Exokernel: An Operating System Architecture for Application-Level Resource Management"
description
Transcript of Exokernel: An Operating System Architecture for Application-Level Resource Management"
![Page 1: Exokernel: An Operating System Architecture for Application-Level Resource Management"](https://reader036.fdocuments.net/reader036/viewer/2022062423/568146fb550346895db43566/html5/thumbnails/1.jpg)
Exokernel: An Operating System Architecture for Application-Level
Resource Management"
by
Dawson R. Engler, M. Frans Kaashoek, and James O'Toole Jr.
Chris FranklinCS533 - Concepts of Operating Systems
![Page 2: Exokernel: An Operating System Architecture for Application-Level Resource Management"](https://reader036.fdocuments.net/reader036/viewer/2022062423/568146fb550346895db43566/html5/thumbnails/2.jpg)
The Problem
Traditional operating systems fix the interface and implementation of OS abstractions.
FIXED
Hardware
Applications
InterfaceAbstractions
![Page 3: Exokernel: An Operating System Architecture for Application-Level Resource Management"](https://reader036.fdocuments.net/reader036/viewer/2022062423/568146fb550346895db43566/html5/thumbnails/3.jpg)
The Problem
Performance Flexibility Functionality
FIXED
Hardware
Applications
InterfaceAbstractions
![Page 4: Exokernel: An Operating System Architecture for Application-Level Resource Management"](https://reader036.fdocuments.net/reader036/viewer/2022062423/568146fb550346895db43566/html5/thumbnails/4.jpg)
Example
FIXED
Hardware
Apache
InterfaceAbstractions
SQL Server
Traditional OS
![Page 5: Exokernel: An Operating System Architecture for Application-Level Resource Management"](https://reader036.fdocuments.net/reader036/viewer/2022062423/568146fb550346895db43566/html5/thumbnails/5.jpg)
Example
Hardware
Exokernel – Application level resource management
SQL Server
Library OS Customized for SQLServer
InterfaceAbstractions
Library OSChosen from available
Apache
InterfaceAbstractions
Exokernel
![Page 6: Exokernel: An Operating System Architecture for Application-Level Resource Management"](https://reader036.fdocuments.net/reader036/viewer/2022062423/568146fb550346895db43566/html5/thumbnails/6.jpg)
The Issues
Performance Denies applications the advantages of domain-
specific optimizations Flexibility
Restricts the flexibility of application builders Functionality
Discourages changes to the implementations of existing abstractions
![Page 7: Exokernel: An Operating System Architecture for Application-Level Resource Management"](https://reader036.fdocuments.net/reader036/viewer/2022062423/568146fb550346895db43566/html5/thumbnails/7.jpg)
Performance
There is no single way to abstract physical resources or to implement an abstraction that is best for all applications.
OS is forced to make trade-offs Performance improvements of application-
specific policies could be substantial
![Page 8: Exokernel: An Operating System Architecture for Application-Level Resource Management"](https://reader036.fdocuments.net/reader036/viewer/2022062423/568146fb550346895db43566/html5/thumbnails/8.jpg)
Flexibility
Fixed high-level abstractions hide information from applications.
Makes it difficult or impossible for applications to implement their own resource management abstractions.
![Page 9: Exokernel: An Operating System Architecture for Application-Level Resource Management"](https://reader036.fdocuments.net/reader036/viewer/2022062423/568146fb550346895db43566/html5/thumbnails/9.jpg)
Functionality
Only one available interface between applications and hardware resources.
Because all applications must share one set of abstractions, changes to these abstractions occur rarely, if ever
![Page 10: Exokernel: An Operating System Architecture for Application-Level Resource Management"](https://reader036.fdocuments.net/reader036/viewer/2022062423/568146fb550346895db43566/html5/thumbnails/10.jpg)
The Solution
Separate protection from management Allow user level to manage resources
Application libraries implement OS abstractions Exokernel exports resources
Low level interfaceProtects, does not manageExpose hardware
![Page 11: Exokernel: An Operating System Architecture for Application-Level Resource Management"](https://reader036.fdocuments.net/reader036/viewer/2022062423/568146fb550346895db43566/html5/thumbnails/11.jpg)
End-to-End Argument
“if something has to be done by the user program itself, it is wasteful to do it in a lower level as well.”
Why should the OS do anything that the user program can do itself?
In other words - all an OS should do is securely allocate resources.
![Page 12: Exokernel: An Operating System Architecture for Application-Level Resource Management"](https://reader036.fdocuments.net/reader036/viewer/2022062423/568146fb550346895db43566/html5/thumbnails/12.jpg)
The Exokernel
A thin veneer that multiplexes and exports physical resources securely. Simplicity allows efficiency The lower the level of a primitive, the more
efficiently it can be implemented, and the more latitude it grants to implementers of higher level abstractions.
![Page 13: Exokernel: An Operating System Architecture for Application-Level Resource Management"](https://reader036.fdocuments.net/reader036/viewer/2022062423/568146fb550346895db43566/html5/thumbnails/13.jpg)
The Exokernel
Resource management is restricted to allocation, revocation, sharing ownership tracking
![Page 14: Exokernel: An Operating System Architecture for Application-Level Resource Management"](https://reader036.fdocuments.net/reader036/viewer/2022062423/568146fb550346895db43566/html5/thumbnails/14.jpg)
Library operating systems
Use the low level exokernel interface Higher level abstractions Special purpose implementations
An application can choose the library which best suits its needs, or even build its own.
![Page 15: Exokernel: An Operating System Architecture for Application-Level Resource Management"](https://reader036.fdocuments.net/reader036/viewer/2022062423/568146fb550346895db43566/html5/thumbnails/15.jpg)
Example Exokernel
![Page 16: Exokernel: An Operating System Architecture for Application-Level Resource Management"](https://reader036.fdocuments.net/reader036/viewer/2022062423/568146fb550346895db43566/html5/thumbnails/16.jpg)
Another Example
![Page 17: Exokernel: An Operating System Architecture for Application-Level Resource Management"](https://reader036.fdocuments.net/reader036/viewer/2022062423/568146fb550346895db43566/html5/thumbnails/17.jpg)
Design Challenge
How can an Exokernel allow libOSes to freely manage physical resources while protecting them from each other?
![Page 18: Exokernel: An Operating System Architecture for Application-Level Resource Management"](https://reader036.fdocuments.net/reader036/viewer/2022062423/568146fb550346895db43566/html5/thumbnails/18.jpg)
Design Challenge
How can an Exokernel allow libOSes to freely manage physical resources while protecting them from each other? Track ownership of resources Guard all resource usage Revoke access to resources
![Page 19: Exokernel: An Operating System Architecture for Application-Level Resource Management"](https://reader036.fdocuments.net/reader036/viewer/2022062423/568146fb550346895db43566/html5/thumbnails/19.jpg)
Track ownership of resources
Secure bindings – libOS can securely bind to machine resources
![Page 20: Exokernel: An Operating System Architecture for Application-Level Resource Management"](https://reader036.fdocuments.net/reader036/viewer/2022062423/568146fb550346895db43566/html5/thumbnails/20.jpg)
Secure Bindings
Exokernel allows libOSes to bind resources using secure bindings Multiplex resources securely Protection for mutually distrusted apps Efficient
![Page 21: Exokernel: An Operating System Architecture for Application-Level Resource Management"](https://reader036.fdocuments.net/reader036/viewer/2022062423/568146fb550346895db43566/html5/thumbnails/21.jpg)
Secure Bindings
Secure Binding – a protection mechanism that decouples authorization from actual use of a resource Allows the kernel to protect resources without
having to understand them
![Page 22: Exokernel: An Operating System Architecture for Application-Level Resource Management"](https://reader036.fdocuments.net/reader036/viewer/2022062423/568146fb550346895db43566/html5/thumbnails/22.jpg)
Guard all resource usage
Invisible resource revocation-Efficient – application layer not involved -Traditional OS
Visible resource revocation-Allows libOS to guide deallocation and track availability of resources.-Exokernel
![Page 23: Exokernel: An Operating System Architecture for Application-Level Resource Management"](https://reader036.fdocuments.net/reader036/viewer/2022062423/568146fb550346895db43566/html5/thumbnails/23.jpg)
Revoke access to resources
Abort protocol – Allows exokernel to break secure bindings of an uncooperative libOS by force
![Page 24: Exokernel: An Operating System Architecture for Application-Level Resource Management"](https://reader036.fdocuments.net/reader036/viewer/2022062423/568146fb550346895db43566/html5/thumbnails/24.jpg)
Conclusion
An Exokernel securely multiplexes available hardware raw hardware among applications
Application level library operating systems implement higher-level traditional OS abstractions
LibOSes can specialize an implementation to suit a particular application
![Page 25: Exokernel: An Operating System Architecture for Application-Level Resource Management"](https://reader036.fdocuments.net/reader036/viewer/2022062423/568146fb550346895db43566/html5/thumbnails/25.jpg)
Conclusion
The lower the level of a primitive……the more efficiently it can be implemented
… the more latitude it gives to higher level abstractions
So, separate management from protection and……implement protection at a low level (exokernel)
… implement management at a higher level (libOS)
![Page 26: Exokernel: An Operating System Architecture for Application-Level Resource Management"](https://reader036.fdocuments.net/reader036/viewer/2022062423/568146fb550346895db43566/html5/thumbnails/26.jpg)
References
http://pdos.csail.mit.edu/exo.html
http://c2.com/cgi/wiki?ExoKernel
Modern Operating Systems – Andrew Tanenbaum
http://computing.breinestorm.net/aegis+exception+ultrix+resource+exceptions/
http://128.138.224.40/csci5573-f03/lecture_notes/exokernel03_files/frame.htm
http://pdos.csail.mit.edu/exo/exo-slides/
http://www.cs.ucf.edu/courses/cop5611/spring05/item/exokernel.pdf
![Page 27: Exokernel: An Operating System Architecture for Application-Level Resource Management"](https://reader036.fdocuments.net/reader036/viewer/2022062423/568146fb550346895db43566/html5/thumbnails/27.jpg)
Some Features
It is possible to have different libOSes, for example, one could export a Unix API and another a Windows API
![Page 28: Exokernel: An Operating System Architecture for Application-Level Resource Management"](https://reader036.fdocuments.net/reader036/viewer/2022062423/568146fb550346895db43566/html5/thumbnails/28.jpg)
Exokernel vs. Microkernel
A micro-kernel provides abstractions to the hardware such as files, sockets, graphics etc.
An exokernel provides almost raw access to the hardware.