DOCSLIB.ORG

EPTCS 280 ACL2 Theorem Prover and Its Applications

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

EPTCS 280 Proceedings of the 15th International Workshop on the ACL2 Theorem Prover and Its Applications Austin, Texas, USA, November 5-6, 2018 Edited by: Shilpi Goel and Matt Kaufmann Published: 29th October 2018 DOI: 10.4204/EPTCS.280 ISSN: 2075-2180 Open Publishing Association i Table of Contents TableofContents .................................... ...................................... i Preface............................................ ........................................ iii Shilpi Goel and Matt Kaufmann A Simple Java Code Generator for ACL2 Based on a Deep EmbeddingofACL2inJava.......... 1 Alessandro Coglio Formalising Filesystems in the ACL2 Theorem Prover: an Application to FAT32 . 18 Mihir Parang Mehta Trapezoidal Generalization over Linear Constraints . ....................................... 30 David Greve and Andrew Gacek Incremental SAT Library Integration Using Abstract Stobjs..................................... 47 Sol Swords Using ACL2 in the Design of Efficient, Verifiable Data Structures for High-Assurance Systems . 61 David Hardin and Konrad Slind Adding 32-bit Mode to the ACL2 Model of the x86 ISA . ............................. 77 Alessandro Coglio and Shilpi Goel A Toolbox For Property Checking From Simulation Using Incremental SAT (Extended Abstract) . 95 Rob Sumners The Fundamental Theorem of Algebra in ACL2 . ................................ 98 Ruben Gamboa and John Cowles Real Vector Spaces and the Cauchy-Schwarz Inequality in ACL2(r).............................111 Carl Kwan and Mark R. Greenstreet ConvexFunctions inACL2(r)........................... ....................................128 Carl Kwan and Mark R. Greenstreet Smtlink2.0......................................... .......................................143 Yan Peng and Mark R. Greenstreet DefunT: A Tool for Automating Termination Proofs by Using the Community Books (Extended Abstract).......................................... ........................................161 Matt Kaufmann ii Hint Orchestration Using ACL2’s Simplifier . ....................................164 Sol Swords Preface This volume contains the proceedings of the Fifteenth International Workshop on the ACL2 Theorem Prover and Its Applications (ACL2-2018), a two-day workshop held in Austin, Texas, USA, on Novem- ber 5-6, 2018, immediately after FMCAD (http://www.fmcad.org/FMCAD18), on the University of Texas campus. ACL2 workshops occur at approximately 18-month intervals, and they provide a major technical forum for users of the ACL2 theorem proving system to present research related to the ACL2 theorem prover and its applications. ACL2 is an industrial-strength automated reasoning system, the latest in the Boyer-Moore family of theorem provers. The 2005 ACM Software System Award was awarded to Boyer, Kaufmann, and Moore for their work in ACL2 and the other theorem provers in the Boyer-Moore family. The proceedings of ACL2-2018 include eleven long papers and two extended abstracts. Each sub- mission received three reviews. The workshop also included several “rump session” talks — short un- published presentations that discussed ongoing research — as well as three invited talks: - Small Team, Short Ramp, Industrial-scale Problems: Some Experiments in the Practicum of Inter- active Theorem Proving — Sandip Ray (University of Florida) - Creating Formal Specifications of the Arm Processor Architecture — Alastair Reid (ARM) - Building Blocks for RTL Verification in ACL2 — Sol Swords (Centaur Technology) This workshop would not have been possible without the support of a large number of people. We thank our generous sponsors, Centaur Technology and Oracle Corporation. We thank those who con- tributed papers, as well as the members of the Program Committee for providing careful reviews and for engaging in lively discussion. We thank the members of the Steering Committee for their help and guidance. We are grateful to the invited speakers for sharing their insights. We thank The University of Texas (UT Austin), Warren Hunt, Jr., and Lindy Aleshire for helping us to get a venue for our workshop. We thank EasyChair, EPTCS, arXiv, and RegOnline for providing assistance with the logistics of the workshop. Thanks are also due to David Rager for helping us administer registration. We are also grate- ful for support of our time spent on workshop preparations from Centaur Technology, UT Austin, the Kestrel Institute, and DARPA under Contract Nos. FA8650-17-1-7704 and FA8750-15-C-0007. Last, but not least, we thank Mertcan Temel for his assistance with local arrangements. It has been a pleasure and an honor to chair this event. Shilpi Goel and Matt Kaufmann November, 2018 Shilpi Goel and Matt Kaufmann (Eds.): c Goel and Kaufmann ACL2 Theorem Prover and its Applications (ACL2-2018) This work is licensed under the EPTCS 280, 2018, pp. iii–iv, doi:10.4204/EPTCS.280.0 Creative Commons Attribution License. iv Preface ACL2 2018 Program Committee Harsh Chamarthi Intel AlessandroCoglio KestrelInstitute Jared Davis Apple RubenGamboa UniversityofWyoming ShilpiGoel CentaurTechnology Dave Greve Rockwell-Collins WarrenHunt TheUniversityofTexas Sebastiaan Joosten University of Twente MattKaufmann TheUniversityofTexas John O’Leary Intel Grant Passmore AestheticIntegration David Rager Oracle SandipRay UniversityofFlorida David Russinoff ARM Julien Schmaltz Eindhoven University of Technology AnnaSlobodova CentaurTechnology EricSmith KestrelInstitute SolSwords CentaurTechnology A Simple Java Code Generator for ACL2 Based on a Deep Embedding of ACL2 in Java Alessandro Coglio Kestrel Institute http://www.kestrel.edu AIJ (ACL2 In Java) is a deep embedding in Java of an executable, side-effect-free, non-stobj- accessing subset of the ACL2 language without guards. ATJ (ACL2 To Java) is a simple Java code generator that turns ACL2 functions into AIJ representations that are evaluated by the AIJ interpreter. AIJ and ATJ enable possibly verified ACL2 code to run as, and interoperate with, Java code, without much of the ACL2 framework or any of the Lisp runtime. The current speed of the resulting Java code may be adequate to some applications. 1 Motivation and Contributions A benefit of writing code in a theorem prover is the ability to prove properties about it, such as the satis- faction of requirements specifications. A facility to generate code in one or more programming languages from an executable subset of the prover’s logical language enables the possibly verified code to run as, and interoperate with, code written in those programming languages. Assuming the correctness of code generation (whose verification is a separable problem, akin to compilation verification) the properties proved about the original code carry over to the generated code. The ACL2 theorem provers’s tight integration with the underlying Lisp platform enables the exe- cutable subset of the ACL2 logical language to run readily and efficiently as Lisp, without the need for explicit code generation facilities. Nonetheless, some situations may call for running ACL2 code in other programming languages: specifically, when the ACL2 code must interoperate with external code in those programming languages in a more integrated and efficient way than afforded by inter-language commu- nication via foreign function interfaces [4, 9], or by inter-process communication with the ACL2/Lisp runtime via mechanisms like the ACL2 Bridge [2, :doc bridge]. Using Lisp implementations written in the target programming languages [1] involves not only porting ACL2 to them, but also including much more runtime code than necessary for the target applications. Compilers from Lisp to the target programming languages may need changes or wrappers, because executable ACL2 is not quite a subset of Lisp; furthermore, the ability to compile non-ACL2 Lisp code is an unnecessary complication as far as ACL2 compilation is concerned, making potential verification harder. The work described in this paper contributes to the goal of running ACL2 code in other programming languages in the integrated manner described above: • ATJ (ACL2 To Java) is a Java code generator for ACL2. ATJ translates executable, side-effect- free, non-stobj-accessing ACL2 functions, without their guards, into Java. It does so in a simple way, by turning the functions into deeply embedded Java representations that are executed by an ACL2 evaluator written in Java. • AIJ (ACL2 In Java) is a deep embedding in Java of an executable, side-effect-free, non-stobj- accessing subset of the ACL2 language without guards. AIJ consists of (i) a Java representation of the ACL2 values, terms, and environment, (ii) a Java implementation of the ACL2 primitive Shilpi Goel and Matt Kaufmann (Eds.): © Alessandro Coglio ACL2 Theorem Prover and its Applications (ACL2-2018) This work is licensed under the EPTCS 280, 2018, pp. 1–17, doi:10.4204/EPTCS.280.1 Creative Commons Attribution License. 2 Java Code Generator and Deep Embedding functions, and (iii) an ACL2 evaluator written in Java. AIJ executes the deeply embedded Java representations of ACL2 functions generated by ATJ. AIJ is of independent interest and can be used without ATJ. The ACL2 language subset supported by ATJ and AIJ includes all the values, all the primitive functions, and many functions with raw Lisp code—see Section 2 for details on these two kinds of functions. The initial implementation of AIJ favored assurance over efficiency: it was quite simple, to reduce the chance of errors and facilitate its potential verification, but it was also quite slow. The careful
Recommended publications
  • Effective Virtual CPU Configuration with QEMU and Libvirt

    Effective Virtual CPU Configuration with QEMU and Libvirt

    Effective Virtual CPU Configuration with QEMU and libvirt Kashyap Chamarthy <[email protected]> Open Source Summit Edinburgh, 2018 1 / 38 Timeline of recent CPU flaws, 2018 (a) Jan 03 • Spectre v1: Bounds Check Bypass Jan 03 • Spectre v2: Branch Target Injection Jan 03 • Meltdown: Rogue Data Cache Load May 21 • Spectre-NG: Speculative Store Bypass Jun 21 • TLBleed: Side-channel attack over shared TLBs 2 / 38 Timeline of recent CPU flaws, 2018 (b) Jun 29 • NetSpectre: Side-channel attack over local network Jul 10 • Spectre-NG: Bounds Check Bypass Store Aug 14 • L1TF: "L1 Terminal Fault" ... • ? 3 / 38 Related talks in the ‘References’ section Out of scope: Internals of various side-channel attacks How to exploit Meltdown & Spectre variants Details of performance implications What this talk is not about 4 / 38 Related talks in the ‘References’ section What this talk is not about Out of scope: Internals of various side-channel attacks How to exploit Meltdown & Spectre variants Details of performance implications 4 / 38 What this talk is not about Out of scope: Internals of various side-channel attacks How to exploit Meltdown & Spectre variants Details of performance implications Related talks in the ‘References’ section 4 / 38 OpenStack, et al. libguestfs Virt Driver (guestfish) libvirtd QMP QMP QEMU QEMU VM1 VM2 Custom Disk1 Disk2 Appliance ioctl() KVM-based virtualization components Linux with KVM 5 / 38 OpenStack, et al. libguestfs Virt Driver (guestfish) libvirtd QMP QMP Custom Appliance KVM-based virtualization components QEMU QEMU VM1 VM2 Disk1 Disk2 ioctl() Linux with KVM 5 / 38 OpenStack, et al. libguestfs Virt Driver (guestfish) Custom Appliance KVM-based virtualization components libvirtd QMP QMP QEMU QEMU VM1 VM2 Disk1 Disk2 ioctl() Linux with KVM 5 / 38 libguestfs (guestfish) Custom Appliance KVM-based virtualization components OpenStack, et al.
  • QEMU Parameter Jungle Slides

    QEMU Parameter Jungle Slides

    Finding your way through the QEMU parameter jungle 2018-02-04 Thomas Huth <[email protected]> Legal ● Disclaimer: Opinions are my own and not necessarily the views of my employer ● “Jungle Leaves” background license: CC BY 3.0 US : https://creativecommons.org/licenses/by/3.0/us/ Image has been modified from the original at: https://www.freevector.com/jungle-leaves-vector-background 2 Introduction 3 Why a guide through the QEMU parameter jungle? 4 Why a guide through the QEMU parameter jungle? ● QEMU is a big project, supports lots of emulated devices, and lots of host backends ● 15 years of development → a lot of legacy ● $ qemu-system-i386 -h | wc -l 454 ● People regularly ask about CLI problems on mailing lists or in the IRC channels → Use libvirt, virt-manager, etc. if you just want an easier way to run a VM 5 General Know-How ● QEMU does not distinguish single-dash options from double-dash options: -h = --h = -help = --help ● QEMU starts with a set of default devices, e.g. a NIC and a VGA card. If you don't want this: --nodefaults or suppress certain default devices: --vga none --net none 6 Getting help about the options ● Parameter overview: -h or --help (of course) ● Many parameters provide info with “help”: --accel help ● Especially, use this to list available devices: --device help ● To list parameters of a device: --device e1000,help ● To list parameters of a machine: --machine q35,help 7 e1000 example ● $ qemu-system-x86_64 --device e1000,help [...] e1000.addr=int32 (PCI slot and function¼) e1000.x-pcie-extcap-init=bool (on/off) e1000.extra_mac_registers=bool (on/off) e1000.mac=str (Ethernet 6-byte MAC Address¼) e1000.netdev=str (ID of a netdev backend) ● $ qemu-system-x86_64 --device \ e1000,mac=52:54:00:12:34:56,addr=06.0 8 General Know How: Guest and Host There are always two parts of an emulated device: ● Emulated guest hardware, e.g.: --device e1000 ● The backend in the host, e.g.: --netdev tap Make sure to use right set of parameters for configuration! 9 “Classes” of QEMU parameters ● Convenience : Easy to use, but often limited scope.
  • Virtual Machine Technologies and Their Application in the Delivery of ICT

    Virtual Machine Technologies and Their Application in the Delivery of ICT

    Virtual Machine Technologies and Their Application In The Delivery Of ICT William McEwan accq.ac.nz n Christchurch Polytechnic Institute of Technology Christchurch, New Zealand [email protected] ABSTRACT related areas - a virtual machine or network of virtual machines can be specially configured, allowing an Virtual Machine (VM) technology was first ordinary user supervisor rights, and it can be tested implemented and developed by IBM to destruction without any adverse effect on the corporation in the early 1960's as a underlying host system. mechanism for providing multi-user facilities This paper hopes to also illustrate how VM in a secure mainframe computing configurations can greatly reduce our dependency on environment. In recent years the power of special purpose, complex, and expensive laboratory personal computers has resulted in renewed setups. It also suggests the important additional role interest in the technology. This paper begins that VM and VNL is likely to play in offering hands-on by describing the development of VM. It practical experience to students in a distance e- discusses the different approaches by which learning environment. a VM can be implemented, and it briefly considers the advantages and disadvantages Keywords: Virtual Machines, operating systems, of each approach. VM technology has proven networks, e-learning, infrastructure, server hosting. to be extremely useful in facilitating the Annual NACCQ, Hamilton New Zealand July, 2002 www. Annual NACCQ, Hamilton New Zealand July, teaching of multiple operating systems. It th offers an alternative to the traditional 1. INTRODUCTION approaches of using complex combinations Virtual Machine (VM) technology is not new. It was of specially prepared and configured OS implemented on mainframe computing systems by the images installed via the network or installed IBM Corporation in the early 1960’s (Varian 1997 pp permanently on multiple partitions or on 3-25, Gribben 1989 p.2, Thornton 2000 p.3, Sugarman multiple physical hard drives.
  • OLD PRETENDER Lovrenc Gasparin, Fotolia

    OLD PRETENDER Lovrenc Gasparin, Fotolia

    COVER STORY Bochs Emulator Legacy emulator OLD PRETENDER Lovrenc Gasparin, Fotolia Gasparin, Lovrenc Bochs, the granddaddy of all emulators, is alive and kicking; thanks to regular vitamin jabs, the lively old pretender can even handle Windows XP. BY TIM SCHÜRMANN he PC emulator Bochs first saw the 2.2.6 version in the Universe reposi- box). This also applies if you want to the light of day in 1994. Bochs’ tory; you will additionally need to install run Bochs on a pre-Pentium CPU, such Tinventor, Kevin Lawton, distrib- the Bximage program. (Bximage is al- as a 486. uted the emulator under a commercial li- ready part of the Bochs RPM for open- After installation, the program will cense before selling to French Linux ven- SUSE.) If worst comes to worst, you can simulate a complete PC, including CPU, dor Mandriva (which was then known always build your own Bochs from the graphics, sound card, and network inter- as MandrakeSoft). Mandriva freed the source code (see the “Building Bochs” face. The virtual PC in a PC works so emulator from its commercial chains, re- leasing Bochs under the LGPL license. Building Bochs If you prefer to build your own Bochs, or an additional --enable-ne2000 parameter Installation if you have no alternative, you will first to configure. The extremely long list of Bochs has now found a new home at need to install the C++ compiler and de- parameters in the user manual [2] gives SourceForge.net [1] (Figure 1). You can veloper packages for the X11 system. you a list of available options.
  • Many Things Related to Qubesos

    Many Things Related to Qubesos

    Qubes OS Many things Many things related to QubesOS Author: Neowutran Contents 1 Wiping VM 2 1.1 Low level storage technologies .................. 2 1.1.1 Must read ......................... 2 1.1.2 TL;DR of my understanding of the issue ........ 2 1.1.3 Things that could by implemented by QubesOS .... 2 2 Create a Gaming HVM 2 2.1 References ............................. 2 2.2 Prerequise ............................. 3 2.3 Hardware ............................. 3 2.4 Checklist .............................. 4 2.5 IOMMU Group .......................... 4 2.6 GRUB modification ........................ 4 2.7 Patching stubdom-linux-rootfs.gz ................ 5 2.8 Pass the GPU ........................... 6 2.9 Conclusion ............................. 6 2.10 Bugs ................................ 6 3 Create a Linux Gaming HVM, integrated with QubesOS 7 3.1 Goals ................................ 7 3.2 Hardware used .......................... 7 3.3 Main steps summary ....................... 7 3.3.1 Detailled steps ...................... 8 3.3.2 Using a kernel provided by debian ............ 8 3.4 Xorg ................................ 8 3.4.1 Pulseaudio ......................... 11 3.5 Final notes ............................ 11 3.6 References ............................. 12 4 Nitrokey and QubeOS 12 5 Recovery: Mount disk 12 6 Disposable VM 13 6.1 Introduction ............................ 14 6.1.1 References ......................... 14 6.1.2 What is a disposable VM? ................ 14 6.2 Playing online video ....................... 14 6.3 Web browsing ........................... 15 6.4 Manipulating untrusted files/data ................ 16 1 6.5 Mounting LVM image ...................... 17 6.6 Replace sys-* VM ......................... 18 6.7 Replace some AppVMs ...................... 18 7 Building a new QubesOS package 18 7.1 References ............................. 18 7.2 Goal ................................ 18 7.3 The software ............................ 19 7.4 Packaging ............................. 19 7.5 Building .............................
  • QEMU for Xen Secure by Default

    QEMU for Xen Secure by Default

    QEMU for Xen secure by default Deprivileging the PC system emulator Ian Jackson <[email protected]> FOSDEM 2016 with assistance from Stefano Stabellini guest guest Xen PV driver IDE driver Xen PV protocol mmio, dma, etc. qemu Emulated IDE controller Xen PV backend (usually), syscalls (usually) dom0 (usu.dom0) kernel Device driver kernel Device driver PV HVM ... ... ... ... ... from Xen Security Team advisories page, http://xenbits.xen.org/xsa/ Xen on x86 modes, and device model bug implications Current status for users of upstream Xen and distros and future plans Status Device model Notes bugs mean PV Fully supported Safe (no DM) Only modified guests HVM qemu in dom0 Fully supported Vulnerable Current default as root HVM qemu stub DM Upstream but not Safe Ancient qemu qemu-xen-trad. in most distros. Build system problems HVM qemu stub DM In progress Safe Rump build system rump kernel Hard work! is mini distro HVM qemu dom0 Targeting No privilege esc. Defence in depth not as root Xen 4.7 Maybe dom0 DoS Hopefully, will be default Xen on x86 modes, and device model bug implications Current status for users of upstream Xen and distros and future plans Status Device model Notes bugs mean PV Fully supported Safe (no DM) Only modified guests HVM qemu in dom0 Fully supported Vulnerable Current default as root HVM qemu stub DM Upstream but not Safe Ancient qemu qemu-xen-trad. in most distros. Build system problems HVM qemu stub DM In progress Safe Rump build system rump kernel Hard work! is mini distro HVM qemu dom0 Targeting No privilege esc.
  • Hyperlink: Virtual Machine Introspection and Memory Forensic Analysis Without Kernel Source Code Jidong Xiao Boise State University

    Hyperlink: Virtual Machine Introspection and Memory Forensic Analysis Without Kernel Source Code Jidong Xiao Boise State University

    Boise State University ScholarWorks Computer Science Faculty Publications and Department of Computer Science Presentations 1-1-2016 HyperLink: Virtual Machine Introspection and Memory Forensic Analysis without Kernel Source Code Jidong Xiao Boise State University Lei Lu VMware Inc. Haining Wang University of Delaware Xiaoyun Zhu Futurewei Technologies © 2016 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works. doi: 10.1109/ICAC.2016.46 HyperLink: Virtual Machine Introspection and Memory Forensic Analysis without Kernel Source Code Jidong Xiao∗, Lei Luy, Haining Wangz, Xiaoyun Zhux ∗Boise State University, Boise, Idaho, USA yVMware Inc., Palo Alto, California, USA zUniversity of Delaware, Newark, Delaware, USA xFuturewei Technologies, Santa Clara, California, USA Abstract— Virtual Machine Introspection (VMI) is an ap- nel rootkit detection [8], [9], kernel integrity protection [10], proach to inspecting and analyzing the software running inside a and detection of covertly executing binaries [11]. Being the virtual machine from the hypervisor. Similarly, memory forensics main enabling technology for cloud computing, virtualiza- analyzes the memory snapshots or dumps to understand the tion allows us allocating finite hardware resources among runtime state of a physical or virtual machine. The existing VMI a large number of software systems and programs. As the and memory forensic tools rely on up-to-date kernel information key component of virtualization, a hypervisor runs directly of the target operating system (OS) to work properly, which often requires the availability of the kernel source code.
  • Running Telecom/TT-Link and Trafman Under Windows 7 (And Up) Using Dosbox

    Running Telecom/TT-Link and Trafman Under Windows 7 (And Up) Using Dosbox

    Running Telecom/TT-Link and Trafman under Windows 7 (and up) using DOSbox 3/31/2014 Documentation written for: Telecom/TT-Link V3.97 or later. TrafMan V6.43 or later. DOSbox V0.74 or later. COM/IP V4.9.5 or later. TrafMan & Telecom/TT-Link on Windows 7 Page 1 of 10 I. Introduction and Initial Emulator Setup Microsoft discontinued support for MS-DOS level programs starting with Windows 7. This has made the operation of Telecom/TT-Link and TrafMan on systems with a Windows 7 or later operating systems problematical, to say the least. However, it is possible to achieve functionality (with some limits) even on a Windows 7 computer by using what is known as a “DOS Emulator”. Emulator’s simulate the conditions of an earlier operating system on a later one. For example, one of the most common emulators is called DOSbox (http://sourceforge.net/projects/dosbox/ ) and it is available as a free download for both PC and Mac computers. DOSbox creates an artificial MS-DOS level environment on a Windows 7 computer. Inside this environment you can run most DOS programs, including TrafMan and Telecom/TT-Link. This document describes how to utilize the DOSbox emulator for running Telecom/TT-Link and TrafMan. It should be noted, however, that other emulators may also work and this document can serve as a guide for setting up and using similar DOS emulators as they are available. Initial DOSbox Emulator Setup: 1) Download the latest release of DOSbox (0.74 or later) to your PC and install it.
  • Introduction to Virtualization Virtualization

    Introduction to Virtualization Virtualization

    Introduction to Virtualization Prashant Shenoy Computer Science CS691D: Hot-OS Lecture 2, page 1 Virtualization • Virtualization: extend or replace an existing interface to mimic the behavior of another system. – Introduced in 1970s: run legacy software on newer mainframe hardware • Handle platform diversity by running apps in VMs – Portability and flexibility Computer Science CS691D: Hot-OS Lecture 2, page 2 Types of Interfaces • Different types of interfaces – Assembly instructions – System calls – APIs • Depending on what is replaced /mimiced, we obtain different forms of virtualization Computer Science CS691D: Hot-OS Lecture 2, page 3 Types of Virtualization • Emulation – VM emulates/simulates complete hardware – Unmodified guest OS for a different PC can be run • Bochs, VirtualPC for Mac, QEMU • Full/native Virtualization – VM simulates “enough” hardware to allow an unmodified guest OS to be run in isolation • Same hardware CPU – IBM VM family, VMWare Workstation, Parallels,… Computer Science CS691D: Hot-OS Lecture 2, page 4 Types of virtualization • Para-virtualization – VM does not simulate hardware – Use special API that a modified guest OS must use – Hypercalls trapped by the Hypervisor and serviced – Xen, VMWare ESX Server • OS-level virtualization – OS allows multiple secure virtual servers to be run – Guest OS is the same as the host OS, but appears isolated • apps see an isolated OS – Solaris Containers, BSD Jails, Linux Vserver • Application level virtualization – Application is gives its own copy of components that are not shared • (E.g., own registry files, global objects) - VE prevents conflicts – JVM Computer Science CS691D: Hot-OS Lecture 2, page 5 Examples • Application-level virtualization: “process virtual machine” • VMM /hypervisor Computer Science CS691D: Hot-OS Lecture 2, page 6 The Architecture of Virtual Machines J Smith and R.
  • Virtualizing Servers with Xen

    Virtualizing Servers with Xen

    Virtualization Xen Features Escalabilidade Performance QoS Implementation Future Virtualizing servers with Xen Evaldo Gardenali VI International Conference of Unix at UNINET Virtualization Xen Features Escalabilidade Performance QoS Implementation Future Outline Virtualization Xen Features Scalability Performance Quality of Service Implementation Future of Xen Virtualization Xen Features Escalabilidade Performance QoS Implementation Future Overview Why? Support heterogeneous environments: Linux r 2.4 e 2.6, NetBSD r , Plan9 r FreeBSD r , OpenSolaris r Consolidate work Legacy Systems Gradual Upgrade Service Isolation Quality of Service Isolated testing and development Ease of administration Ease of relocation and migration Virtualization Xen Features Escalabilidade Performance QoS Implementation Future Virtualization Techniques Single System Image: Ensim r , Vservers, CKRM, VirtuozzoTM, BSD r jail(), Solaris r Zones √ Groups processes in “resource containers” Hard to get isolation × Emulation: QEMU, Bochs √ Portable Extremely slow × Virtualization: VMware r , VirtualPC r √ Runs unmodified Operating Systems Virtualizing x86 is inefficient × User Mode Kernel: User Mode Linux, CoLinux Guest runs as a process on the host OS × Low performance (I/O, context switches) × Paravirtualization: Xen r , Denali √ Excellent performance Requires port to special architecture × Virtualization Xen Features Escalabilidade Performance QoS Implementation Future Virtualization Techniques Single System Image: Ensim r , Vservers, CKRM, VirtuozzoTM, BSD r jail(), Solaris
  • Virtualization of Linux Based Computers: the Linux-Vserver Project

    Virtualization of Linux Based Computers: the Linux-Vserver Project

    VirtualizationVirtualization ofof LinuxLinux basedbased computers:computers: thethe LinuxLinux--VServerVServer projectproject BenoBenoîîtt desdes Ligneris,Ligneris, Ph.Ph. D.D. [email protected] Objectives:Objectives: Objectives:Objectives: 1)1) PresentPresent thethe availableavailable programsprograms thatthat cancan provideprovide aa virtualizationvirtualization ofof LinuxLinux computerscomputers withwith differentdifferent technologies.technologies. Objectives:Objectives: 1)1) PresentPresent thethe availableavailable programsprograms thatthat cancan provideprovide aa virtualizationvirtualization ofof LinuxLinux computerscomputers withwith differentdifferent technologies.technologies. 2)2) FocusFocus onon LinuxLinux--VServers:VServers: aa veryvery lightweightlightweight andand effectiveeffective technologytechnology forfor thethe regularregular LinuxLinux useruser notnot interstedintersted inin KernelKernel hacking.hacking. PlanPlan PlanPlan ● IntroductionIntroduction PlanPlan ● IntroductionIntroduction ● OverviewOverview ofof thethe availableavailable technologytechnology PlanPlan ● IntroductionIntroduction ● OverviewOverview ofof thethe availableavailable technologytechnology ● ClassificationClassification ofof thethe problems:problems: usageusage criteriacriteria PlanPlan ● IntroductionIntroduction ● OverviewOverview ofof thethe availableavailable technologytechnology ● ClassificationClassification ofof thethe problems:problems: usageusage criteriacriteria ● ComparativeComparative studystudy ofof thethe existingexisting
  • Virtualization Technologies Overview Course: CS 490 by Mendel

    Virtualization Technologies Overview Course: CS 490 by Mendel

    Virtualization technologies overview Course: CS 490 by Mendel Rosenblum Name Can boot USB GUI Live 3D Snaps Live an OS on mem acceleration hot of migration another ory runnin disk alloc g partition ation system as guest Bochs partially partially Yes No Container s Cooperati Yes[1] Yes No No ve Linux (supporte d through X11 over networkin g) Denali DOSBox Partial (the Yes No No host OS can provide DOSBox services with USB devices) DOSEMU No No No FreeVPS GXemul No No Hercules Hyper-V iCore Yes Yes No Yes No Virtual Accounts Imperas Yes Yes Yes Yes OVP (Eclipse) Tools Integrity Yes No Yes Yes No Yes (HP-UX Virtual (Integrity guests only, Machines Virtual Linux and Machine Windows 2K3 Manager in near future) (add-on) Jail No Yes partially Yes No No No KVM Yes [3] Yes Yes [4] Yes Supported Yes [5] with VMGL [6] Linux- VServer LynxSec ure Mac-on- Yes Yes No No Linux Mac-on- No No Mac OpenVZ Yes Yes Yes Yes No Yes (using Xvnc and/or XDMCP) Oracle Yes Yes Yes Yes Yes VM (manage d by Oracle VM Manager) OVPsim Yes Yes Yes Yes (Eclipse) Padded Yes Yes Yes Cell for x86 (Green Hills Software) Padded Yes Yes Yes No Cell for PowerPC (Green Hills Software) Parallels Yes, if Boot Yes Yes Yes DirectX 9 Desktop Camp is and for Mac installed OpenGL 2.0 Parallels No Yes Yes No partially Workstati on PearPC POWER Yes Yes No Yes No Yes (on Hypervis POWER 6- or (PHYP) based systems, requires PowerVM Enterprise Licensing) QEMU Yes Yes Yes [4] Some code Yes done [7]; Also supported with VMGL [6] QEMU w/ Yes Yes Yes Some code Yes kqemu done [7]; Also module supported