VUOS: Give Your Processes a New VU
This is a modal window.
The media could not be loaded, either because the server or network failed or because the format is not supported.
Formal Metadata
| Title |
| |
| Title of Series | ||
| Number of Parts | 490 | |
| Author | ||
| License | CC Attribution 2.0 Belgium: You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor. | |
| Identifiers | 10.5446/47498 (DOI) | |
| Publisher | ||
| Release Date | ||
| Language |
Content Metadata
| Subject Area | ||
| Genre | ||
| Abstract |
|
FOSDEM 2020305 / 490
4
7
9
10
14
15
16
25
26
29
31
33
34
35
37
40
41
42
43
45
46
47
50
51
52
53
54
58
60
64
65
66
67
70
71
72
74
75
76
77
78
82
83
84
86
89
90
93
94
95
96
98
100
101
105
106
109
110
116
118
123
124
130
135
137
141
142
144
146
151
154
157
159
164
166
167
169
172
174
178
182
184
185
186
187
189
190
191
192
193
194
195
200
202
203
204
205
206
207
208
211
212
214
218
222
225
228
230
232
233
235
236
240
242
244
249
250
251
253
254
258
261
262
266
267
268
271
273
274
275
278
280
281
282
283
284
285
286
288
289
290
291
293
295
296
297
298
301
302
303
305
306
307
310
311
315
317
318
319
328
333
350
353
354
356
359
360
361
370
372
373
374
375
379
380
381
383
385
386
387
388
391
393
394
395
397
398
399
401
409
410
411
414
420
421
422
423
424
425
427
429
430
434
438
439
444
449
450
454
457
458
459
460
461
464
465
466
468
469
470
471
472
480
484
486
487
489
490
00:00
Process (computing)View (database)Virtual machinePhysical systemDifferent (Kate Ryan album)Square numberSystem administratorWeightProcess (computing)View (database)WebsiteRight angleUniverse (mathematics)NamespacePhysical lawVideoconferencingMultiplication signSpacetimePermutationCanonical ensembleCycle (graph theory)Data storage deviceSummierbarkeitMultitier architectureQuicksortInternet service providerOperator (mathematics)Computer programmingSemiconductor memoryConditional-access moduleSystem callComputer fileComputer iconThermodynamischer ProzessSoftware bugKernel (computing)VirtualizationOperating systemComputer animation
03:35
Installable File SystemStack (abstract data type)Virtuelles NetzPatch (Unix)Operator (mathematics)SubsetSummierbarkeitProgram slicingArithmetic meanType theoryPhysical systemPresentation of a groupReverse engineeringCartesian coordinate systemEntire functionPhysical lawMultiplication signProcess (computing)Service (economics)WeightMedical imagingSpacetimeMathematicsContent (media)MiniDiscSoftwareKernel (computing)Different (Kate Ryan album)Keyboard shortcutComputer fileData miningFile systemResultantWritingAsynchronous Transfer ModeComputer animation
06:11
RootLoginPhysical systemEndliche ModelltheorieDataflowMetropolitan area networkGraph coloringCAN busVideo gameError messageVirtual machineView (database)WindowComputer fileModule (mathematics)File systemType theoryComputer animation
08:42
RootView (database)Total S.A.Time travelFile systemVirtual machineComputer animation
09:07
GeometryBlock (periodic table)Local GroupTable (information)File systemComputer fileProcess (computing)Virtual machineSystem administratorPhysical systemMultiplication signInternet forumOffice suiteMiniDiscBitComputer animation
10:35
Convex hullMathematical singularityComputer configurationOnline helpMiniDiscBootingSign (mathematics)AreaPartition (number theory)Social classMultiplication signPhysical lawMassMedical imagingVirtualizationModule (mathematics)File systemLoop (music)MiniDiscExecution unitRootComputer clusterPiWebsiteFrustrationComputer virusSoftwareComputer animation
12:53
Communications protocolDefault (computer science)Local GroupLink (knot theory)Loop (music)Tablet computerVideoconferencingLine (geometry)Session Initiation ProtocolLocal ringInterface (computing)Virtual realityNeuroinformatikSoftwareStack (abstract data type)Endliche ModelltheorieSoftware developerStapeldateiDemo (music)Asynchronous Transfer ModeVirtual machineHash functionNumberDifferent (Kate Ryan album)Client (computing)Order (biology)Address spaceMultiplication signStandard deviationIntegrated development environmentPlanningAxiom of choiceOpen setPressureExecution unitComputer animation
15:46
Loop (music)Communications protocolMultiplication signVirtual machineComputer animation
16:08
Programmable read-only memoryProcess (computing)Multiplication signShared memoryVideo gameVirtual machinePhysical systemMarginal distributionComputer fileView (database)Computer animation
17:28
View (database)Arithmetic meanProcess (computing)Water vaporThermodynamischer ProzessComputer animation
18:02
Installable File SystemStack (abstract data type)Virtuelles NetzPatch (Unix)Computer fontHypermediaLink (knot theory)MultiplicationBroadcasting (networking)Visualization (computer graphics)Process (computing)Compilation albumModule (mathematics)Hash functionAxiom of choiceWrapper (data mining)Demo (music)Slide ruleCAN busAxiom of choiceRAIDCASE <Informatik>Multiplication signForcing (mathematics)Computer-assisted translationPhysical systemComputer virusSpacetime9 (number)System callProjective planeMetropolitan area networkCartesian coordinate systemFamilyEstimator3 (number)ImplementationProcess (computing)Group actionTrailPosition operatorPoint (geometry)Service (economics)SoftwareMereologyView (database)Semiconductor memoryInterface (computing)Graph coloringEndliche ModelltheorieSampling (statistics)CodeComputer fileFunctional (mathematics)Table (information)WritingResultantOrder (biology)Parameter (computer programming)Buffer solutionModule (mathematics)Wrapper (data mining)Thermodynamischer ProzessVirtualizationReading (process)Overlay-NetzData structureKernel (computing)File systemThread (computing)Computer animationSource code
24:34
WikiInformationSquare numberVirtual realityRepository (publishing)Virtuelles NetzVirtual machineMiniDiscComputer-generated imageryInstallation artSign (mathematics)Physical systemKernel (computing)Medical imagingProjective planeCodeView (database)Scripting languageWikiMiniDiscSet (mathematics)Condition numberPoint (geometry)Artificial neural networkSystem callCASE <Informatik>Time travelPlanningAuthorizationWater vaporUltraviolet photoelectron spectroscopyComputer animation
26:46
Visualization (computer graphics)Process (computing)Compilation albumModule (mathematics)Axiom of choiceHash functionWrapper (data mining)Physical systemDecision theorySystem callMereologyComputer fileKernel (computing)Process (computing)Multiplication signOpen setReal numberPurchasingForcing (mathematics)Pairwise comparisonGraph coloringIntelComputer animation
28:49
Point cloudOpen source
Transcript: English(auto-generated)
00:05
So, I come from Bologna. I'm at the University of Bologna, and this icon here is virtual square, which is a team which is developing solutions,
00:22
tools, ideas in the field of virtualization. VUS, give your processes a new view. VUS, it's not an acronym, it must sound like VU.
00:41
So, which is the point? What a process can view? A process running on an operating system is able by itself to execute the machine operations,
01:01
is able by itself to access its own memory, but everything else must be obtained through system codes. So, the environment, the view, the panorama that the process is seeing outside its world,
01:24
it's given by the answer, by the reply that the system calls gives it back. Okay. So, namespaces in
01:41
the kernel are ways to provide processes with different views, different views on a file system, different views on networking, different views on the process IDs, user ID, or whatever. What we are designing with VUS is something similar,
02:07
but completely running in user space with just user permissions without the need to be rude.
02:21
This can reduce dramatically the tax face, because we don't use a namespace feature in the kernel. So, you can imagine to run a kernel with a namespace that's disabled,
02:42
and at the same time, we provide the solutions that are available to standard users. Nowadays, it happens so often that solutions, tools are provided for system administrators.
03:03
But that means that it's another way to enlarge the tax face as faulty programs, bugs can create damages to the system.
03:24
So, what the idea starts, the idea comes from a need. Why it is not possible for a user to mount a file system?
03:46
If I have a file system image, it's a file of mine. So, mounting a file system image and changing the contents of the files,
04:01
including that file system image once mounted, is just a sophisticated editing of a file of yours. Why is it forbidden in a standard system? Just because the idea of mount is an idea of a global operation of the system.
04:26
This operation either is provided as a global operation, as in the past, or it's provided just to a subset of processes, but by the kernel in these spaces. Instead, it must be possible to mount file systems as users.
04:49
In this presentation, I want to show you first what and why, and then at the end, how, the reverse way around.
05:04
So, with other applications, I can need a virtual device. So, I want to create a RAM disk for my application. So, if it's a RAM disk for my application, why I need to pre-root, why I need to need the kernel services,
05:26
or I want to use a different network stack, or I want to see a file which is here, there, like the bind mount, or I want to remount the entire file system in car mode, in copy and write mode.
05:50
I want to change the name, the time, the user ID, whatever, but I want to do everything in user space, user permission.
06:02
So, instead of, I have slides with demo, but I prefer to provide you with a demo result. Here, I have a file system image.
06:32
I would like to do this, because this is the natural way to mount a file system.
06:44
Actually, not from the kernel, and this is an error of the tool. It's the mount tool that say you're not root, this is an error of the tool. But even if you try to call the system call, you get the error.
07:02
How can you do that? You start a UIS machine. This window is running inside the machine. Again, if I try to mount this, I get the error.
07:30
But if I add the module to provide the file system virtualization,
07:43
and mount this just saying the type of a system, and as I work around to the mount common error, I have to use view mount,
08:01
which is a mount, you can use view mount to mount everything else, but it tries the system call. What is nice about live? The problem is that now I have mounted the file system,
08:32
but just for this. Actually, this is mounted,
08:42
but this is another file system, as you can see. So I've mounted my file system over there. This is just an example. Let us start another virtual machine.
09:08
I have here some comments to be. This time, if I can pick up the common, I add two modules.
09:26
One is for virtual devices, one is for virtual files. And with this command, I create a virtual device named devramdisk,
09:42
which is a ramdisk 100 megabyte large. So as a user, I can create a file system on the ramdisk. Then I can mount the file system,
10:05
and now on slash mount, I have the new file system which is into the ramdisk. I want to point out that I'm using the commands that I'd use as an ordinary system administrator
10:23
outside the virtual machine. So one of the goal of the process is to use the natural commands to do what you need. Let us go further.
10:41
This is a common problem I had. I always forget the comments to loop mount partition of file system units. For example, if you have a Raspberry Pi, the image has two partitions.
11:01
If you want to mount one partition to change one file, it is a mess. And second, you need to be root. Now I'm showing you how to access the partition of a Raspberry Pi image as a user. So again, I add the two modules.
11:27
Now I use another virtual device module, which is Partix. And you can see that an image I've just downloaded from the Raspberry Pi site.
11:42
And now I have in slash dev slash stx my disk. So I can, okay, I'm not root, so I need,
12:05
you can see the partitions. Okay, and given there are stx one, stx two, I can mount stx two. So I can mount the second partition.
12:26
Here I have the root partition of the Raspberry Pi. I could change the Pi, do whatever I want.
12:40
Or let's continue. Okay, now let us play with another toy. Networking, the model for networking is ViewNet.
13:04
Now, let me try, okay. Let's try this experiment. This is quite a new development.
13:22
It's already unstable, but I wanna, this is a development I have created together with the new camera.
13:40
This is a PicoTCP as a user mode stack in Vue OS. And given that the PicoTCP is connected to VD networking, I've used it at the networking interface Slurp,
14:02
which is the tool I use by virtual machines to provide user provided networks. Now, we provide in Vue OS different stacks
14:20
at the same time in order to change to decide. And you can see I've mounted the stack in DevNet PicoX. In order to say, I wanna use that network because now I have my, here I have my interfaces. But if I say, Vue stack, I open a batch.
14:47
And in this batch, I have the PicoTCP interfaces. It's a choice, PicoTCP uses a hash EDs,
15:02
so it's quite different from standard networking because usually you have the name, the number of the interfaces, zero, one, we have there. But now I can self-configure the network using a standard DHCP client.
15:23
Okay, now I've got the address. And again, this is my machine, my computer in Bologna. I've used the stack in the virtual environment.
15:45
Okay, final demo. This is the current time.
16:02
Now I can start a Vue OS machine. And now I start another sub-module, MISH, and this time, and I start another clock.
16:28
Now I mount, let me move this clock, which is,
16:40
now I mount the module, Vumish time in mount. And it is like a Prose file system. So mount contains some fake files. And I can use this to change the view
17:02
of the process regarding time. For example, if I put two in mount frequency, as you can see, we have relativistic machines. So the time in the virtual machine
17:20
runs twice as fast as the time in the normal life. Okay, so as you can see, the idea of Vue OS is providing means to provide the processes with the view we need to solve problems.
17:42
So we have started from the solution. We have started from what is useful. Now I can show you,
18:02
okay, all the demos I've done now are in the slides so you can test by yourself if you like all the demos after the talk. This is the structure of OMVue,
18:22
which is an implementation of Vue OS. We can provide further implementation in the future. There are processes in the user space, and we use system call interposition
18:41
to decide which system calls, but we must be forwarded to the kernel in case you are accessing part of the system which are real. Or the system calls are completely implemented
19:04
in the hypervisor code. In order to achieve the better results with parallelism, we use a technique
19:21
that we have named Guardian Angels. So each process running in the user space has in the hypervisor a thread which is providing the virtualization for that thread or process. So each process in the user space
19:41
has a Guardian Angel thread in the hypervisor. So if a process runs in open, the Guardian Angel tries to see if the path is in a real or in a virtual part.
20:02
If it's a real part, it simply says the process forward the call to the kernel. Otherwise, the Guardian Angel and the model choice is for the choice of virtual or real,
20:21
and in case it's virtual, it returns the module which is responsible for the virtualization. So the system call, there are wrappers that get from the user memory all the parameter what is needed
20:41
to perform the virtualization, and the system call is forwarded to the module. We have seen in the demos Fuse, DevNet, and the implementation of file system, networking or devices or whatsoever,
21:03
really perform the actual action to have the result. I have two points to note now. One is, I have created a virtual device,
21:27
and inside the virtual device, a virtual file system. So this was a nested virtualization. So try to think that we open a file in the virtual file system.
21:43
That call is forwarded to refuse for the virtualization of the file system. How can we achieve the virtualization of device on this? The hypervisor uses a self-virtualization method.
22:04
Pure Lipsy is an overlay on Lipsy that is able to grab, to catch, all the system calls generated by the process itself.
22:24
So even the read or write from refuse is returned to the choice function. And if it sees that there is a further virtualization in place, it calls the, in this case, the device virtualizer,
22:45
and the, for example, for the RAM disk, and it provides the correct answer. Let me point out that the interface to the modules is clean, simple, let me see, kiss.
23:04
Keep it simple and stupid. The modules receive just the system calls. So if there is a read here, read file descriptor, buffer length,
23:21
over there, the module receives a read file descriptor, buffer length. Okay, so a module is simply created by registering the service to the hash table.
23:47
So one module can register, I am responsible for this sub-tree of the file system, or I am responsible for that file, or I am responsible for the data's family,
24:00
I am responsible for the other system call. And then it has to provide the implementation of the system call. If somebody want to access that kind of file, so there is a read, what must be the answer?
24:23
That's all. Okay, I have no time to show the code, but everything is available. We have a wiki site,
24:42
we are redesigning the wiki site, the most important. Here is the set of repositories, and there is actually an infrastructure for a tutorial.
25:03
We provide a disk image and scripts to make it easy for whoever want to try the tools,
25:20
to have the whole infrastructure ready to perform the experiments I've done five minutes ago. So feel free and please download the image, try the tools, and if you like, if you want to participate,
25:41
the project is open to all contributions. Thank you. How do you compare a view with a Jeevizer or a user-mode Linux?
26:04
Sorry? How do you compare Jeevizer with a Jeevizer? User-mode Linux, I compare user-mode Linux to the OS or UMU. User-mode Linux creates a complete virtual machine, so it puts an entire kernel.
26:22
We don't put anything, we just put the system in a condition to grab the system code and divert the execution of the system code to modules if required. So two points.
26:51
We use BFS to accelerate the grabbing the system call catching.
27:03
Now we can do just avoiding the second call. Each time a system call is grabbed by Ptrace, you receive two calls, one before and one after.
27:21
So using BPF now we can avoid the second call, whether the system call is completely real or completely virtual. We have a system calls that are at the same time real and virtual, for example, open. We have a virtual open, but at the same time
27:41
we force the process to make a real open because we have to allocate the file descriptor. We would like to offload many parts
28:05
of the decision process in the kernel, but we would need the eBPF which is a comp, which is a long discussion in the Linux kernel in English. So if you're interested and you like the approach,
28:23
I help us to convince the Linux kernel in English to add the eBPF for the sec comp system call.
28:44
Thank you.