Tag: os structures

  • Advanced Operating Systems – OS Structure – Exokernel

    Advanced Operating Systems – OS Structure – Exokernel

    Unlike the SPIN OS Structure, exokernel approaches extensibility by decoupling the authorization to hardware from its actual use, by using something called secure bindings. OS libraries will request secure bindings, the Exokernel returning an encrypted key that grants that particular service to specific resources.

    One other way that the exokernel manages these underlying OS services is via CPU scheduling. The exokernel maintains a linear vector “time slots”, allotting each OS service a certain amount of time to run on the CPU.

    Exokernel also introduces the concept of a STLB (software translation lookaside buffer), the STLB improving performance since, during each process context switch, the exokernel will copy the hardware TLB to a software TLB structure and when the process runs again, the exokernel will copy the software TLB back into the hardware, eliminating the need for a TLB flush.

    Exokernel Approach to Extensibility

    Summary

    Library OS requests access to a specific hardware resource. If access granted, exokernel returns an encrypted key which will be used for future keys

    Examples of Candidate Resources

    Summary

    An OS library will perform some action, sending the Exokernel its encrypted key, and once Exokernel accepts that request, the data processing is cheap. Like packet processing: OS library requests to install predicates for packet filtering; once predicates installed, exokernel will invoke those rules on behalf.

    Implementing Secure Bindings

    Summary

    There are three mechanisms for implementing secure bindings. First is hardware mechanisms, like fetching the TLB. Second would be software, like caching the hardware TLB inside of the OS, avoiding the cost of flushing the TLB during a context switch. And third would be downloading code into the kernel, a feature analogous to SPIN’s approach with logical domains. I don’t really understand these concepts quite yet: it’s all a bit abstract, for now.

    Default Core Services in Exokernel

    Default Core Services in Exokernel

    Summary

    For memory management, the library OS will handle the page fault (uncalled through the register) by presenting a mapping (with the secure binding) to the Exokernel, the Exokernel installing the mapping in the TLB (hardware), this step requiring privileged access.

    Secure Binding

    Summary

    As the instructor put it, this is all a bit dicey. Both SPIN and Exokernel allow library OS privilege for pure performance but how do we guarantee that the insertion of code into the kernel is done … securely? Safely? Will find out soon, probably over the next couple videos

    Memory Management using Software TLB

    Software TLB

    Summary

    In exokernel, during a context switch, the hardware TLB for a process is copied into a STLB (software TLB) and during a context switch, new process’s software TLB will be preloaded by the Exokernel. Of course, if there’s a TLB cache miss, then the standard page fault workflow happens

    Default Core Services in Exokernel (continued)

    Default Core Services continued
    Default Core Services continued

    Summary

    Three is a linear vector of “time slots”, each OS service reserving a slot for its service. If the OS service runs longer than the allotted quantum, the exokernel will punish it, reducing its time slot in the next run. Time is bounded to perform the saving of the context.

    Revocation of Resources

    Summary

    Exokernel can revoke or reclaim permission from a Library OS, the OS sending an up call (and passing a repossession vector) to the Library OS, informing the library OS that it may need to stash away its resources (on disk).

    Putting it all together

    Summary

    While a library OS’s thread is running, an external event will be kicked up to the running process to determine what to do next

    Exokernel Data Structures

    Exokernel Data Structures

    Summary

    Exokernel maintains a data structure for each of the running library OS, maintaining a software TLB that gets loaded during a context switch

    Performance Results of Spin and Exokernel

    Summary

    Absolute numbers are meaningless: it’s the trends that count.