report 2019 2 CONTENTS Konica Minolta’s Strengths 03 Since fiscal 2015, Konica Minolta has released annual reports (the name of these reports was changed to the and Value Creation 3 Konica Minolta Philosophy integrated report in 2017) that provide a comprehensive look at the Company's activities and philosophies. 7 Value Creation Process The fifth report is now available. We made this integrated report to be a communication tool to better 9 Konica Minolta's Strengths 1. Customer base familiarize stakeholders, including shareholders and investors, with Konica Minolta by systematically 11 Konica Minolta’s Strengths 2. Technical expertise organizing both financial and non-financial information. 13 Konica Minolta’s Strengths 3. Business Model The 2018 integrated report was externally well-received, winning recognition and awards that included Growth Strategy 15 the Special Award in the Nikkei Annual Report Awards conducted by Nikkei Inc., and the Excellence in 15 Medium Term Business Plan Integrated Reporting Prize at the 6th WICI Japan Awards for Excellence in Integrated Reporting. 17 Message from the CEO Integrated Report 2019 clarifies the Konica Minolta Group's strengths and value creation processes 25 Message from the CFO 29 while explaining the Group's medium- to long-term business strategy and pathway to value creation with a Special Topics Building High Value-Added Businesses focus on SHINKA 2019, the new Medium Term Business Plan formulated in 2017.
  • Legacy Reuse

    Legacy Reuse

    Faculty of Computer Science Institute for System Architecture, Operating Systems Group LEGACY REUSE CARSTEN WEINHOLD THIS LECTURE ... ■ So far ... ■ Basic microkernel concepts ■ Drivers, resource management ■ Today: ■ How to provide legacy OS personalities ■ How to reuse existing infrastructure ■ How to make applications happy TU Dresden Legacy Reuse 2 VIRTUALIZATION ■ Virtualization: ■ Reuse legacy OS + applications ■ Run applications in natural environment ■ Problem: Applications trapped in VMs ■ Different resource pools, namespaces ■ Cooperation is cumbersome (network, ...) ■ Full legacy OS in VM adds overhead ■ Multiple desktops? Bad user experience TU Dresden Legacy Reuse 3 MAKING THE CUT ■ Hardware level: Next week ■ Virtualize legacy OS on top of new OS ■ Operating System Personality: ■ Legacy OS interfaces reimplemented on top of – or ported to – new OS ■ Hybrid operating systems: Today ■ Run legacy OS virtualized … ■ … but tightly integrated with new OS TU Dresden Legacy Reuse 4 OPERATING SYSTEM PERSONALITIES TU Dresden Legacy Reuse 5 OS PERSONALITY ■ Idea: Adapt OS / application boundary ■ (Re-)Implement legacy APIs, not whole OS ■ May need to recompile application ■ Benefits: ■ Get desired application, established APIs ■ Good integration (namespaces, files, ...) ■ Smaller overhead than virtualization ■ Flexible, configurable, but more effort? TU Dresden Legacy Reuse 6 MONOLITHIC KERNELS App App Monolithic Kernel System Call Entry Ext2 VFAT IP Stack Disk Driver NIC Driver TU Dresden Legacy Reuse 7 DECOMPOSITION App App App App Monolithic
  • Kernel Architectures

    Kernel Architectures

    A short history of kernels n Early kernel: a library of device drivers, support for threads (QNX) Operating System Kernels n Monolithic kernels: Unix, VMS, OS 360… n Unstructured but fast… n Over time, became very large Ken Birman n Eventually, DLLs helped on size n Pure microkernels: Mach, Amoeba, Chorus… (borrowing some content from n OS as a kind of application Peter Sirokman) n Impure microkernels: Modern Windows OS n Microkernel optimized to support a single OS n VMM support for Unix on Windows and vice versa The great m-kernel debate Summary of First Paper n How big does it need to be? n The Performance of µ-Kernel-Based Systems (Hartig et al. 16th SOSP, Oct 1997) n With a m-kernel protection-boundary crossing forces us to n Evaluates the L4 microkernel as a basis for a full operating system n Change memory -map n Ports Linux to run on top of L4 and compares n Flush TLB (unless tagged) performance to native Linux and Linux running on n With a macro-kernel we lose structural the Mach microkernel protection benefits and fault-containment n Explores the extensibility of the L4 microkernel n Debate raged during early 1980’s Summary of Second Paper In perspective? n The Flux OSKit: A Substrate for Kernel and n L4 seeks to validate idea that a m-kernel Language Research (Ford et al. 16th SOSP, can support a full OS without terrible 1997) cost penalty n Describes a set of OS components designed to be used to build custom operating systems n Opened the door to architectures like the n Includes existing code simply using “glue code” Windows
  • The Nizza Secure-System Architecture

    The Nizza Secure-System Architecture

    Appears in the proceedings of CollaborateCom 2005, San Jose, CA, USA The Nizza Secure-System Architecture Hermann Härtig Michael Hohmuth Norman Feske Christian Helmuth Adam Lackorzynski Frank Mehnert Michael Peter Technische Universität Dresden Institute for System Architecture D-01062 Dresden, Germany [email protected] Abstract rely on a standard OS (including the kernel) to assure their security properties. The trusted computing bases (TCBs) of applications run- To address the conflicting requirements of complete ning on today’s commodity operating systems have become functionality and the protection of security-sensitive data, extremely large. This paper presents an architecture that researchers have devised system architectures that reduce allows to build applications with a much smaller TCB. It the system’s TCB by running kernels in untrusted mode is based on a kernelized architecture and on the reuse of in a secure compartment on top of a small security kernel; legacy software using trusted wrappers. We discuss the de- security-sensitive services run alongside the OS in isolated sign principles, the architecture and some components, and compartments of their own. This architecture is widely re- a number of usage examples. ferred to as kernelized standard OS or kernelized system. In this paper, we describe Nizza, a new kernelized- system architecture. In the design of Nizza, we set out to answer the question of how small the TCB can be made. 1 Introduction We have argued in previous work that the (hardware and software) technologies needed to build small secure-system Desktop and hand-held computers are used for many platforms have become much more mature since earlier at- functions, often in parallel, some of which are security tempts [8].
  • Separating Protection and Management in Cloud Infrastructures

    Separating Protection and Management in Cloud Infrastructures

    SEPARATING PROTECTION AND MANAGEMENT IN CLOUD INFRASTRUCTURES A Dissertation Presented to the Faculty of the Graduate School of Cornell University in Partial Fulfillment of the Requirements for the Degree of Doctor of Philosophy by Zhiming Shen December 2017 c 2017 Zhiming Shen ALL RIGHTS RESERVED SEPARATING PROTECTION AND MANAGEMENT IN CLOUD INFRASTRUCTURES Zhiming Shen, Ph.D. Cornell University 2017 Cloud computing infrastructures serving mutually untrusted users provide se- curity isolation to protect user computation and resources. Additionally, clouds should also support flexibility and efficiency, so that users can customize re- source management policies and optimize performance and resource utiliza- tion. However, flexibility and efficiency are typically limited due to security requirements. This dissertation investigates the question of how to offer flexi- bility and efficiency as well as strong security in cloud infrastructures. Specifically, this dissertation addresses two important platforms in cloud in- frastructures: the containers and the Infrastructure as a Service (IaaS) platforms. The containers platform supports efficient container provisioning and execut- ing, but does not provide sufficient security and flexibility. Different containers share an operating system kernel which has a large attack surface, and kernel customization is generally not allowed. The IaaS platform supports secure shar- ing of cloud resources among mutually untrusted users, but does not provide sufficient flexibility and efficiency. Many powerful management primitives en- abled by the underlying virtualization platform are hidden from users, such as live virtual machine migration and consolidation. The main contribution of this dissertation is the proposal of an approach in- spired by the exokernel architecture that can be generalized to any multi-tenant system to improve security, flexibility, and efficiency.
  • This Is a Fairy Tale •.• NOT! a Primer on Moving SAS® Applications

    This Is a Fairy Tale •.• NOT! a Primer on Moving SAS® Applications

    This is a Fairy Tale•.• NOT! A Primer on Moving SAS® Applications Across Graphical Operating Systems James Hefner, Entergy Corporation, Beaumont, TX lineup. The PowerPC's PowerOpen operating system should be ABSTRACT able to run Windows, Windows NT, OS/2, Macintosh, and UNIX applications unmodified (using SoftPC to run Windows & OS/2 Currently, most SAS Software application developers have on~ apps). Current plans are to offer these new machines at prices one or two graphical operating systems (such as Microsoft that are highly competitive with the current top-of-the-!ine WindowsTN, or OSFlMoti~ to support. However, the pending offerings by IBM PC manufacturerS and Apple, nol 10 mention release of the SAS System for the Apple® Macintosh®I and the UNIX workstations. This could mean a change in the platform you introduction of new hardware and software such as the PowerPC are currently using, as well as the ability (or need) to be able to and Wabi, means that application developers may have to use and write applications using any of the five operating support two or more graphical operating systems. systems. This paper is intended to assist application developers, both in New Graphical Operating Systems the teaching of the fundamentals of graphical operating systems, and in Ihe moving of SAS/Af® and SAS/EIS® applicalions from In addition to the platforms mentioned above, Apple and IBM are one operating system to another. currently working on the Taligent operating system, which will have an object-oriented, graphical front end. IBM is also INTRODUCTION discussing porling its object·orienled 0512 2.x Workplace Shell 10 a new ver.sion of PC DOS® and AIX®, IBM's version of UNIX (to If you are a SAS' application developer, you may currently be be called Workplace OS).
  • Research on Virtualisation Technlogy for Real-Time Reconfigurable Systems Tian Xia

    Research on Virtualisation Technlogy for Real-Time Reconfigurable Systems Tian Xia

    Research on virtualisation technlogy for real-time reconfigurable systems Tian Xia To cite this version: Tian Xia. Research on virtualisation technlogy for real-time reconfigurable systems. Electronics. INSA de Rennes, 2016. English. NNT : 2016ISAR0009. tel-01418453 HAL Id: tel-01418453 https://tel.archives-ouvertes.fr/tel-01418453 Submitted on 16 Dec 2016 HAL is a multi-disciplinary open access L’archive ouverte pluridisciplinaire HAL, est archive for the deposit and dissemination of sci- destinée au dépôt et à la diffusion de documents entific research documents, whether they are pub- scientifiques de niveau recherche, publiés ou non, lished or not. The documents may come from émanant des établissements d’enseignement et de teaching and research institutions in France or recherche français ou étrangers, des laboratoires abroad, or from public or private research centers. publics ou privés. THESE INSA Rennes présentée par sous le sceau de l’Université Bretagne Loire pour obtenir le titre de Tian Xia DOCTEUR DE L’INSA RENNES ECOLE DOCTORALE : MATISSE Spécialité : Electronique et Télécommunications LABORATOIRE : IETR Thèse soutenue le 05.07.2016 Research on devant le jury composé de : Virtualization Technology François Verdier Professeur, Université de Nice, Nice / Président for Real-time Emmanuel Grolleau Professeur, ISAE-ENSMA, Chasseneuil-Futuroscope / Rapporteur Reconfigurable Systems Guy Gogniat Professeur, Université de Bretagne-Sud, Lorient / Rapporteur Jean-Luc Bechennec Chargé de Recherche, Ecole Centrale de Nantes, Nantes / Examinateur Jean-Christophe Prévotet Maître de Conférence, INSA, Rennes / Co-encadrant de thèse Fabienne Nouvel Maître de Conférence HDR, INSA, Rennes / Directrice de thèse Research on Virtualization Technology for Real-time Reconfigurable Systems Tian Xia Résumé de la Thèse Aujourd’hui, les systèmes embarqués jouent un rôle prépondérant dans la vie quo- tidienne des utilisateurs.
  • L4 – Virtualization and Beyond

    L4 – Virtualization and Beyond

    L4 – Virtualization and Beyond Hermann Härtig!," Michael Roitzsch! Adam Lackorzynski" Björn Döbel" Alexander Böttcher! #!Department of Computer Science# "GWT-TUD GmbH # Technische Universität Dresden# 01187 Dresden, Germany # 01062 Dresden, Germany {haertig,mroi,adam,doebel,boettcher}@os.inf.tu-dresden.de Abstract Mac OS X environment, using full hardware After being introduced by IBM in the 1960s, acceleration by the GPU. Virtual machines are virtualization has experienced a renaissance in used to test potentially malicious software recent years. It has become a major industry trend without risking the host environment and they in the server context and is also popular on help developers in debugging crashes with back- consumer desktops. In addition to the well-known in-time execution. benefits of server consolidation and legacy In the server world, virtual machines are used to preservation, virtualization is now considered in consolidate multiple services previously located embedded systems. In this paper, we want to look on dedicated machines. Running them within beyond the term to evaluate advantages and virtual machines on one physical server eases downsides of various virtualization approaches. management and helps saving power by We show how virtualization can be increasing utilization. In server farms, migration complemented or even superseded by modern of virtual machines between servers is used to operating system paradigms. Using L4 as the balance load with the potential of shutting down basis for virtualization and as an advanced completely unloaded servers or adding more to microkernel provides a best-of-both-worlds increase capacity. Lastly, virtual machines also combination. Microkernels can contribute proven isolate different customers who can purchase real-time capabilities and small trusted computing virtual shares of a physical server in a data center.