THE NOVA KERNEL API - Index of
21.12.2012 Views
Share Embed Flag

THE NOVA KERNEL API - Index of

THE NOVA KERNEL API - Index of

THE NOVA KERNEL API - Index of

SHOW MORE
SHOW LESS
ePAPER READ
DOWNLOAD ePAPER
archive.fosdem.org

You also want an ePaper? Increase the reach of your titles

YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.

START NOW

Fakultät Informatik Institut für Systemarchitektur, Betriebssysteme<br />

<strong>THE</strong> <strong>NOVA</strong> <strong>KERNEL</strong> <strong>API</strong><br />

Julian Stecklina (jsteckli@os.inf.tu-dresden.de)<br />

Dresden, 5.2.2012

00 Disclaimer<br />

This is not about OpenStack Compute.<br />

<strong>NOVA</strong> is mainly the work <strong>of</strong> Udo Steinberg (kernel) and Bernhard Kauer (userland).<br />

http://hypervisor.org/<br />

TU Dresden, 5.2.2012 The <strong>NOVA</strong> Kernel <strong>API</strong> Folie 2 von 26

00 Goals<br />

• not talking about virtualization propaganda,<br />

• giving a very short overview <strong>of</strong> <strong>NOVA</strong> as a whole<br />

• introducing basic concepts <strong>of</strong> the kernel <strong>API</strong><br />

In the end you should be able to pick up the <strong>NOVA</strong> <strong>API</strong> manual and make heads or<br />

tails <strong>of</strong> it.<br />

TU Dresden, 5.2.2012 The <strong>NOVA</strong> Kernel <strong>API</strong> Folie 3 von 26

01 <strong>NOVA</strong> OS Virtualization Architecture<br />

//os.inf.tu-dresden.de/papers_ps/steinberg_eurosys2010.pdf<br />

http:<br />

TU Dresden, 5.2.2012 The <strong>NOVA</strong> Kernel <strong>API</strong> Folie 4 von 26

01 What works, what doesn’t<br />

Works<br />

• x86 32-bit<br />

• SMP<br />

• VT-x, AMD-V<br />

• VT-d (Intel IOMMU)<br />

• SR-IOV<br />

• grub, syslinux, . . .<br />

• Linux, L4, . . .<br />

• emulates AHCI, igb, . . .<br />

• drivers for AHCI, some<br />

Intel NICs, . . .<br />

• experimental libvirt support<br />

Doesn’t work yet<br />

• Windows<br />

• Migration<br />

• Recursive Virtualization<br />

• 64-bit<br />

• being user-friendly ;-)<br />

• . . .<br />

TU Dresden, 5.2.2012 The <strong>NOVA</strong> Kernel <strong>API</strong> Folie 5 von 26

02 <strong>NOVA</strong> Architecture<br />

Reduce complexity <strong>of</strong> hypervisor:<br />

• hypervisor provides low-level protection domains<br />

– address spaces<br />

– virtual machines<br />

• one VMM per guest in (root mode) userspace,<br />

– possibly specialized VMMs to reduce attack surface<br />

– only one generic VMM implement so far<br />

TU Dresden, 5.2.2012 The <strong>NOVA</strong> Kernel <strong>API</strong> Folie 7 von 26

Demo

03 The L4 Influence<br />

<strong>NOVA</strong> cannot deny its roots in the L4 family:<br />

• task, threads, synchronous IPC<br />

• recursive mapping <strong>of</strong> memory<br />

TU Dresden, 5.2.2012 The <strong>NOVA</strong> Kernel <strong>API</strong> Folie 9 von 26

03 Capability-Based<br />

Syscalls operate on capabilities to kernel objects:<br />

• Protection Domain (PD) (“task”) — create pd<br />

• Execution Context (EC) (“thread”) — create ec, ec ctrl<br />

• Scheduling Context (SC) — create sc, sc ctrl<br />

• Portals (PT) — create pt, call, reply<br />

• Semaphore (SM) — create sm, sm ctrl<br />

TU Dresden, 5.2.2012 The <strong>NOVA</strong> Kernel <strong>API</strong> Folie 10 von 26

03 Capabilities<br />

Userspace can<br />

• create capabilities to objects (by creating kernel objects),<br />

• delegate capabilities (recursively, just as memory),<br />

Capabilities are stored per-PD in capability space in the kernel. A PD<br />

• uses index into capability space to name capabilities,<br />

• unforgeable.<br />

(Think file descriptors.)<br />

TU Dresden, 5.2.2012 The <strong>NOVA</strong> Kernel <strong>API</strong> Folie 11 von 26

03 Communication<br />

EC (thread)<br />

• bound to one PD (address<br />

space)<br />

• either thread or vCPU<br />

• has a special memory<br />

region (UTCB) for IPC<br />

Portals<br />

• entry point (instruction pointer)<br />

• bound to one EC<br />

• per client/function/. . .<br />

• pass data, delegate capabilities<br />

from UTCB to UTCB<br />

• can be called or implicitly used by<br />

exceptions (if a thread has the cap)<br />

TU Dresden, 5.2.2012 The <strong>NOVA</strong> Kernel <strong>API</strong> Folie 12 von 26

03 ECs and SCs<br />

There are two kinds <strong>of</strong> threads:<br />

with time<br />

• “global thread” or vCPU<br />

• stick SC to newly created EC<br />

• causes startup exception when<br />

first scheduled<br />

without time<br />

• “local thread”<br />

• bind portals to ECs<br />

• when portal invoked, starts<br />

executing at portal EIP<br />

• caller hands in time to handle<br />

the request (no scheduling<br />

decision)<br />

TU Dresden, 5.2.2012 The <strong>NOVA</strong> Kernel <strong>API</strong> Folie 13 von 26

03 Basic Server Scenario<br />

EC local<br />

(1) call<br />

EC global<br />

TU Dresden, 5.2.2012 The <strong>NOVA</strong> Kernel <strong>API</strong> Folie 14 von 26

03 Basic Server Scenario<br />

EC local<br />

(1) call<br />

EC global<br />

TU Dresden, 5.2.2012 The <strong>NOVA</strong> Kernel <strong>API</strong> Folie 14 von 26

03 Basic Server Scenario<br />

EC local<br />

EC global<br />

(2) reply<br />

TU Dresden, 5.2.2012 The <strong>NOVA</strong> Kernel <strong>API</strong> Folie 14 von 26

03 Resource Contention<br />

ECs are not reentrant.<br />

What happens when a second client wants to call a service?<br />

TU Dresden, 5.2.2012 The <strong>NOVA</strong> Kernel <strong>API</strong> Folie 15 von 26

03 Resource Contention<br />

EC local<br />

(1) call<br />

EC global<br />

TU Dresden, 5.2.2012 The <strong>NOVA</strong> Kernel <strong>API</strong> Folie 15 von 26

03 Resource Contention<br />

EC local<br />

(1) call (2) call<br />

EC global<br />

TU Dresden, 5.2.2012 The <strong>NOVA</strong> Kernel <strong>API</strong> Folie 15 von 26

03 Resource Contention<br />

EC local<br />

(1) call (2) call<br />

EC global<br />

TU Dresden, 5.2.2012 The <strong>NOVA</strong> Kernel <strong>API</strong> Folie 15 von 26

03 Resource Contention<br />

EC local<br />

(3) reply<br />

EC global<br />

(2) call<br />

TU Dresden, 5.2.2012 The <strong>NOVA</strong> Kernel <strong>API</strong> Folie 15 von 26

03 Resource Contention<br />

EC local<br />

EC global<br />

(4) reply<br />

TU Dresden, 5.2.2012 The <strong>NOVA</strong> Kernel <strong>API</strong> Folie 15 von 26

03 <strong>NOVA</strong>’s time management<br />

With SCs only bound to some threads, it is possible to build (simple) servers<br />

without time reservation.<br />

• How much time should service foo need anyway?<br />

• fewer things to schedule,<br />

• contended resources get “boosted” by clients as needed.<br />

TU Dresden, 5.2.2012 The <strong>NOVA</strong> Kernel <strong>API</strong> Folie 16 von 26

04 Hardware Support for Virtualization<br />

Late Pentium 4 (2004) introduced hardware support for virtualization: Intel VT.<br />

(AMD-V is conceptually very similar)<br />

• root mode vs. non-root mode<br />

– root mode runs hypervisor<br />

– non-root mode runs guest<br />

• situations that Intel VT cannot handle trap to root mode (VM Exit)<br />

• special memory region (VMCS) holds guest state<br />

• reduced s<strong>of</strong>tware complexity<br />

Supported by all major virtualization solutions today.<br />

TU Dresden, 5.2.2012 The <strong>NOVA</strong> Kernel <strong>API</strong> Folie 17 von 26

04 VT-x Problems<br />

VMCS (memory region holding guest state) needs to manipulated by VMM, yet<br />

• cannot be mapped into userspace,<br />

• have to use privileged VMREAD/VMWRITE instructions to access,<br />

• reading all content for every VM Exit is expensive.<br />

Kernel has to manage VMCS access.<br />

TU Dresden, 5.2.2012 The <strong>NOVA</strong> Kernel <strong>API</strong> Folie 18 von 26

04 Virtualization on <strong>NOVA</strong><br />

VM Exits (and normal exceptions) vector through special portals.<br />

• Portals created with bit field denoting interesting information (Message<br />

Transfer Descriptor, MTD)<br />

– for WRMSR or CPUID we need only general purpose registers<br />

– for page fault we need complete vCPU state<br />

• kernel puts this data in handler’s UTCB<br />

• handler produces new MTD on reply<br />

Reduce number <strong>of</strong> expensive VMREAD/VMWRITE in the kernel.<br />

TU Dresden, 5.2.2012 The <strong>NOVA</strong> Kernel <strong>API</strong> Folie 19 von 26

04 Writing to disk

04 Writing to disk<br />

Drv<br />

Handler IRQ<br />

Exc<br />

Shared<br />

Memory<br />

vCPU<br />

VMM

04 Writing to disk<br />

Drv<br />

Handler IRQ<br />

Exc<br />

MMIO<br />

Shared<br />

Memory<br />

vCPU<br />

VMM

04 Writing to disk<br />

Drv<br />

Handler IRQ<br />

"write<br />

data"<br />

Exc<br />

MMIO<br />

Shared<br />

Memory<br />

vCPU<br />

VMM

04 Writing to disk<br />

Drv<br />

Handler IRQ<br />

"working<br />

on it"<br />

Exc<br />

MMIO<br />

Shared<br />

Memory<br />

vCPU<br />

VMM

04 Writing to disk<br />

Drv<br />

Handler IRQ<br />

Exc<br />

Shared<br />

Memory<br />

vCPU<br />

VMM

04 Writing to disk<br />

Drv<br />

Handler IRQ<br />

Exc<br />

Shared<br />

Memory<br />

vCPU<br />

VMM

04 Writing to disk<br />

Drv<br />

Handler IRQ<br />

Exc<br />

recall<br />

Shared<br />

Memory<br />

vCPU<br />

VMM

04 Writing to disk<br />

Drv<br />

Handler IRQ<br />

Exc<br />

recall<br />

exception<br />

Shared<br />

Memory<br />

vCPU<br />

VMM

04 Writing to disk<br />

Drv<br />

Handler IRQ<br />

Exc<br />

inject<br />

irq<br />

Shared<br />

Memory<br />

vCPU<br />

VMM

04 Writing to disk<br />

Drv<br />

Handler IRQ<br />

Exc<br />

Shared<br />

Memory<br />

vCPU<br />

VMM

http://os.inf.tu-dresden.de/papers_ps/steinberg_eurosys2010.pdf

05 There is also . . .<br />

• Userspace Timer Service<br />

• Admission Server<br />

• Device Drivers (IOMMU!)<br />

• . . .<br />

TU Dresden, 5.2.2012 The <strong>NOVA</strong> Kernel <strong>API</strong> Folie 22 von 26

05 Summary<br />

The <strong>NOVA</strong> microhypervisor is a<br />

• fast capability-based<br />

microkernel<br />

• with virtualization<br />

in mind.<br />

Code at http://hypervisor.org/<br />

Supported by:<br />

Discuss at http://os.inf.tu-dresden.de/mailman/listinfo/l4-hackers<br />

http://ict-passive.eu/<br />

TU Dresden, 5.2.2012 The <strong>NOVA</strong> Kernel <strong>API</strong> Folie 23 von 26

06 Multiple CPUs<br />

Thread-related kernel objects are bound to one CPU:<br />

• Portals,<br />

• Execution Contexts,<br />

• Scheduling Contexts.<br />

Semphores work cross-CPU. Communication via Semaphores/recall.<br />

“Non-donating” cross-CPU IPC never really needed.<br />

Servers can be CPU-topology aware!<br />

TU Dresden, 5.2.2012 The <strong>NOVA</strong> Kernel <strong>API</strong> Folie 24 von 26

http://os.inf.tu-dresden.de/papers_ps/steinberg_eurosys2010.pdf

06 Livelock<br />

It’s possible to construct helping<br />

loops... Ouch!<br />

Pager<br />

Client<br />

Srv A<br />

Srv B<br />

TU Dresden, 5.2.2012 The <strong>NOVA</strong> Kernel <strong>API</strong> Folie 26 von 26

06 Livelock<br />

It’s possible to construct helping<br />

loops... Ouch!<br />

• Kernel detects loop<br />

• Random IPC is aborted<br />

Pager<br />

Client<br />

Srv A<br />

Srv B<br />

TU Dresden, 5.2.2012 The <strong>NOVA</strong> Kernel <strong>API</strong> Folie 26 von 26

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!