SlideShare a Scribd company logo

Exokernel operating systems

Download as PPT, PDF
Gaurav Dalvi
Gaurav Dalvi

Exokernel is type of kernel which allows the application to control the hardware with the help of library.

Technology
1 of 19
By Gaurav Dalvi
What do you mean by Operating System ? An operating system is the interface between applications and physical resources of the computer. Traditional OS: Large Monolithic Kernel. High level of abstractions of the resources. It hurts application performance because there is no single way to implement an abstraction that is best for all application.
Relational databases and garbage collectors sometimes have very predictable data access patterns, and their performance suffers when a general purpose page replacement algorithm such as least recently used (LRU) is imposed by the operating system (Engler, 1995). These abstractions hide information about physical resources and in essence define a virtual machine upon which applications execute. And this virtual machine cannot be replaced and modified by untrusted application.
This design is inefficient for three reasons: it denies applications the advantages of domain-specific optimizations. it discourages changes to the implementations of existing abstractions. it restricts the flexibility of applications builders because new abstractions can only be added by awkward emulation on top of existing ones.
Exokernel was inspired by the fact that the lower the level of a primitive, the more efficiently it can be implemented, and the more latitude it grants to the implementers of higher-level abstractions (Engler, 1995). An analogy can be found between RISC and CISC Instruction set. Another analogy is between low level Assembly language to high level programming language like C++ and java. . The exokernel operating system architecture extends the traditional hardware interface by granting application- level management of low-level physical resources.
“Applications know better than operating systems what the goal of their resource management decisions should be and therefore, they should be given as much control as possible over those decisions” (Engler, 1995). As an example, application-controlled file caching can reduce application running time by as much as 35% (Cao et al 1994).
The job of the exokernel is to securely multiplex all available hardware while maintaining protection of these resources at a fine- grained level. Library operating systems (LibOSes) work on top of the exokernel interface, importing kernel information and data structures as needed for memory management, process scheduling, and I/O.
In 1995, Dawson Engler, Frans Kaashoek, and James O’Toole proposed an initial draft at The ACM Symposium on Operating Systems Principles (SOSP) conference. They continued their research at M.I.T. and wrote Xok and ExOS, which is a prototype kernel and library operating system for x86 computers. Research is still being conducted at M.I.T..
“The goal of an exokernel is to give efficient control of resources to untrusted applications in a secure, multiuser system” (Kaashoek, Engler, et. al., 1997). exokernels should avoid resource management; they should only manage resources to the extent that require protection (management of allocation, revocation, and ownership) (Engler, 1995). Exokernels export hardware resources instead of emulating them, which allows for simpler and faster implementations.
Exokernels use three techniques to export resources securely. 1. By using secure bindings, applications can securely bind to hardware resources and handle events. 2. By using visible resource revocation, applications participate in a resource revocation protocol. 3. By using an abort protocol, an exokernel can break secure bindings of uncooperative applications by force (Engler, 1995).
Exokernels must give library operating systems maximum freedom in managing physical resources while protecting them from each other; a programming error in one library operating system should not affect another library operating system. To do this, an exokernel performs three tasks: 1. it tracks ownership of resources. 2. ensures protection by guarding all resource usage or binding points. 3. revokes access to resources.
A process in Xok is called an environment. An environment consists of accounting information, the page table, locations of code to run when certain events happen (upcalls), and any other custom data (dependent on the libOS author). Process (or environment) scheduling works very similar to that of a traditional OS, with the exception that the process is notified whenever it is about to gain or lose the processor.
Multiplexing main memory is a rather straightforward process in Xok, as it only has to guard memory accesses between competing libOSes rather than from within a single libOS. Xok exposes the capabilities of the hardware to libOSes, including all MMU protection and dirty bits as well as many kernel data structures. Access to these structures allows an application to have maximum control over paging and virtual memory. When the exokernel detects a page fault of any kind (read- only page, page not present, etc.) it propagates the fault up to a user level (libOS) fault handler.
All experiments were performed on the same hardware. A 200-MHz Intel Pentium Pro processor with a 256-Kbyte on-chip L2 cache and 64-Mbyte of main memory was used to compare how fast various operating systems could complete specific benchmarks. The ExOS library provides a user-level and extensible implementation of an UNIX operating system; therefore, most UNIX applications like gcc, perl, and telnet compile and work without modifications using ExOS.
In addition, the following figure from M.I.T.’s testing indicates that the Cheetah web server optimized for Xok performs eight times faster than NCSA or Harvest
untrusted code lends itself to faster development than trusted operating system code, as a bug in a library does not propogate to the entire system and the libOS can actually be debugged independently from the exokernel.
There are also some costs associated with Xok.  First, design of the exokernel interface is not simple. It requires difficult choices as to how to balance the power one wants to give the applications with the protection needed. M.I.T.’s kernel interface design for Xok went through several iterations before they agreed on a suitable implementation.  Second, there is information loss associated with performing resource-management tasks at the application level. For instance, since virtual memory is handled by the libOS, Xok is not able to distinguish which pages were used to cache disk blocks and which pages are used for virtual memory.
Only a few development issues remain to be addressed to make Xok a commercially viable operating system, and the only reason these issues have not been addressed is because the exokernel project is academic in nature and have simply not been undertaken as further projects.

Recommended

Application Performance & Flexibility on Exokernel Systems paper review
Application Performance & Flexibility on Exokernel Systems paper reviewApplication Performance & Flexibility on Exokernel Systems paper review
Application Performance & Flexibility on Exokernel Systems paper review
Vimukthi Wickramasinghe
 
Exokernel
ExokernelExokernel
Exokernel
Abu Azzam
 
Xen and the art of virtualization
Xen and the art of virtualizationXen and the art of virtualization
Xen and the art of virtualization
Abdul417101
 
Java packages
Java packagesJava packages
Java packages
Raja Sekhar
 
Java collections
Java collectionsJava collections
Java collections
Hamid Ghorbani
 
Distributed and clustered systems
Distributed and clustered systemsDistributed and clustered systems
Distributed and clustered systems
V.V.Vanniaperumal College for Women
 
Kernel (OS)
Kernel (OS)Kernel (OS)
Kernel (OS)
عطاءالمنعم اثیل شیخ
 
Multithreading
MultithreadingMultithreading
Multithreading
A B Shinde
 

Recommended

Application Performance & Flexibility on Exokernel Systems paper review
Application Performance & Flexibility on Exokernel Systems paper reviewApplication Performance & Flexibility on Exokernel Systems paper review
Application Performance & Flexibility on Exokernel Systems paper review
Vimukthi Wickramasinghe
 
Exokernel
ExokernelExokernel
Exokernel
Abu Azzam
 
Xen and the art of virtualization
Xen and the art of virtualizationXen and the art of virtualization
Xen and the art of virtualization
Abdul417101
 
Java packages
Java packagesJava packages
Java packages
Raja Sekhar
 
Java collections
Java collectionsJava collections
Java collections
Hamid Ghorbani
 
Distributed and clustered systems
Distributed and clustered systemsDistributed and clustered systems
Distributed and clustered systems
V.V.Vanniaperumal College for Women
 
Kernel (OS)
Kernel (OS)Kernel (OS)
Kernel (OS)
عطاءالمنعم اثیل شیخ
 
Multithreading
MultithreadingMultithreading
Multithreading
A B Shinde
 
Distributed operating system
Distributed operating systemDistributed operating system
Distributed operating system
Prankit Mishra
 
Inter Process Communication Presentation[1]
Inter Process Communication Presentation[1]Inter Process Communication Presentation[1]
Inter Process Communication Presentation[1]Ravindra Raju Kolahalam
 
Protection and Security in Operating Systems
Protection and Security in Operating SystemsProtection and Security in Operating Systems
Protection and Security in Operating Systems
vampugani
 
Built in exceptions
Built in exceptions Built in exceptions
Built in exceptions
TharuniDiddekunta
 
Java programming -Object-Oriented Thinking- Inheritance
Java programming -Object-Oriented Thinking- InheritanceJava programming -Object-Oriented Thinking- Inheritance
Java programming -Object-Oriented Thinking- Inheritance
Jyothishmathi Institute of Technology and Science Karimnagar
 
Hypervisor
HypervisorHypervisor
Hypervisor
kalpita surve
 
Distributed Deadlock Detection.ppt
Distributed Deadlock Detection.pptDistributed Deadlock Detection.ppt
Distributed Deadlock Detection.ppt
Babar Kamran Ahmed (LION)
 
Multi threading
Multi threadingMulti threading
Multi threading
gndu
 
operating system structure
operating system structureoperating system structure
operating system structureWaseem Ud Din Farooqui
 
JAVA AWT
JAVA AWTJAVA AWT
JAVA AWT
shanmuga rajan
 
Securing hand held computing devices
Securing hand held computing devicesSecuring hand held computing devices
Securing hand held computing devicesjraja01
 
Java IO
Java IOJava IO
Java IO
UTSAB NEUPANE
 
Java exception handling ppt
Java exception handling pptJava exception handling ppt
Java exception handling ppt
JavabynataraJ
 
Linux booting Process
Linux booting ProcessLinux booting Process
Linux booting Process
Gaurav Sharma
 
Operating Systems - Process Synchronization and Deadlocks
Operating Systems - Process Synchronization and DeadlocksOperating Systems - Process Synchronization and Deadlocks
Operating Systems - Process Synchronization and Deadlocks
Mukesh Chinta
 
01 - Introduction to Distributed Systems
01 - Introduction to Distributed Systems01 - Introduction to Distributed Systems
01 - Introduction to Distributed Systems
Dilum Bandara
 
Basics of JAVA programming
Basics of JAVA programmingBasics of JAVA programming
Basics of JAVA programming
Elizabeth Thomas
 
Distributed Systems Real Life Applications
Distributed Systems Real Life ApplicationsDistributed Systems Real Life Applications
Distributed Systems Real Life Applications
Aman Srivastava
 
Distributed operating system
Distributed operating systemDistributed operating system
Distributed operating system
udaya khanal
 
Chapter 8 - Main Memory
Chapter 8 - Main MemoryChapter 8 - Main Memory
Chapter 8 - Main Memory
Wayne Jones Jnr
 
UNIX INTERNALS UNIT-I
UNIX INTERNALS UNIT-IUNIX INTERNALS UNIT-I
UNIX INTERNALS UNIT-I
JK Knowledge
 
Kernel (computing)
Kernel (computing)Kernel (computing)
Kernel (computing)Teja Bheemanapally
 

More Related Content

What's hot

Distributed operating system
Distributed operating systemDistributed operating system
Distributed operating system
Prankit Mishra
 
Inter Process Communication Presentation[1]
Inter Process Communication Presentation[1]Inter Process Communication Presentation[1]
Inter Process Communication Presentation[1]Ravindra Raju Kolahalam
 
Protection and Security in Operating Systems
Protection and Security in Operating SystemsProtection and Security in Operating Systems
Protection and Security in Operating Systems
vampugani
 
Built in exceptions
Built in exceptions Built in exceptions
Built in exceptions
TharuniDiddekunta
 
Java programming -Object-Oriented Thinking- Inheritance
Java programming -Object-Oriented Thinking- InheritanceJava programming -Object-Oriented Thinking- Inheritance
Java programming -Object-Oriented Thinking- Inheritance
Jyothishmathi Institute of Technology and Science Karimnagar
 
Hypervisor
HypervisorHypervisor
Hypervisor
kalpita surve
 
Distributed Deadlock Detection.ppt
Distributed Deadlock Detection.pptDistributed Deadlock Detection.ppt
Distributed Deadlock Detection.ppt
Babar Kamran Ahmed (LION)
 
Multi threading
Multi threadingMulti threading
Multi threading
gndu
 
JAVA AWT
JAVA AWTJAVA AWT
JAVA AWT
shanmuga rajan
 
Securing hand held computing devices
Securing hand held computing devicesSecuring hand held computing devices
Securing hand held computing devicesjraja01
 
Java IO
Java IOJava IO
Java IO
UTSAB NEUPANE
 
Java exception handling ppt
Java exception handling pptJava exception handling ppt
Java exception handling ppt
JavabynataraJ
 
Linux booting Process
Linux booting ProcessLinux booting Process
Linux booting Process
Gaurav Sharma
 
Operating Systems - Process Synchronization and Deadlocks
Operating Systems - Process Synchronization and DeadlocksOperating Systems - Process Synchronization and Deadlocks
Operating Systems - Process Synchronization and Deadlocks
Mukesh Chinta
 
01 - Introduction to Distributed Systems
01 - Introduction to Distributed Systems01 - Introduction to Distributed Systems
01 - Introduction to Distributed Systems
Dilum Bandara
 
Basics of JAVA programming
Basics of JAVA programmingBasics of JAVA programming
Basics of JAVA programming
Elizabeth Thomas
 
Distributed Systems Real Life Applications
Distributed Systems Real Life ApplicationsDistributed Systems Real Life Applications
Distributed Systems Real Life Applications
Aman Srivastava
 
Distributed operating system
Distributed operating systemDistributed operating system
Distributed operating system
udaya khanal
 
Chapter 8 - Main Memory
Chapter 8 - Main MemoryChapter 8 - Main Memory
Chapter 8 - Main Memory
Wayne Jones Jnr
 

What's hot (20)

Distributed operating system
Distributed operating systemDistributed operating system
Distributed operating system
 
Inter Process Communication Presentation[1]
Inter Process Communication Presentation[1]Inter Process Communication Presentation[1]
Inter Process Communication Presentation[1]
 
Protection and Security in Operating Systems
Protection and Security in Operating SystemsProtection and Security in Operating Systems
Protection and Security in Operating Systems
 
Built in exceptions
Built in exceptions Built in exceptions
Built in exceptions
 
Java programming -Object-Oriented Thinking- Inheritance
Java programming -Object-Oriented Thinking- InheritanceJava programming -Object-Oriented Thinking- Inheritance
Java programming -Object-Oriented Thinking- Inheritance
 
Hypervisor
HypervisorHypervisor
Hypervisor
 
Distributed Deadlock Detection.ppt
Distributed Deadlock Detection.pptDistributed Deadlock Detection.ppt
Distributed Deadlock Detection.ppt
 
Multi threading
Multi threadingMulti threading
Multi threading
 
operating system structure
operating system structureoperating system structure
operating system structure
 
JAVA AWT
JAVA AWTJAVA AWT
JAVA AWT
 
Securing hand held computing devices
Securing hand held computing devicesSecuring hand held computing devices
Securing hand held computing devices
 
Java IO
Java IOJava IO
Java IO
 
Java exception handling ppt
Java exception handling pptJava exception handling ppt
Java exception handling ppt
 
Linux booting Process
Linux booting ProcessLinux booting Process
Linux booting Process
 
Operating Systems - Process Synchronization and Deadlocks
Operating Systems - Process Synchronization and DeadlocksOperating Systems - Process Synchronization and Deadlocks
Operating Systems - Process Synchronization and Deadlocks
 
01 - Introduction to Distributed Systems
01 - Introduction to Distributed Systems01 - Introduction to Distributed Systems
01 - Introduction to Distributed Systems
 
Basics of JAVA programming
Basics of JAVA programmingBasics of JAVA programming
Basics of JAVA programming
 
Distributed Systems Real Life Applications
Distributed Systems Real Life ApplicationsDistributed Systems Real Life Applications
Distributed Systems Real Life Applications
 
Distributed operating system
Distributed operating systemDistributed operating system
Distributed operating system
 
Chapter 8 - Main Memory
Chapter 8 - Main MemoryChapter 8 - Main Memory
Chapter 8 - Main Memory
 

Similar to Exokernel operating systems

UNIX INTERNALS UNIT-I
UNIX INTERNALS UNIT-IUNIX INTERNALS UNIT-I
UNIX INTERNALS UNIT-I
JK Knowledge
 
Linux kernel Architecture and Properties
Linux kernel Architecture and PropertiesLinux kernel Architecture and Properties
Linux kernel Architecture and Properties
Saadi Rahman
 
MIcrokernel
MIcrokernelMIcrokernel
MIcrokernel
Abu Azzam
 
CS403: Operating System :Lec 2 Function of OS.pptx
CS403: Operating System :Lec 2 Function of OS.pptxCS403: Operating System :Lec 2 Function of OS.pptx
CS403: Operating System :Lec 2 Function of OS.pptx
Asst.prof M.Gokilavani
 
F9: A Secure and Efficient Microkernel Built for Deeply Embedded Systems
F9: A Secure and Efficient Microkernel Built for Deeply Embedded SystemsF9: A Secure and Efficient Microkernel Built for Deeply Embedded Systems
F9: A Secure and Efficient Microkernel Built for Deeply Embedded Systems
National Cheng Kung University
 
Operating systems
Operating systemsOperating systems
Operating systemsanishgoel
 
Introduction to Unix operating system Chapter 1-PPT Mrs.Sowmya Jyothi
Introduction to Unix operating system Chapter 1-PPT Mrs.Sowmya JyothiIntroduction to Unix operating system Chapter 1-PPT Mrs.Sowmya Jyothi
Introduction to Unix operating system Chapter 1-PPT Mrs.Sowmya Jyothi
Sowmya Jyothi
 
CS403: Operating System : Lec 4 OS services.pptx
CS403: Operating System : Lec 4 OS services.pptxCS403: Operating System : Lec 4 OS services.pptx
CS403: Operating System : Lec 4 OS services.pptx
Asst.prof M.Gokilavani
 
lecture 1 (Part 2) kernal and its categories
lecture 1 (Part 2) kernal and its categorieslecture 1 (Part 2) kernal and its categories
lecture 1 (Part 2) kernal and its categories
WajeehaBaig
 
LinuxOS-1 (1).ppt
LinuxOS-1 (1).pptLinuxOS-1 (1).ppt
LinuxOS-1 (1).ppt
Savitha74
 
Factors Affecting the System Safety || Linux
Factors Affecting the System Safety || LinuxFactors Affecting the System Safety || Linux
Factors Affecting the System Safety || Linux
Zain Abid
 
Operating system by aman kr kushwaha
Operating system by aman kr kushwahaOperating system by aman kr kushwaha
Operating system by aman kr kushwaha
AMAN KUMAR KUSHWAHA
 
ITT Project Information Technology Basic
ITT Project Information Technology BasicITT Project Information Technology Basic
ITT Project Information Technology Basic
Mayank Garg
 
Analysis of Practicality and Performance Evaluation for Monolithic Kernel and...
Analysis of Practicality and Performance Evaluation for Monolithic Kernel and...Analysis of Practicality and Performance Evaluation for Monolithic Kernel and...
Analysis of Practicality and Performance Evaluation for Monolithic Kernel and...
CSCJournals
 
Construct an Efficient and Secure Microkernel for IoT
Construct an Efficient and Secure Microkernel for IoTConstruct an Efficient and Secure Microkernel for IoT
Construct an Efficient and Secure Microkernel for IoT
National Cheng Kung University
 

Similar to Exokernel operating systems (20)

UNIX INTERNALS UNIT-I
UNIX INTERNALS UNIT-IUNIX INTERNALS UNIT-I
UNIX INTERNALS UNIT-I
 
Kernel (computing)
Kernel (computing)Kernel (computing)
Kernel (computing)
 
Kernel (computing)
Kernel (computing)Kernel (computing)
Kernel (computing)
 
Linux kernel Architecture and Properties
Linux kernel Architecture and PropertiesLinux kernel Architecture and Properties
Linux kernel Architecture and Properties
 
MIcrokernel
MIcrokernelMIcrokernel
MIcrokernel
 
In a monolithic kerne1
In a monolithic kerne1In a monolithic kerne1
In a monolithic kerne1
 
In a monolithic kerne1
In a monolithic kerne1In a monolithic kerne1
In a monolithic kerne1
 
CS403: Operating System :Lec 2 Function of OS.pptx
CS403: Operating System :Lec 2 Function of OS.pptxCS403: Operating System :Lec 2 Function of OS.pptx
CS403: Operating System :Lec 2 Function of OS.pptx
 
F9: A Secure and Efficient Microkernel Built for Deeply Embedded Systems
F9: A Secure and Efficient Microkernel Built for Deeply Embedded SystemsF9: A Secure and Efficient Microkernel Built for Deeply Embedded Systems
F9: A Secure and Efficient Microkernel Built for Deeply Embedded Systems
 
Operating systems
Operating systemsOperating systems
Operating systems
 
Introduction to Unix operating system Chapter 1-PPT Mrs.Sowmya Jyothi
Introduction to Unix operating system Chapter 1-PPT Mrs.Sowmya JyothiIntroduction to Unix operating system Chapter 1-PPT Mrs.Sowmya Jyothi
Introduction to Unix operating system Chapter 1-PPT Mrs.Sowmya Jyothi
 
CS403: Operating System : Lec 4 OS services.pptx
CS403: Operating System : Lec 4 OS services.pptxCS403: Operating System : Lec 4 OS services.pptx
CS403: Operating System : Lec 4 OS services.pptx
 
lecture 1 (Part 2) kernal and its categories
lecture 1 (Part 2) kernal and its categorieslecture 1 (Part 2) kernal and its categories
lecture 1 (Part 2) kernal and its categories
 
LinuxOS-1 (1).ppt
LinuxOS-1 (1).pptLinuxOS-1 (1).ppt
LinuxOS-1 (1).ppt
 
Factors Affecting the System Safety || Linux
Factors Affecting the System Safety || LinuxFactors Affecting the System Safety || Linux
Factors Affecting the System Safety || Linux
 
Operating system by aman kr kushwaha
Operating system by aman kr kushwahaOperating system by aman kr kushwaha
Operating system by aman kr kushwaha
 
ITT Project Information Technology Basic
ITT Project Information Technology BasicITT Project Information Technology Basic
ITT Project Information Technology Basic
 
Analysis of Practicality and Performance Evaluation for Monolithic Kernel and...
Analysis of Practicality and Performance Evaluation for Monolithic Kernel and...Analysis of Practicality and Performance Evaluation for Monolithic Kernel and...
Analysis of Practicality and Performance Evaluation for Monolithic Kernel and...
 
Construct an Efficient and Secure Microkernel for IoT
Construct an Efficient and Secure Microkernel for IoTConstruct an Efficient and Secure Microkernel for IoT
Construct an Efficient and Secure Microkernel for IoT
 
Studies
StudiesStudies
Studies
 

Recently uploaded

Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
Safe Software
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
DanBrown980551
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
Ana-Maria Mihalceanu
 
By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
Pierluigi Pugliese
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Nexer Digital
 
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfSAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
Peter Spielvogel
 
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
SOFTTECHHUB
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
Guy Korland
 
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptxSecstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
nkrafacyberclub
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
Quotidiano Piemontese
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Paige Cruz
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
ControlCase
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
KatiaHIMEUR1
 
Free Complete Python - A step towards Data Science
Free Complete Python - A step towards Data ScienceFree Complete Python - A step towards Data Science
Free Complete Python - A step towards Data Science
RinaMondal9
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance
 
Removing Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software FuzzingRemoving Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software Fuzzing
Aftab Hussain
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
BookNet Canada
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
mikeeftimakis1
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 

Recently uploaded (20)

Essentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FMEEssentials of Automations: The Art of Triggers and Actions in FME
Essentials of Automations: The Art of Triggers and Actions in FME
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
 
By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024By Design, not by Accident - Agile Venture Bolzano 2024
By Design, not by Accident - Agile Venture Bolzano 2024
 
Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?Elizabeth Buie - Older adults: Are we really designing for our future selves?
Elizabeth Buie - Older adults: Are we really designing for our future selves?
 
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfSAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdf
 
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
 
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptxSecstrike : Reverse Engineering & Pwnable tools for CTF.pptx
Secstrike : Reverse Engineering & Pwnable tools for CTF.pptx
 
National Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practicesNational Security Agency - NSA mobile device best practices
National Security Agency - NSA mobile device best practices
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
 
Free Complete Python - A step towards Data Science
Free Complete Python - A step towards Data ScienceFree Complete Python - A step towards Data Science
Free Complete Python - A step towards Data Science
 
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdfFIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf
 
Removing Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software FuzzingRemoving Uninteresting Bytes in Software Fuzzing
Removing Uninteresting Bytes in Software Fuzzing
 
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...Transcript: Selling digital books in 2024: Insights from industry leaders - T...
Transcript: Selling digital books in 2024: Insights from industry leaders - T...
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
 
Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
 

Exokernel operating systems

  • 2. What do you mean by Operating System ? An operating system is the interface between applications and physical resources of the computer. Traditional OS: Large Monolithic Kernel. High level of abstractions of the resources. It hurts application performance because there is no single way to implement an abstraction that is best for all application.
  • 3. Relational databases and garbage collectors sometimes have very predictable data access patterns, and their performance suffers when a general purpose page replacement algorithm such as least recently used (LRU) is imposed by the operating system (Engler, 1995). These abstractions hide information about physical resources and in essence define a virtual machine upon which applications execute. And this virtual machine cannot be replaced and modified by untrusted application.
  • 4. This design is inefficient for three reasons: it denies applications the advantages of domain-specific optimizations. it discourages changes to the implementations of existing abstractions. it restricts the flexibility of applications builders because new abstractions can only be added by awkward emulation on top of existing ones.
  • 5. Exokernel was inspired by the fact that the lower the level of a primitive, the more efficiently it can be implemented, and the more latitude it grants to the implementers of higher-level abstractions (Engler, 1995). An analogy can be found between RISC and CISC Instruction set. Another analogy is between low level Assembly language to high level programming language like C++ and java. . The exokernel operating system architecture extends the traditional hardware interface by granting application- level management of low-level physical resources.
  • 6. “Applications know better than operating systems what the goal of their resource management decisions should be and therefore, they should be given as much control as possible over those decisions” (Engler, 1995). As an example, application-controlled file caching can reduce application running time by as much as 35% (Cao et al 1994).
  • 7. The job of the exokernel is to securely multiplex all available hardware while maintaining protection of these resources at a fine- grained level. Library operating systems (LibOSes) work on top of the exokernel interface, importing kernel information and data structures as needed for memory management, process scheduling, and I/O.
  • 8. In 1995, Dawson Engler, Frans Kaashoek, and James O’Toole proposed an initial draft at The ACM Symposium on Operating Systems Principles (SOSP) conference. They continued their research at M.I.T. and wrote Xok and ExOS, which is a prototype kernel and library operating system for x86 computers. Research is still being conducted at M.I.T..
  • 9. “The goal of an exokernel is to give efficient control of resources to untrusted applications in a secure, multiuser system” (Kaashoek, Engler, et. al., 1997). exokernels should avoid resource management; they should only manage resources to the extent that require protection (management of allocation, revocation, and ownership) (Engler, 1995). Exokernels export hardware resources instead of emulating them, which allows for simpler and faster implementations.
  • 10. Exokernels use three techniques to export resources securely. 1. By using secure bindings, applications can securely bind to hardware resources and handle events. 2. By using visible resource revocation, applications participate in a resource revocation protocol. 3. By using an abort protocol, an exokernel can break secure bindings of uncooperative applications by force (Engler, 1995).
  • 11. Exokernels must give library operating systems maximum freedom in managing physical resources while protecting them from each other; a programming error in one library operating system should not affect another library operating system. To do this, an exokernel performs three tasks: 1. it tracks ownership of resources. 2. ensures protection by guarding all resource usage or binding points. 3. revokes access to resources.
  • 12. A process in Xok is called an environment. An environment consists of accounting information, the page table, locations of code to run when certain events happen (upcalls), and any other custom data (dependent on the libOS author). Process (or environment) scheduling works very similar to that of a traditional OS, with the exception that the process is notified whenever it is about to gain or lose the processor.
  • 13. Multiplexing main memory is a rather straightforward process in Xok, as it only has to guard memory accesses between competing libOSes rather than from within a single libOS. Xok exposes the capabilities of the hardware to libOSes, including all MMU protection and dirty bits as well as many kernel data structures. Access to these structures allows an application to have maximum control over paging and virtual memory. When the exokernel detects a page fault of any kind (read- only page, page not present, etc.) it propagates the fault up to a user level (libOS) fault handler.
  • 14. All experiments were performed on the same hardware. A 200-MHz Intel Pentium Pro processor with a 256-Kbyte on-chip L2 cache and 64-Mbyte of main memory was used to compare how fast various operating systems could complete specific benchmarks. The ExOS library provides a user-level and extensible implementation of an UNIX operating system; therefore, most UNIX applications like gcc, perl, and telnet compile and work without modifications using ExOS.
  • 15.
  • 16. In addition, the following figure from M.I.T.’s testing indicates that the Cheetah web server optimized for Xok performs eight times faster than NCSA or Harvest
  • 17. untrusted code lends itself to faster development than trusted operating system code, as a bug in a library does not propogate to the entire system and the libOS can actually be debugged independently from the exokernel.
  • 18. There are also some costs associated with Xok.  First, design of the exokernel interface is not simple. It requires difficult choices as to how to balance the power one wants to give the applications with the protection needed. M.I.T.’s kernel interface design for Xok went through several iterations before they agreed on a suitable implementation.  Second, there is information loss associated with performing resource-management tasks at the application level. For instance, since virtual memory is handled by the libOS, Xok is not able to distinguish which pages were used to cache disk blocks and which pages are used for virtual memory.
  • 19. Only a few development issues remain to be addressed to make Xok a commercially viable operating system, and the only reason these issues have not been addressed is because the exokernel project is academic in nature and have simply not been undertaken as further projects.

Editor's Notes

  1. Application programmers can create and use specific abstractions of their choice instead of inefficient generic abstractions that cannot be extended or replaced. As a result, performance, flexibility, and functionality of applications are improved significantly. Virtual memory, interprocess communication, disk and network I/O are all such abstractions that are implemented in a more efficient manner than on other operating systems.
  2. The exokernel does not have to be aware of how these resources are implemented at the libOS level. Application programmers choose only those library operating systems that they want so that they are able to implement abstractions in the way that they want to, and they only import those libraries that they are going to use. LibOSes can be smaller and more specialized than in-kernel implementations, because they need not multiplex a resource among competing applications with widely different demands.
  3. Symposium:A meeting or conference for the public discussion of some topic especially one in which the participants form an audience and make presentations.
  4. . In addition, since libraries are not trusted by an exokernel, they are free to trust the application. For example, if an application passes the wrong arguments to a library, only that application will be affected.
  5. This allows a process to save or restore its own registers. The kernel multiplexes the CPU by dividing it into time slices of a fixed number of ticks. An environment may then allocate time slices in order to be scheduled on the processor.