Date: 2024/05/08 14:20-15:30
Location: CSIE,R111
Speaker: Dr. Hugo Lefeuvre,Visiting Researcher, SCI Semiconductor
Host: Prof.Shih-Wei Li
Abstract:
This talk will present three contributions on operating system specialization.I will first talk about unikernels, specialized virtual machines running a single application within a single protection domain. Unikernels are the gold standard of VM performance and lightweightness, however they struggle to get traction in the field due to their lack of application compatibility and the high degree of expertise needed to design and deploy them. I will present Unikraft, our approach to solve these problems. Unikraft is a highly-modular and configurable unikernel aiming to make specialization accessible to the mainstream. Unikraft is POSIX-compatible and runs unmodified applications. Unikraft was published at EuroSys'21 where it received the Best Paper Award; it is currently running in production.
In a second part I will pursue the discussion on specialization, this time shifting the focus towards security. I will present FlexOS, an OS allowing users to easily specialize the safety and isolation strategy of an OS at deployment time. FlexOS builds on the ideas we developed in Unikraft to enable specialization not only towards performance, but towards the security/performance design-space of isolation techniques. I will motivate and discuss the design of FlexOS, and give a short perspective on the design space achieved with our prototype. FlexOS was published at ASPLOS'22 and received the Distinguished Artifact Award.
In the last part, I will discuss the design of OS compatibility layers, a crucial building block of OSes that provide support for unmodified applications. I will present Loupe, our approach to systematize and simplify the development of OS compatibility layers. Loupe is a method based on dynamic analysis to determine the OS features that need to be implemented in a prototype OS to support a target set of workloads. Loupe guides and boosts OS developers as they build compatibility layers, prioritizing which features to implement to quickly support many applications. We applied Loupe to 100+ applications and studied our measurements to extract insights on the development of OS compatibility layers, which I will discuss in the talk. Loupe was published at ASPLOS'24, and is used in production to boost the development of Unikraft
- Some links:
Unikraft: https://dl.acm.org/doi/10.1145/3447786.3456248
FlexOS: https://dl.acm.org/doi/10.1145/3503222.3507759
Loupe: https://dl.acm.org/doi/10.1145/3617232.3624861
My personal webpage: https://owl.eu.com/research.html
Biography:
Hugo Lefeuvre is a Visiting Researcher at SCI Semiconductor and an incoming Postdoctoral Research Fellow at the University of British Columbia, Canada. Previously, he obtained his PhD at the University of Manchester, UK. He is a 2022 Microsoft PhD Fellow, a Unikraft core developer, and a Debian developer emeritus. His research interests span operating systems, compartmentalization,confidential computing, and more generally systems and security.