Microkernel Design A walk through selected aspects of
|
|
- Lauren Hunt
- 6 years ago
- Views:
Transcription
1 Microkernel Design A walk through selected aspects of kernel design and sel4
2 These slides are made distributed under the Creative Commons Attribution 3.0 License, unless otherwise noted on individual slides. You are free: to Share to copy, distribute and transmit the work to Remix to adapt the work Under the following conditions: Attribution You must attribute the work (but not in any way that suggests that the author endorses you or your use of the work) as follows: Courtesy of Kevin Elphinstone, UNSW The complete license text can be found at 2 Kevin Elphinstone. Distributed under Creative Commons Attribution License
3 Formal Verification - Proof Architecture Specification Proof C Code NICTA Copyright 2010 From imagination to impact 3
4 Proof Architecture Access Control Spec Confinement Specification Design Haskell Prototype C Code NICTA Copyright 2010 From imagination to impact 4
5 Verification Strategy An OS perspective simple is better complex system-wide invariants increase difficulty concurrency is very difficulty to reason about must consider every possible interleaving of execution 5 Kevin Elphinstone. Distributed under Creative Commons Attribution License
6 Fundamental Kernel Execution Abstractions support CPU running multiple activities Memory support (and protect) state associated with an activity 6 Kevin Elphinstone. Distributed under Creative Commons Attribution License
7 Execution Two-execution environments kernel level (in-kernel) and user-level (application execution) Covered execution models in detail earlier in the course Two common approaches Event-based smaller memory footprint, limited to smaller kernels Process-based larger memory footprint, programming model scales to larger kernels, though synchronisation adds complexity 7 Kevin Elphinstone. Distributed under Creative Commons Attribution License
8 sel4 Kernel Execution? For verifiability Event-based sequential execution from kernel mode entry to exit Context switch at kernel exit current process/thread control block switch as late as possible kernel c-code not re-entrant Interrupts disabled delivered on return to user-level, or polled during long running operations 8 Kevin Elphinstone. Distributed under Creative Commons Attribution License
9 Application Execution From kernel perspective, commonly two models single-threaded straight forward program execution potentially with another execution model layered on top (e.g. user-level threads) multi-threaded potentially with another execution model or user-level involvement m-n user-level threads scheduler activations 9 Kevin Elphinstone. Distributed under Creative Commons Attribution License
10 Virtualisation Introduces third application (guest OS) execution model Virtual CPU Has close parallels to a thread We ll distinguish them as follows Fixed set at boot time e.g. no create/delete CPUs by guest Hardware-like synchronisation no blocking synch primitives Hardware-like communication low-level notification (interrupts), no complex messaging handled via interrupt handler 10 Kevin Elphinstone. Distributed under Creative Commons Attribution License
11 Application Execution For verification single threaded execution still simplest event-based sequential code multithreaded problematic due to concurrency good to overlap I/O (blocking) with execution, and to utilise multiprocessors virtual CPU with interrupts disabled event-based sequential code interrupts enabled, problematic due potential number of instruction interleavings obviously good for replication normal CPU execution model for guest OS. 11 Kevin Elphinstone. Distributed under Creative Commons Attribution License
12 Multithreaded sel4 Application Execution? verified applications would be limited to a single thread Alternatives VCPUs verified applications have interrupts disabled 12 Kevin Elphinstone. Distributed under Creative Commons Attribution License
13 Memory Management Page-based virtual memory ubiquitous Applications expect a specific memory model Text, data, bss, stack Memory mapped files shared libraries, shared memory External pagers of memory objects Mach External control of mappings Virtualisation (hypercalls, shadow page tables) L4 13 Kevin Elphinstone. Distributed under Creative Commons Attribution License
14 Text, data,. Virtual Address Space Text Data BSS Stack Implications for kernel knowledge of executable format limits alternative e.g. guest OS, guest application at minimum, ability to load application and set up mappings also implies allocation of page tables and memory frames. implies some model for managing memory securely between applications also implies book keeping for de-allocation, i.e. resource attribution e.g. processes. 14 Kevin Elphinstone. Distributed under Creative Commons Attribution License
15 Memory Mapped Files/Objects Virtual Address Space Text Data BSS libc File Stack Implications for kernel similar to text, data, additionally adds file-like store to name data and retrive/store data adds mechanism for mapping vm region to file 15 Kevin Elphinstone. Distributed under Creative Commons Attribution License
16 External Pagers User-level server File System Server Text Data BSS libc File Stack Page faults propagated to user-level servers they supply data for page, kernel still manages memory (frames, page tables, etc..) Implications for kernel adds complexity of vm-region-based fault forwarding data provision mechanism removes complexity of supplying/storing data from the kernel (not in Mach s case) 16 Kevin Elphinstone. Distributed under Creative Commons Attribution License
17 Historical L4 Mapping Model 17 Kevin Elphinstone. Distributed under Creative Commons Attribution License
18 2002 Kevin Elphintone Address Spaces
19 Address Spaces map unmap grant 2002 Kevin Elphintone
20 Address Spaces map unmap grant 2002 Kevin Elphintone
21 Address Spaces map unmap grant 2002 Kevin Elphintone
22 Page Fault Handling "PF" msg Application Pager map msg 2002 Kevin Elphintone
23 Page Fault Handling PF IPC "PF" msg Application Pager res IPC map msg 2002 Kevin Elphintone
24 Address Spaces Physical Memory 2002 Kevin Elphintone
25 Address Spaces Initial AS Physical Memory 2002 Kevin Elphintone
26 Address Spaces Pager 1 Pager 2 Initial AS Physical Memory 2002 Kevin Elphintone
27 Address Spaces Pager 4 Pager 3 Pager 1 Pager 2 Initial AS Physical Memory 2002 Kevin Elphintone
28 Address Spaces Application Application Application Application Pager 4 Pager 3 Pager 1 Pager 2 Initial AS Physical Memory 2002 Kevin Elphintone
29 Address Spaces Application Application Application Application Pager 4 Driver Pager 3 Driver Pager 1 Pager 2 Initial AS Physical Memory 2002 Kevin Elphintone
30 Historical L4 Mapping Kernel only provides Model relatively simple mechanisms physical memory can be directly managed at userlevel page-tables still managed in kernel complexity of some memory management remains introduces complexity of tracking mapping relationships 30 Kevin Elphinstone. Distributed under Creative Commons Attribution License
31 Recursive mapping removed Single privilege syscall for Initial AS Pagers requested mapping from Initial AS Removed need to track mapping relationships from kernel Application Pager 1 Pager 2 Initial AS Physical Memory 31 Kevin Elphinstone. Distributed under Creative Commons Attribution License
32 Initial task removed Mapping operates preallocate physical memory partitions Removes need for user-level to proxy Adds partitioning policy in kernel, but not significant source of complexity page table management still in kernel some memory allocation remains Application Pager Physical Memory Pager Kevin Elphinstone. Distributed under Creative Commons Attribution License 32
33 Note parallels with Hypervisors Mapping operates on preallocated physical memory partitions hypercalls page table management still in kernel some memory allocation remains page table management becomes quite tricky when directly virtualising page tables without hardware assistance Application Guest OS Guest OS Physical Memory 33 Kevin Elphinstone. Distributed under Creative Commons Attribution License
34 Kernel Design for Isolation and Assurance of Physical Memory Dhammika Elkaduwe Philip Derrin Kevin Elphinstone
35 Embedded Systems Increasing functionality Increasing software complexity Millions of lines of code Mutually untrusted SW vendors Consolidate functionality Connectivity Attacks from outside No longer close systems Download SW IIES08/seL4 1
36 Embedded Systems Diverse applications Real-time Vs. best effort Tight resource budgets Mission/life- critical applications Sensitive information Reliability is paramount IIES08/seL4 2
37 Small Kernel Approach Smaller, more trustworthy foundation Hypervisor, microkernel, isolation kernel,.. Facilitate controlled integration and isolation Isolate: fault isolation, diversity Legacy Legacy Legacy App. App. App. Legacy App. Untrusted Trusted Sensitive Sensitive Sensitive App. Sensitive App. App. App. Integrate: performance Linux Server Device Driver Trusted Service Trusted Service Trusted Service Trusted Service Device Driver Device Driver Supervisor OS Small kernel (e.g. Microkernel) Hardware IIES08/seL4 3A
38 Small Kernel Approach Smaller, more trustworthy foundation Hypervisor, microkernel, isolation kernel,.. Facilitate controlled integration and isolation Isolate: fault isolation, diversity Legacy Legacy Legacy App. App. App. Legacy App. Untrusted Trusted Sensitive Sensitive Sensitive App. Sensitive App. App. App. Integrate: performance Linux Server Device Driver Trusted Service Trusted Service Trusted Service Trusted Service Device Driver Device Driver Microkernel should: Provide sufficient API Correct realisation of API Adhere to isolation/integration requirements of the system Supervisor OS Small kernel (e.g. Microkernel) Hardware IIES08/seL4 3B
39 Issue Kernel consumes resources Machine cycles Physical memory (kernel metadata) Example: threads thread control block, Legacy Legacy Legacy App. App. App. Legacy App. Untrusted Trusted Sensitive Sensitive Sensitive App. Sensitive App. App. App. address space page-tables bookkeeping to reclaim memory Linux Server Device Driver Trusted Service Trusted Service Trusted Service Trusted Service Device Driver Device Driver Supervisor OS Microkernel TCB PT TCB PT IIES08/seL4 4
40 Possible Approaches How do we manage kernel metadata? Cache like behaviour [EROS,Cache kernel, HiStar..] No predictability, limited RT applicability Static allocations Works for static systems Dynamic systems: overcommit or fail under heavy load Domain specific kernel modifications? Legacy Legacy Legacy App. App. App. Legacy App. Linux Server Untrusted Device Driver Trusted Supervisor OS Trusted Service Trusted Service Trusted Service Trusted Service Sensitive Sensitive Sensitive App. Sensitive App. App. App. Device Driver Device Driver Microkernel TCB PT TCB PT IIES08/seL4 5
41 Modified Verified L4.Verified project: Formally verify the implementation correctness of the kernel Properties: Isolation, information flow... Formal refinement Formally connect the properties with the kernel implementation Mathematically proven properties Abstract Model Property preserving refinement C Code HW IIES08/seL4 6A
42 Modified Verified L4.Verified project: Formally verify the implementation correctness of the kernel Properties: Isolation, information flow... Formal refinement Formally connect the properties with the kernel implementation Mathematically proven properties Abstract Model Property preserving refinement C Code HW IIES08/seL4 6B
43 Modified Verified L4.Verified project: Formally verify the implementation correctness of the kernel Properties: Isolation, information flow... Formal refinement Formally connect the properties with the kernel implementation Modifications invalidate refinement Verification is labour intensive 10K C-lines = 200K proof lines Memory management is core functionality Mathematically proven properties Abstract Model C Code Property preserving refinement HW IIES08/seL4 6C
44 Approach in a nutshell Truste d OS server Kernel heap Legacy OS server... supervisory OS sel4 Microkernel No implicit allocations within the kernel No heap, no slab allocation etc.. All abstractions are provided by first-class kernel objects Threads TCB object Address space Page table objects All objects are created upon explicit user request IIES08/seL4 7
45 Memory Management Model Trusted OS server Legacy OS server... No implicit allocations within the kernel Physical memory is divided into untyped objects Authority conferred via capabilities supervisory OS Untyped capability is sufficient authority to allocate kernel objects Kernel Code sel4 Microkernel untyped object1 untyped object2.. untyped object n All abstractions are provided via first class kernel objects Allocate on explicit user request Creator gets the full authority Distribute capabilities to allow other access the service IIES08/seL4 8A
46 Memory Management Model Trusted OS server Kernel Code TCB Legacy OS server supervisory OS... sel4 Microkernel TCB Kernel objects Untyped untyped object2 TCB (Thread Control Blocks) Capability tables (CT) Comm. ports..... untyped object n No implicit allocations within the kernel Physical memory is divided into untyped objects Authority conferred via capabilities Untyped capability is sufficient authority to allocate kernel objects All abstractions are provided via first class kernel objects Allocate on explicit user request Creator gets the full authority Distribute capabilities to allow other access the service IIES08/seL4 8B
47 Memory Management Model Trusted OS server Kernel Code TCB Legacy OS server... supervisory OS sel4 Microkernel TCB Kernel objects Untyped PT PT TCB (Thread Control Blocks) Capability tables (CT) Comm. ports... Objects are managed by user-level.. untyped object n No implicit allocations within the kernel Physical memory is divided into untyped objects Authority conferred via capabilities Untyped capability is sufficient authority to allocate kernel objects All abstractions are provided via first class kernel objects Allocate on explicit user request Creator gets the full authority Distribute capabilities to allow other access the service IIES08/seL4 8C
48 Memory Management Model... Trusted OS server Legacy OS server... Delegate authority Allow others to obtain services Delegate resource management Kernel Code TCB supervisory OS Microkernel TCB untyped object2.. untyped object n Memory management policy is completely in user-space Isolation of physical memory = Isolation of authority (capabilities) Capability dissemination is controlled by a Take-Grant like protection model IIES08/seL4 8D
49 Memory Management Model... Trusted OS server Legacy OS server... De-allocation upon explicit user request Call revoke on the Untyped capability Memory can be reused supervisory OS Kernel tracks capability derivations Kernel Code TCB sel4 Microkernel TCB untyped object2.. untyped object n Recorded in capability derivation tree (CDT) Need bookkeeping Doubly-linked list through capabilities untyped cap 1 Space allocated with capability tables CDT TCB TCB TCB copy 9
50 Capability Derivation Tree Trusted OS server Legacy OS server... For allocation: The untyped capability should not have any CDT children supervisory OS sel4 Microkernel Guarantees that there are no previously allocated objects Size of the object(s) must be small or equal to untyped object Kernel Code TCB TCB untyped object2.. untped object n untyped cap 1 CDT TCB TCB TCB copy IIES08/seL4 10
51 Evaluation Formal properties: Formalised the protection model in Isabelle/HOL Machine checked, abstract model of the kernel Formal, machine checked proof that mechanisms are sufficient for enforcing spatial partitioning Proof also identify the invariants the supervisory OS needs to enforce for isolation to hold... supervisory OS sel4 Microkernel IIES08/seL4 11A
52 Evaluation Formal properties: Formalised the protection model in Isabelle/HOL Machine checked, abstract model of the kernel Formal, machine checked proof that mechanisms are sufficient for enforcing spatial partitioning Proof also identify the invariants the supervisory OS needs to enforce for isolation to hold Can not share modifiable page/capability tables Can not share thread control blocks Can not have communication channels that allow capability propagation... supervisory OS sel4 Microkernel IIES08/seL4 11B
53 Evaluation... Performance Used paravirtualised Linux as an example Compared with L4/Wombat (Linux) for running LMBench Linux Driv ers... supervisory OS sel4 Microkernel Bench mark L4 ( s) sel4( s) Gain(%) fork exec shell page faults Null Syscall ctx Proxy via Iguana Linux Driv (Wom ers bat)... Iguana L4 Microkernel IIES08/seL4 12
54 Conclusion No implicit allocations within the kernel Users explicitly allocate kernel objects No heap, slab.. (no hidden bookkeeping) Authority confinement guarantees control of kernel memory All kernel memory management policy is outside the kernel Different isolation/integration configurations Support diverse, co-existing policies No modification to the kernel (remains verified) Hard guarantees on kernel memory consumption Facilitate formal reasoning of physical memory consumption Improve performance by controlled delegation Similar performance in other case IIES08/seL4 14
55 Virtual Memory & sel4 Implemented using 3 objects* Frames: An object corresponding to physical memory Page directory: An object corresponding to level 1 page table of a two-level page table. Page table: An object corresponding to level 2 page table of a two-level page table created from untyped memory (as directed by user-level) * currently actually 4 expect ASIDs will be removed 55 Kevin Elphinstone. Distributed under Creative Commons Attribution License
56 Virtual Memory & sel4 Broadly similar model to previous L4 kernels VM faults are propagated as IPC Introduce new page fault type missing page table To install a mapping, one needs: A cap to a page directory page table to be installed in page directory install requires cap to both PD and PT A cap to a frame of physical memory Thus, model allows creation of domain specific VM model using only authorised memory Revocation handled via CDT 56 Kevin Elphinstone. Distributed under Creative Commons Attribution License
57 Verification Perspective Complexity of memory management policy, and VM model pushed outside the kernel simple VM model implemented at user-level should also be verifiable unverified complex models also supported e.g. para-virtualised guest OS s CDT an additional complexity needed for revocation of caps anyway guarantees integrity (used to determine when memory has no references) 57 Kevin Elphinstone. Distributed under Creative Commons Attribution License
58 Quick Summary Basic abstractions Execution Memory Many alternative models sel4 uses subset that: is amenable to verification in-kernel should be amenable to verification at user-level 58 Kevin Elphinstone. Distributed under Creative Commons Attribution License
59 Inter-process Communication Enables system construction alternative is a monolithic server Processes cooperate to provide services Enables extensibility of the system 59 Kevin Elphinstone. Distributed under Creative Commons Attribution License
60 IPC Semantics Blocking versus Non-blocking Buffered versus Unbuffered Fixed versus Variable-size Direct versus Indirect 60 Kevin Elphinstone. Distributed under Creative Commons Attribution License
61 Blocking versus Nonblocking Blocking (termed synchronous) Send return control only after message is sent Receive returns control only after message is received Non-blocking (termed asynchronous) Send message always immediately copied or queued, and send returns Receive Issues: polls for new message Needs buffering buffering bounded 61 Kevin Elphinstone. Distributed under Creative Commons Attribution License
62 Buffered versus Unbuffered Buffered Requires at least extra copy to buffer Send may get ahead of receive matches differing processing rates Buffers are finite send eventually becomes blocking synchronisation and rendezvous occurs Unbuffered Rendezvous always Potential to copy message directly performance 62 Kevin Elphinstone. Distributed under Creative Commons Attribution License
63 Fixed versus Variable Size Fixed size simplifies buffering and marshalling Variable size needs receiver to wait on largest size message every time not really an issue except for large messages 63 Kevin Elphinstone. Distributed under Creative Commons Attribution License
64 Direct versus Indirect Direct send(dest, message) receive(var, message) Source Dest 64 Kevin Elphinstone. Distributed under Creative Commons Attribution License
65 Direct versus Indirect Indirect send(mailbox, message) receive(var, message) Comms path first class objects Source Mailbox Dest 65 Kevin Elphinstone. Distributed under Creative Commons Attribution License
66 sel4 IPC model 6 system calls send, nbsend, call, wait, reply, replywait 2 communication objects EndPoint, AsyncEndPoint 66 Kevin Elphinstone. Distributed under Creative Commons Attribution License
67 Kernel Calls are IPC IPC specifies a capability as the destination call -ing a cap, invokes the kernel identifies the object TCB, PD, PT specifies the method and arguments of call 67 Kevin Elphinstone. Distributed under Creative Commons Attribution License
68 Communications Objects EndPoint (EP) and AsyncEndPoint (AEP) acts as a mailbox (indirect comms) distinguished caps to EP and AEP have badges a word of bits used to determine authority or identity of sender 68 Kevin Elphinstone. Distributed under Creative Commons Attribution License
69 Call EndPoints sends message via EP unbuffered (at the moment) receiver receives message unforgeable badge a reply cap to sender allows caps to propagate in a usable way reply responds via reply cap 69 Kevin Elphinstone. Distributed under Creative Commons Attribution License
70 Call, EP, and extensible systems Call and EP enable kernel extensibility via user-level servers (Hydra) Calling a capability invokes a kernel implemented object TCB, PD, PT, etc. invokes a server implemented object Capability propagation is consistent for both kerneland user-level implemented objects authority confinement of kernel object applies to user-objects as well 70 Kevin Elphinstone. Distributed under Creative Commons Attribution License
71 AEP Used for signalling nbsend Badge is or -ed with word in AEP object can never block Receiving receives state of AEP word zeros work (atomically) Depending on encoding of badges, notification of 32 source events used in conjunction with shared memory. 71 Kevin Elphinstone. Distributed under Creative Commons Attribution License
72 IPC Importance
73 General IPC Algorithm Validate parameters Locate target thread if unavailable, deal with it Transfer message short data only long outlined or cap transfer Schedule target thread switch address space as necessary Wait for IPC
74 IPC - Implementation Short IPC
75 Short IPC (uniprocessor) system-call preamble (disable intr) identify dest thread or endpoint and check basically cap lookup ready-to-receive? analyze msg and transfer short: no action required switch to dest thread & address space system-call postamble The critical path
76 Short IPC (uniprocessor) call system-call pre (disable intr) identify dest thread or endpoint and check basically cap lookup ready-to-receive? running wait to receive analyze msg and transfer short: no action required switch to dest thread & address space system-call post wait to receive running
77 Short IPC (uniprocessor) send (eagerly) system-call pre (disable intr) identify dest thread or endpoint and check basically cap lookup ready-to-receive? running running analyze msg and transfer short: no action required switch to dest thread & address space system-call post wait to receive running Not common operation if send is signal
78 Short IPC (uniprocessor) send (lazily) system-call pre (disable intr) identify dest thread or endpoint and check basically cap lookup ready-to-receive? running running analyze msg and transfer short: no action required switch to dest thread & address space system-call post wait to receive running
79 IPC EAX ECX EDX EBX ESI EDI EBP ESP EFLAGS EIP CS SS DS ES FS GS
80 IPC EAX ECX EDX EBX ESI EDI EBP ESP EFLAGS EIP CS SS DS ES FS GS
81 IPC EAX ECX EDX EBX ESI EDI EBP ESP EFLAGS EIP CS SS DS ES FS GS
82 IPC EAX ECX EDX EBX ESI EDI EBP ESP EFLAGS EIP CS SS DS ES FS GS
83 IPC EAX ECX EDX EBX ESI EDI EBP ESP EFLAGS EIP CS SS DS ES FS GS
84 IPC EAX ECX EDX EBX ESI EDI EBP ESP EFLAGS EIP CS SS DS ES FS GS
85 IPC EAX Note payload from green thread ECX EDX EBX ESI EDI EBP ESP EFLAGS EIP CS SS DS ES FS GS
86 Implementation Goal Most frequent kernel op: short IPC thousands of invocations per second Performance is critical: structure IPC for speed structure entire kernel to support fast IPC What affects performance? cache line misses TLB misses memory references pipe stalls and flushes instruction scheduling
87 Fast Path Optimize for common cases write in assembler non-critical paths written in C/C++ but still fast as possible Avoid high-level language overhead: function call state preservation poor code optimizations We want every cycle possible!
88 IPC Attributes for Fast Path short message single runnable thread after IPC must be valid IPC call switch threads, originator blocks send phase: the target is waiting receive phase: the sender is not ready to couple, causing us to block
89 Avoid Memory References!!! Memory references are slow Microkernel should minimize indirect costs cache pollution TLB pollution memory bus
90 Optimized Memory Also: hard-wire TLB entries for kernel code and data. stack Single TLB entry. thread state UTCB cpu ID thread ID TCB state, grouped by cache lines.
91 Branch Elimination Common case: -1 slow = ~receiver->thread_state + (timeouts & 0xffff) + sender->resources + receiver->resources; if( slow ) enter_slow_path() Reduces branch prediction foot print. Avoids mispredicts & stalls & flushes. Increases latency for slow path Common case: 0
92 TCB Resources Resources bitfield 1 1 One bit per resource Fast path checks entire word if not 0, jump to resource handlers Debug registers Copy area
93 Message Transfer IBM PowerPC 750, 500 MHz, 32 registers up to 10 physical registers virtual register copy loop Many cycles wasted on pipe flushes for privileged instructions.
94 Slow Path vs. Fast Path L4Ka::Pistachio IPC performance Pentium cycles Inter C-Path Inter FastPath num ber m essage registers
95 Inter vs. Intra Address Space L4Ka::Pistachio IPC performance Pentium cycles Intra FastPath Inter FastPath num ber m essage registers
96 IPC - Implementation Long IPC
97 Long IPC (uniprocessor) system-call preamble (disable intr) identify dest and check ready-to-receive? analyze msg and transfer long/map: Preemptions possible! (end of timeslice, device interrupt ) Pagefaults possible! (in source and dest address space) transfer message switch to dest thread & address space system-call postamble
98 Long IPC (uniprocessor) system-call pre (disable intr) identify dest and check ready-to-receive? analyze msg and transfer long/map: lock both partners Preemptions possible! (end of timeslice, device interrupt ) Pagefaults possible! (in source and dest address space) transfer message unlock both partners switch to dest thread & address space system-call post
99 Long IPC (uniprocessor) system-call pre (disable intr) identify dest and check ready-to-receive? analyze msg and transfer long/map: lock both partners enable intr transfer message disable intr unlock both partners switch to dest thread & address space system-call post Preemptions possible! (end of timeslice, device interrupt ) Pagefaults possible! (in source and dest address space)
100 Long IPC (uniprocessor) system-call pre (disable intr) identify dest thread and check running locked running wait to receive same chief ready-to-receive? analyze msg and transfer long/map: lock both partners enable intr transfer message disable intr unlock both partners switch to dest thread & address space system-call post wait locked wait running
101 IPC - mem copy Why is it needed? Why not share? Security Need own copy Granularity Object small than a page or not aligned
102 copy in - copy out copy into kernel buffer
103 copy in - copy out copy into kernel buffer switch spaces
104 copy in - copy out copy into kernel buffer switch spaces copy out of kernel buffer costs for n words 2 2n r/w operations 3 n/8 cache lines 1 n/8 overhead cache misses (small n) 4 n/8 cache misses (large n)
105 temporary mapping
106 temporary mapping select dest area (4+4 M)
107 temporary mapping select dest area (4+4 M) map into source AS (kernel)
108 temporary mapping select dest area (4+4 M) map into source AS (kernel) copy data
109 temporary mapping select dest area (4+4 M) map into source AS (kernel) copy data switch to dest space
110 temporary mapping
111 temporary mapping problems multiple threads per AS mappings might change while message is copied How long to keep PTE? What about TLB? current AS
112 temporary mapping invalidate PTE flush TLB when leaving curr thread during ipc? current AS
113 temporary mapping invalidate PTE flush TLB when leaving curr thread during ipc: current AS
114 temporary mapping when returning to thread during ipc: current AS
115 temporary mapping Reestablishing temp mapping requires to store partner id and dest area address in the sender s tcb. Note: receiver s page mappings might have changed! when returning to thread during ipc: current AS
116 Cost estimates Copy in - copy out Temporary mapping R/W operations Cache lines Small n overhead cache misses Large n cache misses Overhead TLB misses Startup instructions 2 2n 2n 3 n/8 2 n/8 n/8 0 5 n/8 3 n/8 0 n / words per page 0 50
117 486 IPC costs Mach: copy in/out L4: temp mapping [µs] Mach L4 + cache flush L4 raw copy msg len
118 Summary Small messages buffering costs a little mapping more so ideally, direct copy between two pinned message areas needs to be synchronous Large messages mapping is more efficient especially with outlined messages startup costs high (cost of setup amortised) implementation complexity high Shared memory and notification similar to buffering in terms of performance copy-in copy-out if mutually distrusting implementation complexity out of kernel 118 Kevin Elphinstone. Distributed under Creative Commons Attribution License
119 EndPoint sel4 unbuffered, synchronous, small message to preallocated pinned buffer used for call AsyncEndPoint or - ed notification used for notification (shared memory buffers) Expect long copied messages to be avoided if possible via shared memory 119 Kevin Elphinstone. Distributed under Creative Commons Attribution License
120 FPU Context Switching Strict switching Thread switch: Store current thread s FPU state Load new thread s FPU state Extremely expensive IA-32 s full SSE2 state is 512 Bytes IA-64 s floating point state is ~1.5KB May not even be required Threads do not always use FPU
121 Lazy FPU switching Kernel FPU Lock FPU on thread switch Unlock at first use exception handled by kernel Unlock FPU If fpu_owner!= current Save current state to fpu_owner Load new state from current fpu_owner := current current fpu_owner locked pacman() finit fld fcos fst finit fld
From imagination to impact
From imagination to impact Kernel Design for Isolation an Assurance of Physical Memory Dhammika Elkauwe Philip Derrin Kevin Elphinstone Embee Systems Increasing functionality Increasing software complexity
More information19/09/2008. Microkernel Construction. IPC - Implementation. IPC Importance. General IPC Algorithm. IPC Implementation. Short IPC
IPC Importance Microkernel Construction IPC Implementation General IPC Algorithm Validate parameters Locate target thread if unavailable, deal with it Transfer message untyped - short IPC typed message
More informationµ-kernel Construction (12)
µ-kernel Construction (12) Review 1 Threading Thread state must be saved/restored on thread switch We need a Thread Control Block (TCB) per thread TCBs must be kernel objects TCBs implement threads We
More informationµ-kernel Construction
µ-kernel Construction Fundamental Abstractions Thread Address Space What is a thread? How to implement? What conclusions can we draw from our analysis with respect to µk construction? A thread of control
More informationIntroduction. COMP9242 Advanced Operating Systems 2010/S2 Week 1
Introduction COMP9242 Advanced Operating Systems 2010/S2 Week 1 2010 Gernot Heiser UNSW/NICTA/OK Labs. Distributed under Creative Commons Attribution License 1 Copyright Notice These slides are distributed
More informationIPC Functionality & Interface Universität Karlsruhe, System Architecture Group
µ-kernel Construction (4) IPC Functionality & Interface 1 IPC Primitives Send to (a specified thread) Receive from (a specified thread) Two threads communicate No interference from other threads Other
More informationIntroduction. COMP /S2 Week Gernot Heiser UNSW/NICTA/OKL. Distributed under Creative Commons Attribution License 1
Introduction COMP9242 2008/S2 Week 1 2008 Gernot Heiser UNSW/NICTA/OKL. Distributed under Creative Commons Attribution License 1 Copyright Notice These slides are distributed under the Creative Commons
More informationTowards a Practical, Verified Kernel
Towards a Practical, Verified Kernel Kevin Elphinstone and Gerwin Klein, National ICT Australia and the University of New South Wales Philip Derrin, National ICT Australia Timothy Roscoe, ETH Zürich Gernot
More informationGerwin Klein Kevin Elphinstone Gernot Heiser June Andronick David Cock Philip Derrin Dhammika Elkaduwe Kai Engelhardt Rafal Kolanski Michael Norrish
Gerwin Klein Kevin Elphinstone Gernot Heiser June Andronick David Cock Philip Derrin Dhammika Elkaduwe Kai Engelhardt Rafal Kolanski Michael Norrish Thomas Sewell Harvey Tuch Simon Winwood 1 microkernel
More information8/09/2006. µ-kernel Construction. Fundamental Abstractions. Thread Switch A B. Thread Switch A B. user mode A kernel. user mode A
Fundamental Abstractions µ- Construction Thread Address Space What is a thread? How to implement? What conclusions can we draw from our analysis with rect to µk construction? A thread of control has internal
More informationFast access ===> use map to find object. HW == SW ===> map is in HW or SW or combo. Extend range ===> longer, hierarchical names
Fast access ===> use map to find object HW == SW ===> map is in HW or SW or combo Extend range ===> longer, hierarchical names How is map embodied: --- L1? --- Memory? The Environment ---- Long Latency
More informationMicrokernels. Overview. Required reading: Improving IPC by kernel design
Microkernels Required reading: Improving IPC by kernel design Overview This lecture looks at the microkernel organization. In a microkernel, services that a monolithic kernel implements in the kernel are
More informationUser-level Management of Kernel Memory
User-level Management of Memory Andreas Haeberlen University of Karlsruhe Karlsruhe, Germany Kevin Elphinstone University of New South Wales Sydney, Australia 1 Motivation: memory Threads Files memory
More informationµ-kernel Construction
µ-kernel Construction Fundamental Abstractions Thread Address Space What is a thread? How to implement? What conclusions can we draw from our analysis with respect to µk construction? Processor? IP SP
More informationCOMP9242 Advanced Operating Systems S2/2011 Week 9: Microkernel Design Gernot Heiser, NICTA
COMP9242 Advanced Operating Systems S2/2011 Week 9: Microkernel Design Copyright Notice These slides are distributed under the Creative Commons Attribution 3.0 License You are free: to share to copy, distribute
More informationFast access ===> use map to find object. HW == SW ===> map is in HW or SW or combo. Extend range ===> longer, hierarchical names
Fast access ===> use map to find object HW == SW ===> map is in HW or SW or combo Extend range ===> longer, hierarchical names How is map embodied: --- L1? --- Memory? The Environment ---- Long Latency
More informationsel4 Reference Manual Version 8.0.0
Data61 Trustworthy Systems https://ts.data61.csiro.au/projects/ts/ sel4 Reference Manual Version 8.0.0 Trustworthy Systems Team, Data61 https://sel4.systems/contact/ 17 January 2018 c 2018 General Dynamics
More informationCS533 Concepts of Operating Systems. Jonathan Walpole
CS533 Concepts of Operating Systems Jonathan Walpole Improving IPC by Kernel Design & The Performance of Micro- Kernel Based Systems The IPC Dilemma IPC is very import in µ-kernel design - Increases modularity,
More informationsel4 Reference Manual Version 2.0.0
NICTA Trustworthy Systems http://ssrg.nicta.com.au/projects/ts/ sel4 Reference Manual Version 2.0.0 Trustworthy Systems Team, NICTA ssrg@nicta.com.au 1 December 2015 c 2015 General Dynamics C4 Systems.
More informationIA32 Intel 32-bit Architecture
1 2 IA32 Intel 32-bit Architecture Intel 32-bit Architecture (IA32) 32-bit machine CISC: 32-bit internal and external data bus 32-bit external address bus 8086 general registers extended to 32 bit width
More informationAdvanced Operating Systems. COMP9242 Introduction
Advanced Operating Systems COMP9242 Introduction Staff Lecturer in Charge Gernot Heiser Lecturer Kevin Elphinstone Various Support Staff TBA 2 Why are you here? You ve done comp3231 Did well (minimum credit)
More informationMechanisms for entering the system
Mechanisms for entering the system Yolanda Becerra Fontal Juan José Costa Prats Facultat d'informàtica de Barcelona (FIB) Universitat Politècnica de Catalunya (UPC) BarcelonaTech 2017-2018 QP Content Introduction
More informationProtection and System Calls. Otto J. Anshus
Protection and System Calls Otto J. Anshus Protection Issues CPU protection Prevent a user from using the CPU for too long Throughput of jobs, and response time to events (incl. user interactive response
More informationMicrokernel Construction. Introduction. Michael Hohmuth. Lars Reuther. TU Dresden Operating Systems Group
Introduction Lecture Goals Provide deeper understanding of OS mechanisms Make all of you enthusiastic kernel hackers Illustrate alternative system design concepts Promote OS research at 2 Administration
More informationStaff. Advanced Operating Systems. Why are you here? What can you expect?
Staff Advanced Operating Systems COMP9242 Introduction Lecturer in Charge Gernot Heiser Lecturer Kevin Elphinstone Various Support Staff TBA 2 Why are you here? You ve done comp3231 Did well (minimum credit)
More informationMultiprocessor Solution
Mutual Exclusion Multiprocessor Solution P(sema S) begin while (TAS(S.flag)==1){}; { busy waiting } S.Count= S.Count-1 if (S.Count < 0){ insert_t(s.qwt) BLOCK(S) {inkl.s.flag=0)!!!} } else S.flag =0 end
More informationOperating System Kernels
Operating System Kernels Presenter: Saikat Guha Cornell University CS 614, Fall 2005 Operating Systems Initially, the OS was a run-time library Batch ( 55 65): Resident, spooled jobs Multiprogrammed (late
More informationProcesses and More. CSCI 315 Operating Systems Design Department of Computer Science
Processes and More CSCI 315 Operating Systems Design Department of Computer Science Notice: The slides for this lecture have been largely based on those accompanying the textbook Operating Systems Concepts,
More informationMICROKERNEL CONSTRUCTION 2014
MICROKERNEL CONSTRUCTION 2014 THE FIASCO.OC MICROKERNEL Alexander Warg MICROKERNEL CONSTRUCTION 1 FIASCO.OC IN ONE SLIDE CAPABILITY-BASED MICROKERNEL API single system call invoke capability MULTI-PROCESSOR
More informationAgenda. Threads. Single and Multi-threaded Processes. What is Thread. CSCI 444/544 Operating Systems Fall 2008
Agenda Threads CSCI 444/544 Operating Systems Fall 2008 Thread concept Thread vs process Thread implementation - user-level - kernel-level - hybrid Inter-process (inter-thread) communication What is Thread
More informationAdvanced Operating Systems. COMP9242 Introduction
Advanced Operating Systems COMP9242 Introduction Staff Lecturer in Charge Gernot Heiser Lecturer Kevin Elphinstone Various Support Staff TBA 2 Why are you here? You ve done comp3231 Did well (minimum credit)
More informationChapter 5: Microkernels and fast local IPC Advanced Operating Systems ( L)
Chapter 5: Microkernels and fast local IPC Advanced Operating Systems (263 3800 00L) Timothy Roscoe Herbstsemester 2012 http://www.systems.ethz.ch/education/courses/hs11/aos/ Systems Group Department of
More informationWhat You Need to Know for Project Three. Dave Eckhardt Steve Muckle
What You Need to Know for Project Three Dave Eckhardt Steve Muckle Overview Introduction to the Kernel Project Mundane Details in x86 registers, paging, the life of a memory access, context switching,
More informationTCBs and Address-Space Layouts Universität Karlsruhe, System Architecture Group
µ-kernel Construction (3) TCBs and Address-Space Layouts 1 Thread Control Blocks (TCBs) 2 Fundamental Abstractions Thread Address space What is a thread? How to implement it? 3 Construction Conclusion
More information19/09/2008. µ-kernel Construction. Fundamental Abstractions. user mode A kernel. user mode A kernel. user mode A kernel. user mode A kernel
Fundamental Abstractions µ- Construction Thread Address Space What is a thread? How to implement? What conclusions can we draw from our analysis with rect to µk construction? Processor? A Processor code
More informationStaff. Advanced Operating Systems. Why are you here? What can you expect?
Staff Advanced Operating Systems COMP9242 Introduction Lecturer in Charge Gernot Heiser Lecturer Kevin Elphinstone Various Support Staff TBA 2 Why are you here? You ve done comp3231 Did well (minimum credit)
More informationFaculty of Computer Science Institute for System Architecture, Operating Systems Group. Memory. Björn Döbel. Dresden,
Faculty of Computer Science Institute for System Architecture, Operating Systems Group Memory Björn Döbel Dresden, 2013-11-05 So far... Introduction Monolithic vs. microkernels L4 concepts: Threads and
More informationComputer Science. ! Other approaches:! Special systems designed for extensibility
Application-Specific Service Technologies for Commodity OSes in Real-Time Environments Richard West and Gabriel Parmer Boston University Boston, MA {richwest,gabep1}@cs.bu.edu Introduction! Leverage commodity
More informationFaculty of Computer Science, Operating Systems Group. The L4Re Microkernel. Adam Lackorzynski. July 2017
Faculty of Computer Science, Operating Systems Group The L4Re Microkernel Adam Lackorzynski July 2017 2 Agenda Plan What is L4Re? History The L4Re Microkernel / Hypervisor Fiasco Interfaces SMP Virtualization...
More informationINFLUENTIAL OPERATING SYSTEM RESEARCH: SECURITY MECHANISMS AND HOW TO USE THEM CARSTEN WEINHOLD
Faculty of Computer Science Institute of Systems Architecture, Operating Systems Group INFLUENTIAL OPERATING SYSTEM RESEARCH: SECURITY MECHANISMS AND HOW TO USE THEM CARSTEN WEINHOLD OVERVIEW Fundamental
More informationThreads, System Calls, and Thread Switching
µ-kernel Construction (2) Threads, System Calls, and Thread Switching (updated on 2009-05-08) Review from Last Lecture The 100-µs Disaster 25 MHz 386 50 MHz 486 90 MHz Pentium 133 MHz Alpha 3 C Costs (486,
More informationProcesses and Threads
COS 318: Operating Systems Processes and Threads Kai Li and Andy Bavier Computer Science Department Princeton University http://www.cs.princeton.edu/courses/archive/fall13/cos318 Today s Topics u Concurrency
More information6x86 PROCESSOR Superscalar, Superpipelined, Sixth-generation, x86 Compatible CPU
1-6x86 PROCESSOR Superscalar, Superpipelined, Sixth-generation, x86 Compatible CPU Product Overview Introduction 1. ARCHITECTURE OVERVIEW The Cyrix 6x86 CPU is a leader in the sixth generation of high
More informationCOMP9242 Advanced Operating Systems S2/2013 Week 4: Microkernel Design
COMP9242 Advanced Operating Systems S2/2013 Week 4: Microkernel Design Copyright Notice These slides are distributed under the Creative Commons Attribution 3.0 License You are free: to share to copy, distribute
More informationFalling in Love with EROS (Or Not) Robert Grimm New York University
Falling in Love with EROS (Or Not) Robert Grimm New York University The Three Questions What is the problem? What is new or different? What are the contributions and limitations? Basic Access Control Access
More informationCOS 318: Operating Systems. Overview. Prof. Margaret Martonosi Computer Science Department Princeton University
COS 318: Operating Systems Overview Prof. Margaret Martonosi Computer Science Department Princeton University http://www.cs.princeton.edu/courses/archive/fall11/cos318/ Announcements Precepts: Tue (Tonight)!
More information3. Process Management in xv6
Lecture Notes for CS347: Operating Systems Mythili Vutukuru, Department of Computer Science and Engineering, IIT Bombay 3. Process Management in xv6 We begin understanding xv6 process management by looking
More informationToday s Topics. u Thread implementation. l Non-preemptive versus preemptive threads. l Kernel vs. user threads
Today s Topics COS 318: Operating Systems Implementing Threads u Thread implementation l Non-preemptive versus preemptive threads l Kernel vs. user threads Jaswinder Pal Singh and a Fabulous Course Staff
More informationSystems Architecture I
Systems Architecture I Topics Assemblers, Linkers, and Loaders * Alternative Instruction Sets ** *This lecture was derived from material in the text (sec. 3.8-3.9). **This lecture was derived from material
More informationVirtual Machines and Dynamic Translation: Implementing ISAs in Software
Virtual Machines and Dynamic Translation: Implementing ISAs in Software Krste Asanovic Laboratory for Computer Science Massachusetts Institute of Technology Software Applications How is a software application
More informationOperating System Architecture. CS3026 Operating Systems Lecture 03
Operating System Architecture CS3026 Operating Systems Lecture 03 The Role of an Operating System Service provider Provide a set of services to system users Resource allocator Exploit the hardware resources
More informationChapter 2. lw $s1,100($s2) $s1 = Memory[$s2+100] sw $s1,100($s2) Memory[$s2+100] = $s1
Chapter 2 1 MIPS Instructions Instruction Meaning add $s1,$s2,$s3 $s1 = $s2 + $s3 sub $s1,$s2,$s3 $s1 = $s2 $s3 addi $s1,$s2,4 $s1 = $s2 + 4 ori $s1,$s2,4 $s2 = $s2 4 lw $s1,100($s2) $s1 = Memory[$s2+100]
More informationPart V. Process Management. Sadeghi, Cubaleska RUB Course Operating System Security Memory Management and Protection
Part V Process Management Sadeghi, Cubaleska RUB 2008-09 Course Operating System Security Memory Management and Protection Roadmap of Chapter 5 Notion of Process and Thread Data Structures Used to Manage
More informationProcesses and Non-Preemptive Scheduling. Otto J. Anshus
Processes and Non-Preemptive Scheduling Otto J. Anshus Threads Processes Processes Kernel An aside on concurrency Timing and sequence of events are key concurrency issues We will study classical OS concurrency
More informationSYSTEM CALL IMPLEMENTATION. CS124 Operating Systems Fall , Lecture 14
SYSTEM CALL IMPLEMENTATION CS124 Operating Systems Fall 2017-2018, Lecture 14 2 User Processes and System Calls Previously stated that user applications interact with the kernel via system calls Typically
More informationImproving Interrupt Response Time in a Verifiable Protected Microkernel
Improving Interrupt Response Time in a Verifiable Protected Microkernel Bernard Blackham Yao Shi Gernot Heiser The University of New South Wales & NICTA, Sydney, Australia EuroSys 2012 Motivation The desire
More informationQuestions answered in this lecture: CS 537 Lecture 19 Threads and Cooperation. What s in a process? Organizing a Process
Questions answered in this lecture: CS 537 Lecture 19 Threads and Cooperation Why are threads useful? How does one use POSIX pthreads? Michael Swift 1 2 What s in a process? Organizing a Process A process
More informationCOMPUTER ARCHITECTURE. Virtualization and Memory Hierarchy
COMPUTER ARCHITECTURE Virtualization and Memory Hierarchy 2 Contents Virtual memory. Policies and strategies. Page tables. Virtual machines. Requirements of virtual machines and ISA support. Virtual machines:
More informationExceptions and Processes
Exceptions and Processes Much of the material for this lecture is drawn from Computer Systems: A Programmer s Perspective (Bryant & O Hallaron) Chapter 8 1 Goals of this Lecture Help you learn about: Exceptions
More informationProcesses and Tasks What comprises the state of a running program (a process or task)?
Processes and Tasks What comprises the state of a running program (a process or task)? Microprocessor Address bus Control DRAM OS code and data special caches code/data cache EAXEBP EIP DS EBXESP EFlags
More informationAssembly Language. Lecture 2 - x86 Processor Architecture. Ahmed Sallam
Assembly Language Lecture 2 - x86 Processor Architecture Ahmed Sallam Introduction to the course Outcomes of Lecture 1 Always check the course website Don t forget the deadline rule!! Motivations for studying
More informationMicrokernel Construction
Introduction SS2013 Class Goals Provide deeper understanding of OS mechanisms Introduce L4 principles and concepts Make you become enthusiastic L4 hackers Propaganda for OS research at 2 Administration
More informationThreads. Raju Pandey Department of Computer Sciences University of California, Davis Spring 2011
Threads Raju Pandey Department of Computer Sciences University of California, Davis Spring 2011 Threads Effectiveness of parallel computing depends on the performance of the primitives used to express
More informationAssembly Language. Lecture 2 x86 Processor Architecture
Assembly Language Lecture 2 x86 Processor Architecture Ahmed Sallam Slides based on original lecture slides by Dr. Mahmoud Elgayyar Introduction to the course Outcomes of Lecture 1 Always check the course
More informationAdvanced Operating Systems (CS 202) Virtualization
Advanced Operating Systems (CS 202) Virtualization Virtualization One of the natural consequences of the extensibility research we discussed What is virtualization and what are the benefits? 2 Virtualization
More informationLow Level Programming Lecture 2. International Faculty of Engineerig, Technical University of Łódź
Low Level Programming Lecture 2 Intel processors' architecture reminder Fig. 1. IA32 Registers IA general purpose registers EAX- accumulator, usually used to store results of integer arithmetical or binary
More informationTutorial 10 Protection Cont.
Tutorial 0 Protection Cont. 2 Privilege Levels Lower number => higher privilege Code can access data of equal/lower privilege levels only Code can call more privileged data via call gates Each level has
More informationChapter 5 (Part II) Large and Fast: Exploiting Memory Hierarchy. Baback Izadi Division of Engineering Programs
Chapter 5 (Part II) Baback Izadi Division of Engineering Programs bai@engr.newpaltz.edu Virtual Machines Host computer emulates guest operating system and machine resources Improved isolation of multiple
More informationFor your convenience Apress has placed some of the front matter material after the index. Please use the Bookmarks and Contents at a Glance links to
For your convenience Apress has placed some of the front matter material after the index. Please use the Bookmarks and Contents at a Glance links to access them. Contents at a Glance About the Author...xi
More informationVirtual Memory. Robert Grimm New York University
Virtual Memory Robert Grimm New York University The Three Questions What is the problem? What is new or different? What are the contributions and limitations? VAX/VMS VAX-11 Memory Hardware Each process
More informationCOS 318: Operating Systems
COS 318: Operating Systems OS Structures and System Calls Prof. Margaret Martonosi Computer Science Department Princeton University http://www.cs.princeton.edu/courses/archive/fall11/cos318/ Outline Protection
More informationCS 471 Operating Systems. Yue Cheng. George Mason University Fall 2017
CS 471 Operating Systems Yue Cheng George Mason University Fall 2017 Outline o Process concept o Process creation o Process states and scheduling o Preemption and context switch o Inter-process communication
More informationComplex Instruction Set Computer (CISC)
Introduction ti to IA-32 IA-32 Processors Evolutionary design Starting in 1978 with 886 Added more features as time goes on Still support old features, although obsolete Totally dominate computer market
More informationVirtual Machines Disco and Xen (Lecture 10, cs262a) Ion Stoica & Ali Ghodsi UC Berkeley February 26, 2018
Virtual Machines Disco and Xen (Lecture 10, cs262a) Ion Stoica & Ali Ghodsi UC Berkeley February 26, 2018 Today s Papers Disco: Running Commodity Operating Systems on Scalable Multiprocessors, Edouard
More informationAUTOBEST: A United AUTOSAR-OS And ARINC 653 Kernel. Alexander Züpke, Marc Bommert, Daniel Lohmann
AUTOBEST: A United AUTOSAR-OS And ARINC 653 Kernel Alexander Züpke, Marc Bommert, Daniel Lohmann alexander.zuepke@hs-rm.de, marc.bommert@hs-rm.de, lohmann@cs.fau.de Motivation Automotive and Avionic industry
More informationBarrelfish Project ETH Zurich. Message Notifications
Barrelfish Project ETH Zurich Message Notifications Barrelfish Technical Note 9 Barrelfish project 16.06.2010 Systems Group Department of Computer Science ETH Zurich CAB F.79, Universitätstrasse 6, Zurich
More informationComputer Architecture Lecture 13: Virtual Memory II
18-447 Computer Architecture Lecture 13: Virtual Memory II Lecturer: Rachata Ausavarungnirun Carnegie Mellon University Spring 2014, 2/17/2014 (with material from Onur Mutlu, Justin Meza and Yoongu Kim)
More informationVirtualization and memory hierarchy
Virtualization and memory hierarchy Computer Architecture J. Daniel García Sánchez (coordinator) David Expósito Singh Francisco Javier García Blas ARCOS Group Computer Science and Engineering Department
More informationMicrokernels and Portability. What is Portability wrt Operating Systems? Reuse of code for different platforms and processor architectures.
Microkernels and Portability What is Portability wrt Operating Systems? Reuse of code for different platforms and processor architectures. Contents Overview History Towards Portability L4 Microkernels
More informationThe Instruction Set. Chapter 5
The Instruction Set Architecture Level(ISA) Chapter 5 1 ISA Level The ISA level l is the interface between the compilers and the hardware. (ISA level code is what a compiler outputs) 2 Memory Models An
More informationCHAPTER 3 - PROCESS CONCEPT
CHAPTER 3 - PROCESS CONCEPT 1 OBJECTIVES Introduce a process a program in execution basis of all computation Describe features of processes: scheduling, creation, termination, communication Explore interprocess
More informationRESOURCE MANAGEMENT MICHAEL ROITZSCH
Faculty of Computer Science Institute of Systems Architecture, Operating Systems Group RESOURCE MANAGEMENT MICHAEL ROITZSCH AGENDA done: time, drivers today: misc. resources architectures for resource
More informationIA32/Linux Virtual Memory Architecture
IA32/Linux Virtual Memory Architecture Basic Execution Environment Application Programming Registers General-purpose registers 31 0 EAX AH AL EBX BH BL ECX CH CL EDX DH DL EBP ESI EDI BP SI DI Segment
More information6.828: Using Virtual Memory. Adam Belay
6.828: Using Virtual Memory Adam Belay abelay@mit.edu 1 Outline Cool things you can do with virtual memory: Lazy page allocation (homework) Better performance/efficiency E.g. One zero-filled page E.g.
More informationAdvanced Systems Security: Virtual Machine Systems
Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA Advanced Systems Security:
More informationCSC369 Lecture 2. Larry Zhang
CSC369 Lecture 2 Larry Zhang 1 Announcements Lecture slides Midterm timing issue Assignment 1 will be out soon! Start early, and ask questions. We will have bonus for groups that finish early. 2 Assignment
More informationChapter 5: Processes & Process Concept. Objectives. Process Concept Process Scheduling Operations on Processes. Communication in Client-Server Systems
Chapter 5: Processes Chapter 5: Processes & Threads Process Concept Process Scheduling Operations on Processes Interprocess Communication Communication in Client-Server Systems, Silberschatz, Galvin and
More informationChapter 3: Processes. Operating System Concepts 8th Edition
Chapter 3: Processes Chapter 3: Processes Process Concept Process Scheduling Operations on Processes Interprocess Communication Examples of IPC Systems Communication in Client-Server Systems 3.2 Objectives
More informationInitial Evaluation of a User-Level Device Driver Framework
Initial Evaluation of a User-Level Device Driver Framework Stefan Götz Karlsruhe University Germany sgoetz@ira.uka.de Kevin Elphinstone National ICT Australia University of New South Wales kevine@cse.unsw.edu.au
More informationHardware and Software Architecture. Chapter 2
Hardware and Software Architecture Chapter 2 1 Basic Components The x86 processor communicates with main memory and I/O devices via buses Data bus for transferring data Address bus for the address of a
More informationRESOURCE MANAGEMENT MICHAEL ROITZSCH
Faculty of Computer Science Institute of Systems Architecture, Operating Systems Group RESOURCE MANAGEMENT MICHAEL ROITZSCH AGENDA done: time, drivers today: misc. resources architectures for resource
More informationCS 5460/6460 Operating Systems
CS 5460/6460 Operating Systems Fall 2009 Instructor: Matthew Flatt Lecturer: Kevin Tew TAs: Bigyan Mukherjee, Amrish Kapoor 1 Join the Mailing List! Reminders Make sure you can log into the CADE machines
More informationHistory of the Intel 80x86
Intel s IA-32 Architecture Cptr280 Dr Curtis Nelson History of the Intel 80x86 1971 - Intel invents the microprocessor, the 4004 1975-8080 introduced 8-bit microprocessor 1978-8086 introduced 16 bit microprocessor
More informationMicrokernel Construction
Kernel Entry / Exit SS2013 Control Transfer Microkernel User Stack A Address Space Kernel Stack A User Stack User Stack B Address Space Kernel Stack B User Stack 1. Kernel Entry (A) 2. Thread Switch (A
More informationOperating Systems. Operating System Structure. Lecture 2 Michael O Boyle
Operating Systems Operating System Structure Lecture 2 Michael O Boyle 1 Overview Architecture impact User operating interaction User vs kernel Syscall Operating System structure Layers Examples 2 Lower-level
More informationChapter 3: Processes. Operating System Concepts 8 th Edition,
Chapter 3: Processes, Silberschatz, Galvin and Gagne 2009 Chapter 3: Processes Process Concept Process Scheduling Operations on Processes Interprocess Communication 3.2 Silberschatz, Galvin and Gagne 2009
More informationPart I. X86 architecture overview. Secure Operating System Design and Implementation x86 architecture. x86 processor modes. X86 architecture overview
X86 architecture overview Overview Secure Operating System Design and Implementation x86 architecture Jon A. Solworth Part I X86 architecture overview Dept. of Computer Science University of Illinois at
More informationPart 1: Introduction to device drivers Part 2: Overview of research on device driver reliability Part 3: Device drivers research at ERTOS
Some statistics 70% of OS code is in device s 3,448,000 out of 4,997,000 loc in Linux 2.6.27 A typical Linux laptop runs ~240,000 lines of kernel code, including ~72,000 loc in 36 different device s s
More informationIntroduction to IA-32. Jo, Heeseung
Introduction to IA-32 Jo, Heeseung IA-32 Processors Evolutionary design Starting in 1978 with 8086 Added more features as time goes on Still support old features, although obsolete Totally dominate computer
More informationMicrokernels and Client- Server Architectures
Microkernels and Client- Server Architectures I m not interested in making devices look like user-level. They aren t, they shouldn t, and microkernels are just stupid. Linus Torwalds 1 Motivation Early
More information