| EPSRC Reference: |
EP/X015610/1 |
| Title: |
FlexCap: Exploring Hardware Capabilities in Unikernels and Flexible Isolation OSes |
| Principal Investigator: |
Olivier, Dr P |
| Other Investigators: |
|
| Researcher Co-Investigators: |
|
| Project Partners: |
|
| Department: |
Computer Science |
| Organisation: |
University of Manchester, The |
| Scheme: |
Standard Research |
| Starts: |
01 December 2022 |
Ends: |
30 November 2024 |
Value (£): |
264,072
|
| EPSRC Research Topic Classifications: |
| Computer Sys. & Architecture |
Software Engineering |
|
| EPSRC Industrial Sector Classifications: |
|
| Related Grants: |
|
| Panel History: |
|
|
Summary on Grant Application Form |
In this project, entitled FlexCap, we propose to study the use of Morello's hardware capabilities to provide safety and isolation in Operating Systems (OSes). We propose to enable capability support and evaluate its efficiency in two OSes: FlexOS, a library OS offering a highly-configurable isolation profile that can be customised at build time towards specific use cases; as well as Unikraft, a high-performance/low latency unikernel.
FlexOS allows the user to specialise the isolation/safety strategy of the operating system seamlessly at build time. Several fundamental parameters are customisable, including the granularity of kernel components isolation as well as the hardware mechanism used to enforce that isolation. FlexOS currently supports the Intel Memory Protection Keys and Extended Page Table mechanisms. Porting the OS to Morello would enable to benefit from the efficient compartmentalization brought by capabilities. In particular, the fine-grained memory protection and high degree of scalability resulting from the use of hardware capabilities should increase performance as well as security security, and decrease memory footprint in FlexOS, compared to the other mechanisms currently supported by the OS.
FlexOS is itself an extension of the Unikraft unikernel, so porting FlexOS to Morello will first require porting Unikraft to the platform. Unikraft is a high-performance/low-latency unikernel targeting cloud applications. The high degree of performance it provides is achieved by running the application and the kernel code inside a single, completely unprotected address space. This obviously raises security concerns and porting Unikraft to Morello will allow to explore bringing back safety into high-performance unikernels, leveraging the security benefits brought by the capabilities' ability to provide safe versions of legacy programming languages (i.e. pure/hybrid capabilities).
Finally, we also propose to explore advanced use of capabilities in FlexOS and Unikraft by studying 1) the possibility of incremental porting of Unikraft to pure capabilities and 2) horizontal compartmentalization of FlexOS components.
These two OSes, FlexOS and Unikraft, are unique use cases for the application of Morello's hardware capabilities, and have never been explored in this context. These use cases differ significantly from the two OSes already available in the CHERI/Morello's software ecosystem (CheriBSD and CheriOS). CheriBSD is a general purpose monolithic OS and is unlikely to achieve the high level of performance of Unikraft. It also does not lend itself to flexible isolation like FlexOS. Further, CheriOS is unlikely to offer the same performance and compatibility with existing applications as Unikraft/FlexOS.
|
|
Key Findings |
|
This information can now be found on Gateway to Research (GtR) http://gtr.rcuk.ac.uk
|
|
Potential use in non-academic contexts |
|
This information can now be found on Gateway to Research (GtR) http://gtr.rcuk.ac.uk
|
|
Impacts |
|
| Description |
This information can now be found on Gateway to Research (GtR) http://gtr.rcuk.ac.uk |
| Summary |
|
| Date Materialised |
|
|
|
|
Sectors submitted by the Researcher |
|
This information can now be found on Gateway to Research (GtR) http://gtr.rcuk.ac.uk
|
| Project URL: |
|
| Further Information: |
|
| Organisation Website: |
http://www.man.ac.uk |