In this paper, we propose the first optimum process scheduling algorithm for an increasingly prevalent type of heterogeneous multicore (HEMC) system that combines high-performance big cores and energy-efficient small cores with the same instruction-s
et architecture (ISA). Existing algorithms are all heuristics-based, and the well-known IPC-driven approach essentially tries to schedule high scaling factor processes on big cores. Our analysis shows that, for optimum solutions, it is also critical to consider placing long running processes on big cores. Tests of SPEC 2006 cases on various big-small core combinations show that our proposed optimum approach is up to 34% faster than the IPC-driven heuristic approach in terms of total workload completion time. The complexity of our algorithm is O(NlogN) where N is the number of processes. Therefore, the proposed optimum algorithm is practical for use.
Fuchsia is a new open-source operating system created at Google that is currently under active development. The core architectural principles guiding the design and development of the OS include high system modularity and a specific focus on security
and privacy. This paper analyzes the architecture and the software model of Fuchsia, giving a specific focus on the core security mechanisms of this new operating system.
Virtually indexed and virtually tagged (VIVT) caches are an attractive option for micro-processor level-1 caches, because of their fast response time and because they are cheaper to implement than more complex caches such as virtually-indexed physica
l-tagged (VIPT) caches. The level-1 VIVT cache becomes even simpler to construct if it is implemented as a direct-mapped cache (VIVT-DM cache). However, VIVT and VIVT-DM caches have some drawbacks. When the number of sets in the cache is larger than the smallest page size, there is a possibility of synonyms (two or more virtual addresses mapped to the same physical address) existing in the cache. Further, maintenance of cache coherence across multiple processors requires a physical to virtual translation mechanism in the hardware. We describe a simple, efficient reverse lookup table based approach to address the synonym and the coherence problems in VIVT (both set associative and direct-mapped) caches. In particular, the proposed scheme does not disturb the critical memory access paths in a typical micro-processor, and requires a low overhead for its implementation. We have implemented and validated the scheme in the AJIT 32-bit microprocessor core (an implementation of the SPARC-V8 ISA) and the implementation uses approximately 2% of the gates and 5.3% of the memory bits in the processor core.
Memory-intensive applications, such as in-memory databases, caching systems and key-value stores, are increasingly demanding larger main memory to fit their working sets. Conventional swapping can enlarge the memory capacity by paging out inactive pa
ges to disks. However, the heavy I/O stack makes the traditional kernel-based swapping suffers from several critical performance issues. In this paper, we redesign the swapping system and propose LightSwap, an high-performance user-space swapping scheme that supports paging with both local SSDs and remote memories. First, to avoids kernel-involving, a novel page fault handling mechanism is proposed to handle page faults in user-space and further eliminates the heavy I/O stack with the help of user-space I/O drivers. Second, we co-design Lightswap with light weight thread (LWT) to improve system throughput and make it be transparent to user applications. Finally, we propose a try-catch framework in Lightswap to deal with paging errors which are exacerbated by the scaling in process technology. We implement Lightswap in our production-level system and evaluate it with YCSB workloads running on memcached. Results show that Ligthswap reduces the page faults handling latency by 3--5 times, and improves the throughput of memcached by more than 40% compared with the stat-of-art swapping systems.
Developing an operating system (OS) for low-end embedded devices requires continuous adaptation to new hardware architectures and components, while serviceability of features needs to be assured for each individual platform under tight resource const
raints. It is challenging to design a versatile and accurate heterogeneous test environment that is agile enough to cover a continuous evolution of the code base and platforms. This mission is even morehallenging when organized in an agile open-source community process with many contributors such as for the RIOT OS. Hardware in the Loop (HiL) testing and Continuous Integration (CI) are automatable approaches to verify functionality, prevent regressions, and improve the overall quality at development speed in large community projects. In this paper, we present PHiLIP (Primitive Hardware in the Loop Integration Product), an open-source external reference device together with tools that validate the system software while it controls hardware and interprets physical signals. Instead of focusing on a specific test setting, PHiLIP takes the approach of a tool-assisted agile HiL test process, designed for continuous evolution and deployment cycles. We explain its design, describe how it supports HiL tests, evaluate performance metrics, and report on practical experiences of employing PHiLIP in an automated CI test infrastructure. Our initial deployment comprises 22 unique platforms, each of which executes 98 peripheral tests every night. PHiLIP allows for easy extension of low-cost, adaptive testing infrastructures but serves testing techniques and tools to a much wider range of applications.
Secure Computation (SC) is a family of cryptographic primitives for computing on encrypted data in single-party and multi-party settings. SC is being increasingly adopted by industry for a variety of applications. A significant obstacle to using SC f
or practical applications is the memory overhead of the underlying cryptography. We develop MAGE, an execution engine for SC that efficiently runs SC computations that do not fit in memory. We observe that, due to their intended security guarantees, SC schemes are inherently oblivious -- their memory access patterns are independent of the input data. Using this property, MAGE calculates the memory access pattern ahead of time and uses it to produce a memory management plan. This formulation of memory management, which we call memory programming, is a generalization of paging that allows MAGE to provide a highly efficient virtual memory abstraction for SC. MAGE outperforms the OS virtual memory system by up to an order of magnitude, and in many cases, runs SC computations that do not fit in memory at nearly the same speed as if the underlying machines had unbounded physical memory to fit the entire computation.
The security of a computer system depends on OS kernel protection. It is crucial to reveal and inspect new attacks on kernel data, as these are used by hackers. The purpose of this paper is to continue research into attacks on dynamically allocated d
ata in the Windows OS kernel and demonstrate the capacity of MemoryRanger to prevent these attacks. This paper discusses three new hijacking attacks on kernel data, which are based on bypassing OS security mechanisms. The first two hijacking attacks result in illegal access to files open in exclusive access. The third attack escalates process privileges, without applying token swapping. Although Windows security experts have issued new protection features, access attempts to the dynamically allocated data in the kernel are not fully controlled. MemoryRanger hypervisor is designed to fill this security gap. The updated MemoryRanger prevents these new attacks as well as supporting the Windows 10 1903 x64.
Development, deployment and maintenance of networked software has been revolutionized by DevOps practices, which boost system software quality and agile evolution. However, as the Internet of Things (IoT) connects low-power, microcontroller-based dev
ices which take part in larger distributed cyberphysical systems, such low-power IoT devices are not easy to integrate in DevOps workflows. In this paper, we contribute to mitigate this problem by designing Femto-Containers, a new hardware-independent mechanism which enable the virtualization and isolation of software modules embedded on microcontrollers, using an approach extending and adapting Berkeley Packet Filters (eBPF). We implement a Femto-Container hosting engine, which we integrate in a common low-power IoT operating system (RIOT), and is thus enhanced with the ability to start, update or terminate Femto-Containers on demand, securely over a standard IPv6/6LoWPAN network. We evaluate the performance of Femto-Containers in a variety of use cases. We show that Femto-Containers can virtualize and isolate multiple software modules executed concurrently, with very small memory footprint overhead (below 10%) and very small startup time (tens of microseconds) compared to native code execution. We carry out experiments deploying Femto-Containers on a testbed using heterogeneous IoT hardware based on the popular microcontroller architectures Arm Cortex-M, ESP32 and RISC-V. We show that compared to prior work on software-based low-power virtualization and isolation, Femto-Containers offer an attractive trade-off in terms of memory footprint, energy consumption, and security. The characteristics of Femto-Containers satisfy both the requirements of software modules hosting high-level logic coded in a variety of common programming languages, and the constraints of low-level debug snippets inserted on a hot code path.
We propose PAIO, the first general-purpose framework that enables system designers to build custom-made Software-Defined Storage (SDS) data plane stages. It provides the means to implement storage optimizations adaptable to different workflows and us
er-defined policies, and allows straightforward integration with existing applications and I/O layers. PAIO allows stages to be integrated with modern SDS control planes to ensure holistic control and system-wide optimal performance. We demonstrate the performance and applicability of PAIO with two use cases. The first improves 99th percentile latency by 4x in industry-standard LSM-based key-value stores. The second ensures dynamic per-application bandwidth guarantees under shared storage environments.
This paper presents GearV, a two-gear lightweight hypervisor architecture to address the some known challenges. By dividing hypervisor into some partitions, and dividing scheduling policies into Gear1 and Gear2 respectively, GearV creates a consolida
ted platform to run best-effort system and safety-critical system simultaneously with managed engineering effort. The two-gears architecture also simplifies retrofitting the virtualization systems. We believe that GearV can serves as a reasonable hypervisor architecture for the mix-critical IoT systems.
