research-article

FlexOS: towards flexible OS isolation

Authors:

Vlad-Andrei Bădoiu,

Alexander Jung,

Stefan Lucian Teodorescu,

Sebastian Rauch,

Pierre OlivierAuthors Info & Claims

ASPLOS '22: Proceedings of the 27th ACM International Conference on Architectural Support for Programming Languages and Operating Systems

Pages 467 - 482

https://doi.org/10.1145/3503222.3507759

Published: 22 February 2022 Publication History

Abstract

At design time, modern operating systems are locked in a specific safety and isolation strategy that mixes one or more hardware/software protection mechanisms (e.g. user/kernel separation); revisiting these choices after deployment requires a major refactoring effort. This rigid approach shows its limits given the wide variety of modern applications' safety/performance requirements, when new hardware isolation mechanisms are rolled out, or when existing ones break.

We present FlexOS, a novel OS allowing users to easily specialize the safety and isolation strategy of an OS at compilation/deployment time instead of design time. This modular LibOS is composed of fine-grained components that can be isolated via a range of hardware protection mechanisms with various data sharing strategies and additional software hardening. The OS ships with an exploration technique helping the user navigate the vast safety/performance design space it unlocks. We implement a prototype of the system and demonstrate, for several applications (Redis/Nginx/SQLite), FlexOS' vast configuration space as well as the efficiency of the exploration technique: we evaluate 80 FlexOS configurations for Redis and show how that space can be probabilistically subset to the 5 safest ones under a given performance budget. We also show that, under equivalent configurations, FlexOS performs similarly or better than existing solutions which use fixed safety configurations.

References

[1]

Martín Abadi, Mihai Budiu, Úlfar Erlingsson, and Jay Ligatti. 2009. Control-Flow Integrity Principles, Implementations, and Applications. ACM Trans. Inf. Syst. Secur. 13, 1, Article 4 (2009). issn:1094-9224

Digital Library

[2]

J. Alves-Foss, P. Oman, C. Taylor, and S. Harrison. 2006. The MILS architecture for high-assurance embedded systems. Int. J. Embed. Syst. 2 (2006).

[3]

ARM Ltd. 2009. Building a Secure System using TrustZone Technology. https://developer.arm.com/documentation/genc009492/c. Online; accessed Jan 24, 2021.

[4]

ARM Ltd. 2019. ARM Morello Program. https://developer.arm.com/architectures/cpu-architecture/a-profile/morello. Online; accessed June 25, 2020.

[5]

Steve Bannister. 2019. Memory Tagging Extension: Enhancing memory safety through architecture. https://community.arm.com/developer/ip-products/processors/b/processors-ip-blog/posts/enhancing-memory-safety. Online; accessed October 27, 2020.

[6]

Markus Bauer and Christian Rossow. 2021. Cali: Compiler Assisted Library Isolation. In Proceedings of the 16th ACM Asia Conference on Computer and Communications Security (ASIA CCS’21). Association for Computing Machinery.

Digital Library

[7]

Kevin Boos, Namitha Liyanage, Ramla Ijaz, and Lin Zhong. 2020. Theseus: an Experiment in Operating System Structure and State Management. In Proceedings of the 14th USENIX Symposium on Operating Systems Design and Implementation (OSDI’20). USENIX Association. isbn:978-1-939133-19-9 https://www.usenix.org/conference/osdi20/presentation/boos

[8]

Daniel P Bovet and Marco Cesati. 2005. Understanding the Linux Kernel: from I/O ports to process management. O’Reilly Media, Inc.

[9]

Silas Boyd-Wickizer and Nickolai Zeldovich. 2010. Tolerating Malicious Device Drivers in Linux. In 2010 USENIX Annual Technical Conference (ATC’10). USENIX Association.

[10]

John Bruno, José Brustoloni, Eran Gabber, Avi Silberschatz, and Christopher Small. 1999. Pebble: A Component-Based Operating System for Embedded Applications. In Proceedings of the Embedded Systems Workshop (WOES’99). USENIX Association.

[11]

Miguel Castro, Manuel Costa, Jean-Philippe Martin, Marcus Peinado, Periklis Akritidis, Austin Donnelly, Paul Barham, and Richard Black. 2009. Fast Byte-Granularity Software Fault Isolation. In Proceedings of the 22nd ACM Symposium on Operating Systems Principles (SOSP’09). Association for Computing Machinery. isbn:9781605587523

Digital Library

[12]

Jeffrey S. Chase, Henry M. Levy, Michael J. Feeley, and Edward D. Lazowska. 1994. Sharing and Protection in a Single-Address-Space Operating System. ACM Trans. Comput. Syst. 12, 4 (1994). issn:0734-2071

Digital Library

[13]

Stephen Checkoway and Hovav Shacham. 2013. Iago Attacks: Why the System Call API is a Bad Untrusted RPC Interface. In Proceedings of the 18th International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS’13). Association for Computing Machinery. isbn:9781450318709

Digital Library

[14]

The CScope contributors. [n. d.]. CScope: developer’s tool for browsing source code. http://cscope.sourceforge.net/. Online; accessed December 22, 2021.

[15]

Jonathan Corbet. 2015. Memory protection keys. Linux Weekly News (2015). https://lwn.net/Articles/643797/.

[16]

Manuel Costa, Miguel Castro, Lidong Zhou, Lintao Zhang, and Marcus Peinado. 2007. Bouncer: Securing Software by Blocking Bad Input. In Proceedings of 21st ACM SIGOPS Symposium on Operating Systems Principles (SOSP’07). Association for Computing Machinery. isbn:9781595935915

Digital Library

[17]

Manuel Costa, Jon Crowcroft, Miguel Castro, Antony Rowstron, Lidong Zhou, Lintao Zhang, and Paul Barham. 2005. Vigilante: End-to-End Containment of Internet Worms. In Proceedings of the 20th ACM Symposium on Operating Systems Principles (SOSP’05). Association for Computing Machinery. isbn:1595930795

Digital Library

[18]

Victor Costan and Srinivas Devadas. 2016. Intel SGX Explained. IACR Cryptol. ePrint Arch. 2016, 86 (2016). https://eprint.iacr.org/2016/086.pdf

[19]

Cody Cutler, M. Frans Kaashoek, and Robert T Morris. 2018. The benefits and costs of writing a POSIX kernel in a high-level language. In Proceedings of the 13th USENIX Symposium on Operating Systems Design and Implementation (OSDI’18). USENIX Association.

[20]

Nathan Dautenhahn, Theodoros Kasampalis, Will Dietz, John Criswell, and Vikram Adve. 2015. Nested Kernel: An Operating System Architecture for Intra-Kernel Privilege Separation. In Proceedings of the 20th International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS’15). Association for Computing Machinery. isbn:9781450328357

Digital Library

[21]

Brooks Davis, Robert N. M. Watson, Alexander Richardson, Peter G. Neumann, Simon W. Moore, John Baldwin, David Chisnall, James Clarke, Nathaniel Wesley Filardo, Khilan Gudka, Alexandre Joannou, Ben Laurie, A. Theodore Markettos, J. Edward Maste, Alfredo Mazzinghi, Edward Tomasz Napierala, Robert M. Norton, Michael Roe, Peter Sewell, Stacey Son, and Jonathan Woodruff. 2019. CheriABI: Enforcing Valid Pointer Provenance and Minimizing Pointer Privilege in the POSIX C Run-Time Environment. In Proceedings of the 24th International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS’19). Association for Computing Machinery. isbn:9781450362405

Digital Library

[22]

Jack Edge. 2021. Rust for Linux redux. Linux Weekly News (2021). https://lwn.net/Articles/862018/.

[23]

Jack Edge. 2021. Rust heads into the kernel? Linux Weekly News (2021). https://lwn.net/Articles/853423/.

[24]

D. R. Engler, M. F. Kaashoek, and J. O’Toole. 1995. Exokernel: An Operating System Architecture for Application-Level Resource Management. In Proceedings of the 15th ACM Symposium on Operating Systems Principles (SOSP’95). Association for Computing Machinery. isbn:0897917154

Digital Library

[25]

Norman Feske. 2021. Genode Foundations. https://genode.org/documentation/genode-foundations-21-05.pdf.

[26]

Bryan Ford, Godmar Back, Greg Benson, Jay Lepreau, Albert Lin, and Olin Shivers. 1997. The Flux OSKit: A Substrate for Kernel and Language Research. In Proceedings of the 16th ACM Symposium on Operating Systems Principles (SOSP’97). Association for Computing Machinery. isbn:0897919165

Digital Library

[27]

Alain Gefflaut, Trent Jaeger, Yoonho Park, Jochen Liedtke, Kevin J. Elphinstone, Volkmar Uhlig, Jonathon E. Tidswell, Luke Deller, and Lars Reuther. 2000. The SawMill Multiserver Approach. In Proceedings of the 9th ACM SIGOPS European Workshop (EW 9). Association for Computing Machinery. isbn:9781450373562

Digital Library

[28]

David B Golub, Daniel P Julin, Richard F Rashid, Richard P Draves, Randall W Dean, Alessandro Forin, Joseph Barrera, Hideyuki Tokuda, Gerald Malan, and David Bohman. 1992. Microkernel operating system architecture and Mach. In In Proceedings of the USENIX Workshop on Micro-Kernels and Other Kernel Architectures.

[29]

Jinyu Gu, Xinyue Wu, Wentai Li, Nian Liu, Zeyu Mi, Yubin Xia, and Haibo Chen. 2020. Harmonizing Performance and Isolation in Microkernels with Efficient Intra-kernel Isolation and Communication. In 2020 USENIX Annual Technical Conference (ATC’20). USENIX Association. isbn:978-1-939133-14-4 https://www.usenix.org/conference/atc20/presentation/gu

[30]

Khilan Gudka, Robert N.M. Watson, Jonathan Anderson, David Chisnall, Brooks Davis, Ben Laurie, Ilias Marinos, Peter G. Neumann, and Alex Richardson. 2015. Clean Application Compartmentalization with SOAAP. In Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security (CCS’15). Association for Computing Machinery. isbn:9781450338325

Digital Library

[31]

Hermann Härtig, Michael Hohmuth, Jochen Liedtke, Sebastian Schönberg, and Jean Wolter. 1997. The Performance of μ-Kernel-Based Systems. In Proceedings of the 16th ACM Symposium on Operating Systems Principles (SOSP’97). Association for Computing Machinery. isbn:0897919165

Digital Library

[32]

Mohammad Hedayati, Spyridoula Gravani, Ethan Johnson, John Criswell, Michael L. Scott, Kai Shen, and Mike Marty. 2019. Hodor: Intra-Process Isolation for High-Throughput Data Plane Libraries. In 2019 USENIX Annual Technical Conference (ATC’19). USENIX Association. isbn:978-1-939133-03-8 https://www.usenix.org/conference/atc19/presentation/hedayati-hodor

[33]

Gernot Heiser, Kevin Elphinstone, Jerry Vochteloo, Stephen Russell, and Jochen Liedtke. 1999. The Mungi Single-Address-Space Operating System. Software: Practice and Experience 28, 9 (1999).

Digital Library

[34]

Jorrit N. Herder, Herbert Bos, Ben Gras, Philip Homburg, and Andrew S. Tanenbaum. 2006. MINIX 3: A Highly Reliable, Self-Repairing Operating System. SIGOPS Oper. Syst. Rev. 40, 3 (2006). issn:0163-5980

Digital Library

[35]

Zhen Huang, David Lie, Gang Tan, and Trent Jaeger. 2019. Using Safety Properties to Generate Vulnerability Patches. In 2019 IEEE Symposium on Security and Privacy (S&P’19).

[36]

Galen C. Hunt and James R. Larus. 2007. Singularity: Rethinking the Software Stack. SIGOPS Oper. Syst. Rev. 41, 2 (2007).

Digital Library

[37]

Intel Corporation. 2021. Intel 64 and IA-32 Architectures Software Developer’s Manual. https://www.intel.com/content/www/us/en/developer/articles/technical/intel-sdm.html. Volume 3A, Section 4.6.2.

[38]

Alexander Jung, Hugo Lefeuvre, Charalampos Rotsos, Pierre Olivier, Daniel Oñoro-Rubio, Mathias Niepert, and Felipe Huici. 2021. Wayfinder: Towards Automatically Deriving Optimal OS Configurations. In Proceedings of the 12th ACM SIGOPS Asia-Pacific Workshop on Systems (APSys’21).

Digital Library

[39]

M. Frans Kaashoek, Dawson R Engler, Gregory R Ganger, Héctor M Briceno, Russell Hunt, David Mazieres, Thomas Pinckney, Robert Grimm, John Jannotti, and Kenneth Mackenzie. 1997. Application performance and flexibility on exokernel systems. In Proceedings of the 16th ACM symposium on Operating systems principles.

Digital Library

[40]

Svilen Kanev, Sam Likun Xi, Gu-Yeon Wei, and David Brooks. 2017. Mallacc: Accelerating Memory Allocation. In Proceedings of the 22nd International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS’17). Association for Computing Machinery. isbn:9781450344654

Digital Library

[41]

Antti Kantee. 2012. Flexible Operating System Internals: The Design and Implementation of the Anykernel and Rump Kernels. http://urn.fi/URN:ISBN:978-952-60-4917-5. isbn:978-952-60-4917-5

[42]

Douglas Kilpatrick. 2003. Privman: A Library for Partitioning Applications. In USENIX Annual Technical Conference, FREENIX Track (ATC’03). https://www.usenix.org/legacy/events/usenix03/tech/freenix03/kilpatrick.html

[43]

Avi Kivity, Dor Laor, Glauber Costa, Pekka Enberg, Nadav HarEl, Don Marti, and Vlad Zolotarov. 2014. OSv Optimizing the Operating System for Virtual Machines. In 2014 USENIX Annual Technical Conference (ATC’14). USENIX Association. https://www.usenix.org/conference/atc14/technical-sessions/presentation/kivity

[44]

Chris Kjellqvist, Mohammad Hedayati, and Michael L. Scott. 2020. Safe, Fast Sharing of Memcached as a Protected Library. In Proceedings of the 49th International Conference on Parallel Processing (ICPP’20). Association for Computing Machinery, Article 6. isbn:9781450388160

Digital Library

[45]

Gerwin Klein, Kevin Elphinstone, Gernot Heiser, June Andronick, David Cock, Philip Derrin, Dhammika Elkaduwe, Kai Engelhardt, Rafal Kolanski, Michael Norrish, Thomas Sewell, Harvey Tuch, and Simon Winwood. 2009. SeL4: Formal Verification of an OS Kernel. In Proceedings of the 22nd ACM Symposium on Operating Systems Principles (SOSP’09). Association for Computing Machinery. isbn:9781605587523

Digital Library

[46]

Paul Kocher, Jann Horn, Anders Fogh, Daniel Genkin, Daniel Gruss, Werner Haas, Mike Hamburg, Moritz Lipp, Stefan Mangard, Thomas Prescher, et al. 2019. Spectre attacks: Exploiting speculative execution. In 2019 IEEE Symposium on Security and Privacy (SP). IEEE.

[47]

Simon Kuenzer, Vlad-Andrei Bădoiu, Hugo Lefeuvre, Sharan Santhanam, Alexander Jung, Gaulthier Gain, Cyril Soldani, Costin Lupu, Ştefan Teodorescu, Costi Răducanu, Cristian Banu, Laurent Mathy, Răzvan Deaconescu, Costin Raiciu, and Felipe Huici. 2021. Unikraft: Fast, Specialized Unikernels the Easy Way. In Proceedings of the 16th European Conference on Computer Systems (EuroSys’21). Association for Computing Machinery. isbn:9781450383349

Digital Library

[48]

Julia Lawall and Gilles Muller. 2018. Coccinelle: 10 years of automated evolution in the Linux kernel. In 2018 USENIX Annual Technical Conference (ATC’18).

[49]

Doug Lea. 1996. A Memory Allocator. http://gee.cs.oswego.edu/dl/html/malloc.html.

[50]

Hugo Lefeuvre, Vlad-Andrei Bădoiu, Stefan Teodorescu, Pierre Olivier, Tiberiu Mosnoi, Răzvan Deaconescu, Felipe Huici, and Costin Raiciu. 2021. FlexOS: Making OS Isolation Flexible. In Proceedings of the 18th Workshop on Hot Topics in Operating Systems (HotOS’21). https://sigops.org/s/conferences/hotos/2021/

Digital Library

[51]

K Leino and Rustan M. 2010. Dafny: An automatic program verifier for functional correctness. In International Conference on Logic for Programming Artificial Intelligence and Reasoning. Springer. https://link.springer.com/chapter/10.1007

[52]

I. M. Leslie, D. McAuley, R. Black, T. Roscoe, P. Barham, D. Evers, R. Fairbairns, and E. Hyden. 1996. The design and implementation of an operating system to support distributed multimedia applications. IEEE Journal on Selected Areas in Communications 14, 7 (1996).

Digital Library

[53]

Joshua LeVasseur, Volkmar Uhlig, Jan Stoess, and Stefan Götz. 2004. Unmodified Device Driver Reuse and Improved System Dependability via Virtual Machines. In Proceedings of the 6th USENIX Conference on Operating Systems Design and Implementation (OSDI’04). USENIX Association.

[54]

Guanyu Li, Dong Du, and Yubin Xia. 2020. Iso-UniK: lightweight multi-process unikernel through memory protection keys. Cybersecurity 3, 1 (2020).

[55]

Jialin Li, Samantha Miller, Danyang Zhuo, Ang Chen, Jon Howell, and Thomas Anderson. 2021. An Incremental Path towards a Safer OS Kernel. In Proceedings of the 18th Workshop on Hot Topics in Operating Systems (HotOS’21). Association for Computing Machinery. isbn:9781450384384

Digital Library

[56]

Moritz Lipp, Michael Schwarz, Daniel Gruss, Thomas Prescher, Werner Haas, Anders Fogh, Jann Horn, Stefan Mangard, Paul Kocher, Daniel Genkin, et al. 2018. Meltdown: Reading kernel memory from user space. In Proceedings of the 27th USENIX Security Symposium (USENIX Security’18). https://www.usenix.org/conference/usenixsecurity18/presentation/lipp

[57]

Shen Liu, Gang Tan, and Trent Jaeger. 2017. PtrSplit: Supporting General Pointers in Automatic Program Partitioning. In Proceedings of the 24th ACM SIGSAC Conference on Computer and Communications Security (CCS’17). Association for Computing Machinery. isbn:9781450349468

Digital Library

[58]

Anil Madhavapeddy, Richard Mortier, Charalampos Rotsos, David Scott, Balraj Singh, Thomas Gazagnaire, Steven Smith, Steven Hand, and Jon Crowcroft. 2013. Unikernels: Library Operating Systems for the Cloud. In Proceedings of the 18th International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS’13). Association for Computing Machinery.

Digital Library

[59]

Toshiyuki Maeda and Akinori Yonezawa. 2003. Kernel Mode Linux: Toward an operating system protected by a type theory. In Annual Asian Computing Science Conference. Springer. https://rd.springer.com/chapter/10.1007/978-3-540-40965-6_2

[60]

Filipe Manco, Costin Lupu, Florian Schmidt, Jose Mendes, Simon Kuenzer, Sumit Sati, Kenichi Yasukata, Costin Raiciu, and Felipe Huici. 2017. My VM is Lighter (and Safer) than your Container. In Proceedings of the 26th Symposium on Operating Systems Principles (SOSP’17). Association for Computing Machinery.

Digital Library

[61]

Ilias Marinos, Robert N.M. Watson, and Mark Handley. 2014. Network Stack Specialization for Performance. In Proceedings of the ACM SIGCOMM 2014 Conference (SIGCOMM’14). Association for Computing Machinery. isbn:9781450328364

Digital Library

[62]

Joao Martins, Mohamed Ahmed, Costin Raiciu, Vladimir Olteanu, Michio Honda, Roberto Bifulco, and Felipe Huici. 2014. ClickOS and the Art of Network Function Virtualization. In Proceedings of the 11th USENIX Symposium on Networked Systems Design and Implementation (NSDI’14). USENIX Association. isbn:978-1-931971-09-6 https://www.usenix.org/conference/nsdi14/technical-sessions/presentation/martins

Digital Library

[63]

M. Masmano, I. Ripoll, A. Crespo, and J. Real. 2004. TLSF: a new dynamic memory allocator for real-time systems. In Proceedings of the 16th Euromicro Conference on Real-Time Systems (ECRTS).

[64]

Zeyu Mi, Dingji Li, Zihan Yang, Xinran Wang, and Haibo Chen. 2019. SkyBridge: Fast and Secure Inter-Process Communication for Microkernels. In Proceedings of the 14th European Conference on Computer Systems (EuroSys’19). Association for Computing Machinery, Article 9. isbn:9781450362818

Digital Library

[65]

Shravan Narayan, Craig Disselkoen, Tal Garfinkel, Nathan Froyd, Eric Rahm, Sorin Lerner, Hovav Shacham, and Deian Stefan. 2020. Retrofitting Fine Grain Isolation in the Firefox Renderer. In Proceedings of the 29th USENIX Security Symposium (USENIX Security’20). USENIX Association. isbn:978-1-939133-17-5 https://www.usenix.org/conference/usenixsecurity20/presentation/narayan

Digital Library

[66]

Vikram Narayanan, Tianjiao Huang, David Detweiler, Dan Appel, Zhaofeng Li, Gerd Zellweger, and Anton Burtsev. 2020. RedLeaf: Isolation and Communication in a Safe Operating System. In Proceedings of the 14th USENIX Symposium on Operating Systems Design and Implementation (OSDI’20). USENIX Association. https://www.usenix.org/conference/osdi20/presentation/narayanan-vikram

[67]

Ruslan Nikolaev and Godmar Back. 2013. VirtuOS: An Operating System with Kernel Virtualization. In Proceedings of the 24th ACM Symposium on Operating Systems Principles (SOSP’13). Association for Computing Machinery. isbn:9781450323888

Digital Library

[68]

Ruslan Nikolaev, Mincheol Sung, and Binoy Ravindran. 2020. LibrettOS: A Dynamically Adaptable Multiserver-Library OS. In Proceedings of the 16th ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments (VEE’20). Association for Computing Machinery. isbn:9781450375542

Digital Library

[69]

Pierre Olivier, Antonio Barbalace, and Binoy Ravindran. 2020. The Case for Intra-Unikernel Isolation. Proceedings of the 10th Workshop on Systems for Post-Moore Architectures (2020). https://www.ssrg.ece.vt.edu/papers/spma20.pdf

[70]

Pierre Olivier, Daniel Chiba, Stefan Lankes, Changwoo Min, and Binoy Ravindran. 2019. A Binary-Compatible Unikernel. In Proceedings of the 15th ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments (VEE 2019). Association for Computing Machinery. isbn:9781450360203

Digital Library

[71]

Yoann Padioleau, Julia Lawall, René Rydhof Hansen, and Gilles Muller. 2008. Documenting and Automating Collateral Evolutions in Linux Device Drivers. In Proceedings of the 3rd ACM SIGOPS/EuroSys European Conference on Computer Systems 2008 (Eurosys’08). Association for Computing Machinery. isbn:978-1-60558-013-5

Digital Library

[72]

Gabriel Parmer and Richard West. 2007. Mutable Protection Domains: Towards a Component-Based System for Dependable and Predictable Computing. In Proceedings of the 28th IEEE International Real-Time Systems Symposium (RTSS’07).

Digital Library

[73]

J. M. Rushby. 1981. Design and Verification of Secure Systems. In Proceedings of the 8th ACM Symposium on Operating Systems Principles (SOSP’81). Association for Computing Machinery. isbn:0897910621

Digital Library

[74]

Vasily A. Sartakov, Lluis Vilanova, and Peter Pietzuch. 2021. CubicleOS: A Library OS with Software Componentisation for Practical Isolation. In Proceedings of the 26th International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS’21). Association for Computing Machinery.

Digital Library

[75]

David Schrammel, Samuel Weiser, Stefan Steinegger, Martin Schwarzl, Michael Schwarz, Stefan Mangard, and Daniel Gruss. 2020. Donky: Domain Keys Efficient In-Process Isolation for RISC-V and x86. In Proceedings of the 29th USENIX Security Symposium (USENIX Security’20). USENIX Association. isbn:978-1-939133-17-5 https://www.usenix.org/conference/usenixsecurity20/presentation/schrammel

[76]

Mincheol Sung, Pierre Olivier, Stefan Lankes, and Binoy Ravindran. 2020. Intra-Unikernel Isolation with Intel Memory Protection Keys. In Proceedings of the 16th ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments (VEE’20). Association for Computing Machinery. isbn:9781450375542

Digital Library

[77]

Michael M. Swift, Steven Martin, Henry M. Levy, and Susan J. Eggers. 2002. Nooks: An Architecture for Reliable Device Drivers. In Proceedings of the 10th ACM SIGOPS European Workshop (EW 10). Association for Computing Machinery. isbn:9781450378062

Digital Library

[78]

A. S. Tanenbaum, J. N. Herder, and H. Bos. 2006. Can we make operating systems reliable and secure? Computer 39, 5 (2006).

Digital Library

[79]

The Linux Kernel Development Community. 2020. The Kernel Address Sanitizer (KASAN). https://www.kernel.org/doc/html/v5.10/dev-tools/kasan.html. Online; accessed Jan, 25 2021.

[80]

Anjo Vahldiek-Oberwagner, Eslam Elnikety, Nuno O. Duarte, Michael Sammler, Peter Druschel, and Deepak Garg. 2019. ERIM: Secure, Efficient In-process Isolation with Protection Keys (MPK). In Proceedings of the 28th USENIX Security Symposium (USENIX Security’19). USENIX Association. isbn:978-1-939133-06-9 https://www.usenix.org/conference/usenixsecurity19/presentation/vahldiek-oberwagner

[81]

Robert NM Watson, Peter G Neumann, Jonathan Woodruff, Michael Roe, Hesham Almatary, Jonathan Anderson, John Baldwin, David Chisnall, Jessica Clarke, Brooks Davis, Lee Eisen, Nathaniel Wesley Filardo, Richard Grisenthwaite, Alexandre Joannou, Ben Laurie, A. Theodore Markettos, Simon W Moore, Steven J. Murdoch, Kyndylan Nienhuis, Robert Norton, Alex Richardson, Peter Rugg, Peter Sewell, Stacey Son, and Hongyan Xia. 2021. Capability Hardware Enhanced RISC Instructions: CHERI Instruction-Set Architecture (Version 8). Technical Report. University of Cambridge. https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-951.pdf

[82]

Robert NM Watson, Jonathan Woodruff, Peter G Neumann, Simon W Moore, Jonathan Anderson, David Chisnall, Nirav Dave, Brooks Davis, Khilan Gudka, Ben Laurie, et al. 2015. CHERI: A hybrid capability-system architecture for scalable software compartmentalization. In 2015 IEEE Symposium on Security and Privacy. IEEE.

Digital Library

[83]

Robert N. M. Watson, Peter G. Neumann, Jonathan Woodruff, Jonathan Anderson, David Chisnall, Brooks Davis, Ben Laurie, Simon W. Moore, Steven J. Murdoch, and Michael Roe. 2014. Capability Hardware Enhanced RISC Instructions: CHERI Instruction-set architecture. Technical Report UCAM-CL-TR-864. University of Cambridge, Computer Laboratory. https://www.cl.cam.ac.uk/techreports/UCAM-CL-TR-864.pdf

[84]

Yiming Zhang, Jon Crowcroft, Dongsheng Li, Chengfen Zhang, Huiba Li, Yaozheng Wang, Kai Yu, Yongqiang Xiong, and Guihai Chen. 2018. KylinX: A Dynamic Library Operating System for Simplified and Efficient Cloud Virtualization. In 2018 USENIX Annual Technical Conference (ATC’18). USENIX Association. https://www.usenix.org/conference/atc18/presentation/zhang-yiming

Cited By

Takaso YYoshimura NOyama HTakada HAzumi T(2024)HRMP3+TECS v2: Component Framework for Reliable Multiprocessor Real-time Operating SystemJournal of Information Processing10.2197/ipsjjip.32.81832(818-828)Online publication date: 2024
https://doi.org/10.2197/ipsjjip.32.818
GU JLI HXIA YGUAN HDING ZZHAO YCHEN H(2024)BrickOS: specialized kernels for heterogeneous hardware resourcesSCIENTIA SINICA Informationis10.1360/SSI-2022-041354:3(491)Online publication date: 11-Mar-2024
https://doi.org/10.1360/SSI-2022-0413
Wada TYamada H(2024)Reboot-Based Recovery of Unikernels at the Component Level2024 54th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)10.1109/DSN58291.2024.00017(15-28)Online publication date: 24-Jun-2024
https://doi.org/10.1109/DSN58291.2024.00017
Show More Cited By

Index Terms

FlexOS: towards flexible OS isolation
1. Security and privacy
  1. Systems security
    1. Operating systems security
2. Software and its engineering
  1. Software organization and properties
    1. Contextual software domains
      1. Operating systems

Recommendations

FlexOS: easy specialization of OS safety properties
Middleware '21: Proceedings of the 22nd International Middleware Conference: Doctoral Symposium

Modern operating systems are tightly coupled to a specific isolation approach and safety mechanism. At design time, the isolation strategy is set in stone and rarely revisited later, due to prohibitive costs. This lack of flexibility hurts ...
W-Kernel: An OS Kernel Architecture Designed With Isolation and Customizability
ICSED '23: Proceedings of the 2023 5th International Conference on Software Engineering and Development

We propose a new operating system architecture called W-kernel. Traditional commodity operating systems are monolithic which is easy to design and offers decent performance. However, as system complexity increases, the lack of isolation in a monolithic ...
xOS: The End Of The Process-Thread Duo Reign
APSys '23: Proceedings of the 14th ACM SIGOPS Asia-Pacific Workshop on Systems

Process and Thread are first-order abstractions of the operating system (OS), whose implementation is wired into the OS core. Several research works have shown the inadequacy of these two main abstractions for modern isolation needs, leading to the ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

ASPLOS '22: Proceedings of the 27th ACM International Conference on Architectural Support for Programming Languages and Operating Systems

February 2022

1164 pages

ISBN:9781450392051

DOI:10.1145/3503222

General Chairs:
Babak Falsafi
EPFL, Switzerland
,
Michael Ferdman
Stony Brook University, USA
,
Program Chairs:
Shan Lu
University of Chicago, USA
,
Tom Wenisch
University of Michigan, USA / Google, USA

Copyright © 2022 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

In-Cooperation

SIGBED: ACM Special Interest Group on Embedded Systems

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 22 February 2022

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Badges

Author Tags

Qualifiers

Research-article

Funding Sources

UK Research and Innovation
EU H2020

Conference

ASPLOS '22

Sponsor:

ASPLOS '22: 27th ACM International Conference on Architectural Support for Programming Languages and Operating Systems

February 28 - March 4, 2022

Lausanne, Switzerland

Acceptance Rates

Overall Acceptance Rate 535 of 2,713 submissions, 20%

Upcoming Conference

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

15
Total Citations
View Citations
1,838
Total Downloads

Downloads (Last 12 months)355
Downloads (Last 6 weeks)26

Reflects downloads up to 09 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Takaso YYoshimura NOyama HTakada HAzumi T(2024)HRMP3+TECS v2: Component Framework for Reliable Multiprocessor Real-time Operating SystemJournal of Information Processing10.2197/ipsjjip.32.81832(818-828)Online publication date: 2024
https://doi.org/10.2197/ipsjjip.32.818
GU JLI HXIA YGUAN HDING ZZHAO YCHEN H(2024)BrickOS: specialized kernels for heterogeneous hardware resourcesSCIENTIA SINICA Informationis10.1360/SSI-2022-041354:3(491)Online publication date: 11-Mar-2024
https://doi.org/10.1360/SSI-2022-0413
Wada TYamada H(2024)Reboot-Based Recovery of Unikernels at the Component Level2024 54th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN)10.1109/DSN58291.2024.00017(15-28)Online publication date: 24-Jun-2024
https://doi.org/10.1109/DSN58291.2024.00017
Yang FHuang WKaoudis KVahldiek-Oberwagner ADautenhahn N(2023)Endoprocess: Programmable and Extensible Subprocess IsolationProceedings of the 2023 New Security Paradigms Workshop10.1145/3633500.3633507(92-101)Online publication date: 18-Sep-2023
https://dl.acm.org/doi/10.1145/3633500.3633507
Maar LSchwarzl MRauscher FGruss DMangard S(2023)DOPE: DOmain Protection Enforcement with PKSProceedings of the 39th Annual Computer Security Applications Conference10.1145/3627106.3627113(662-676)Online publication date: 4-Dec-2023
https://dl.acm.org/doi/10.1145/3627106.3627113
Chien YBădoiu VYang YHuo YKaoudis KLefeuvre HOlivier PDautenhahn N(2023)CIVSCOPE: Analyzing Potential Memory Corruption Bugs in Compartment InterfacesProceedings of the 1st Workshop on Kernel Isolation, Safety and Verification10.1145/3625275.3625399(33-40)Online publication date: 23-Oct-2023
https://dl.acm.org/doi/10.1145/3625275.3625399
Kressel JLefeuvre HOlivier P(2023)Software Compartmentalization Trade-Offs with Hardware CapabilitiesProceedings of the 12th Workshop on Programming Languages and Operating Systems10.1145/3623759.3624550(49-57)Online publication date: 23-Oct-2023
https://dl.acm.org/doi/10.1145/3623759.3624550
Tchana AGoepp DBitchebe SLachaize R(2023)xOSProceedings of the 14th ACM SIGOPS Asia-Pacific Workshop on Systems10.1145/3609510.3609817(1-8)Online publication date: 24-Aug-2023
https://dl.acm.org/doi/10.1145/3609510.3609817
Lefeuvre HChisnall DKogias MOlivier PBaumann ACrooks NSchwarzkopf M(2023)Towards (Really) Safe and Fast Confidential I/OProceedings of the 19th Workshop on Hot Topics in Operating Systems10.1145/3593856.3595913(214-222)Online publication date: 22-Jun-2023
https://dl.acm.org/doi/10.1145/3593856.3595913
Trivedi ABrunella MBaumann ACrooks NSchwarzkopf M(2023)CPU-free Computing: A Vision with a BlueprintProceedings of the 19th Workshop on Hot Topics in Operating Systems10.1145/3593856.3595906(1-14)Online publication date: 22-Jun-2023
https://dl.acm.org/doi/10.1145/3593856.3595906
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents