Ethos - An Operating system for the Xen hypervisor
Satya Popuri
Graduate Student
University of Illinois at Chicago
Chicago, IL 60607
spopur2 [at] uic [dot] edu
Introduction
A hypervisor (or a Virtual Machine Monitor) is a piece of software that allows multiple operating systems to run at the same time on a computer. We are developing a new OS targeted to run on the Xen hypervisor at the center for RITES, UIC. The motivation for such a system is to pioneer a new secure system call interface with clean semantics that helps to reduce/eliminate programmer induced bugs/security holes in system software. My advisor (Prof. Jon Solworth) believes that the POSIX interface, created over 30 years ago when security was far less of a concern, has to be given up even at the price of breaking compatibility with existing software. He calls this ``Systems Discontinuity''. See [Sol07] for more information (currently accessible to UIC students and staff only).
Although I am interested in security, my main motivation for paticipating in this project at this time is all the cool hacking required to put together a basic OS kernel that can support process address spaces and preemtive scheduling. The Ethos kernel will use the Hypercall interface provided by the Xen hypervisor to execute previleged instructions.
A Plan for Ethos architecture
We do not want to deal with writing device drivers, file systems and networking at this early stage of Ethos. We still want a basic kernel that supports processes and a system call interface. This will suffice to evaluate the new secure system calls we'd be trying out. To couter the lack of such important components, Prof. Solworth has come up with a ``Paired-OS'' design that looks like this:
-----------------------------
| Ethos <--|--> Linux |
----------------------------
| XEN |
-----------------------------
Both Ethos and Linux are shown running on top of Xen. Ethos will delegate all file system, networking and device driver work to a Dom0/DomU Linux kernel. The rest of the tasks are handled within Ethos.
Mini-OS
Mini-OS is a small OS kernel distributed with the Xen hypervisor source code. (You can find in extras/Mini-OS). It demonstrates the initial boot up sequence and page table setup required by any kernel written to run on top of Xen. We have studied this code and documented some of the basic parts. I am working on extending this code to support process virtual address spaces, a slab allocator (or the more recent SLUB allocator), and page table management.
Read my tour of the Mini-OS kernel
Watch this space!
The Ethos virtual memory manager is going to resemble the Linux 2.6 VM closely, except that it will be much simpler - No NUMA, no Vmalloc area, no High memory (we are targeting 64 bit systems), and no complicated page fault handler at this time (we are not planning on doing disk swapping yet). It will be an interesting chainsaw jon on the Linux VM and will demonstrate how to write a very basic memory manager. I will document the entire project once I'm through with it. Keep a look out for the upcoming documentation!