Presentation is loading. Please wait.

Presentation is loading. Please wait.

Light-weight Contexts: An OS Abstraction for Safety and Performance

Published byMadeline Owens Modified over 6 years ago

Similar presentations

Presentation on theme: "Light-weight Contexts: An OS Abstraction for Safety and Performance"— Presentation transcript:

1 Light-weight Contexts: An OS Abstraction for Safety and Performance
Landon Cox February 19, 2018

2 What is a process? Informal Formal A program in execution
Running code + things it can read/write Process ≠ program Formal ≥ 1 threads in their own address space (soon threads will share an address space)

3 Parts of a process Thread Address space
Sequence of executing instructions Active: does things Address space Data the process uses as it runs Passive: acted upon by threads

4 Play analogy Process is like a play performance
Program is like the play’s script What are the threads? Threads What is the address space? Address space

5 Threads that aren’t running
What is a non-running thread? thread=“sequence of executing instructions” non-running thread=“paused execution” Must save thread’s private state To re-run, re-load private state Want thread to start where it left off

6 Thread control block (TCB)
What needs to access threads’ private data? The CPU This info is stored in the PC, SP, other registers The OS needs pointers to non-running threads’ data Thread control block (TCB) Container for non-running threads’ private data Values of PC, code, SP, stack, registers

7 Thread control block TCB1 TCB2 TCB3 Thread 1 running Ready queue PC SP
Address Space TCB1 PC SP registers TCB2 PC SP registers TCB3 PC SP registers Ready queue Code Code Code Stack Stack Stack Thread 1 running CPU PC SP registers

8 Thread control block TCB2 TCB3 Thread 1 running Ready queue PC SP
Address Space TCB2 PC SP registers TCB3 PC SP registers Ready queue Code Stack Stack Stack Thread 1 running CPU PC SP registers

9 Switching threads What needs to happen to switch threads?
Thread returns control to scheduler For example, via timer interrupt Scheduler chooses next thread to run Scheduler saves state of current thread To its thread control block Scheduler loads context of next thread From its thread control block Jump to PC in next thread’s TCB

10 Kernel vs user threads Kernel threads User threads
Scheduler and queues reside in the kernel User threads Scheduler and queues reside in user space

11 (same for all processes) (different for every process)
32-bit address space 4GB Kernel data (same for all processes) 3GB (0xc ) User data (different for every process) 0GB Virtual memory

12 Where is the interrupt handler code?
Switching threads Virtual memory 4GB 3GB 0GB Where is the interrupt handler code? In the kernel

13 Switching threads 4GB 3GB 0GB Virtual memory SP Interrupt-handler code
PC On which stack is the IRQ handled? A kernel stack 0GB

14 Switching threads 4GB 3GB 0GB Virtual memory SP Interrupt-handler code
PC Where are the threads’ stacks? In user space 0GB

15 Switching threads 4GB 3GB 0GB Virtual memory SP Interrupt-handler code
PC Where are the threads’ stacks? In user space 0GB

16 Switching threads 4GB 3GB 0GB Virtual memory SP Interrupt-handler code
PC So far, everything is the same for user-level and kernel threads 0GB

17 Kernel threads Scheduler code Handler code For kernel threads,
the thread scheduler and TCB queues are in the kernel Interrupt-handler code Handler code TCB

18 Kernel threads Scheduler code Handler code Interrupt-handler code
Where is the lock/cv code? Interrupt-handler code Handler code TCB

19 Kernel threads Scheduler code Synchron. code Handler code
Where is the lock/cv code? Handler code Interrupt-handler code TCB Also, in the kernel

20 User-level threads Handler code Interrupt-handler code
For user-level threads, the thread scheduler and queues are in user space Handler code Interrupt-handler code TCB Scheduler code

21 User-level threads Handler code Interrupt-handler code
Where is the lock/cv code? Interrupt-handler code Handler code Also, in the user space TCB Scheduler code Synchron. code

22 Switching to a new user-level thread

23 User-level threads Handler code Interrupt-handler code Scheduler code
SP PC TCB Scheduler code Thread running user code Synchron. code Program code

24 Interrupt-handler code
User-level threads SP Interrupt-handler code Handler code PC Timer interrupt! TCB Scheduler code Synchron. code Program code

25 Yes, CPU stores this on kernel stack
User-level threads SP Interrupt-handler code Handler code PC Does the kernel know where user left off? TCB Scheduler code Synchron. code Yes, CPU stores this on kernel stack Program code

26 Depends on meaning of the timer …
User-level threads SP Interrupt-handler code Handler code PC What does kernel do next? TCB Scheduler code Synchron. code Depends on meaning of the timer … Program code

27 Kernel delivers signal to process
User-level threads SP Interrupt-handler code Handler code PC Assuming it’s a signal for the process? TCB Scheduler code Synchron. code Kernel delivers signal to process Program code

28 Interrupt-handler code
User-level threads SP Interrupt-handler code Handler code PC To deliver a signal to user code: make it look like a forced function call to signal handler. TCB Scheduler code Synchron. code Program code

29 User-level threads SP Handler code Interrupt-handler code PC
Where is the process’s timer signal handler? TCB Scheduler code Synchron. code In scheduler code (e.g., yield) Program code

30 Stack of interrupted thread
User-level threads SP Interrupt-handler code Handler code PC On what stack should the scheduler code run? TCB Scheduler code Synchron. code yield Stack of interrupted thread Program code

31 Stack of interrupted thread
User-level threads PC Interrupt-handler code Handler code SP On what stack should the scheduler code run? TCB Scheduler code Synchron. code yield Stack of interrupted thread Program code

32 No, it’s only aware of interrupted one
User-level threads PC Interrupt-handler code Handler code SP Could the kernel transfer control to any other thread? TCB Scheduler code Synchron. code yield No, it’s only aware of interrupted one Program code

33 Switching to a new kernel thread

34 Kernel threads Scheduler code Synchron. code Handler code
Interrupt-handler code Handler code SP TCB PC Thread running user code Program code

35 Interrupt-handler code
Kernel threads Scheduler code Synchron. code SP Interrupt-handler code Handler code PC TCB Timer interrupt! Program code

36 Any thread. Kernel aware of all of them
Kernel threads Scheduler code Synchron. code SP Handler code Interrupt-handler code PC TCB Which thread could run next? Any thread. Kernel aware of all of them Program code

37 Advantages of user-level threads
Synchronization primitives are just a function call Why are kernel threads more expensive? Accessing thread management must cross kernel boundary CPU protection checks, argument checks, handler dispatch, etc. Switching back to thread also crosses kernel boundary For user threads, easy to tune scheduling policy to application Why is this harder for kernel threads? All processes share the same scheduler Per-process policies require wider, more complex API

38 Advantage of kernel threads
SP Interrupt-handler code Handler code PC Which thread could run next? TCB Scheduler code Synchron. code Only the one that was interrupted Program code

39 Advantage of kernel threads
SP Interrupt-handler code Handler code PC Why might we be unable to run the interrupted thread? TCB Scheduler code Synchron. code Thread could have made a blocking system call Program code

40 Advantage of kernel threads
SP Interrupt-handler code Handler code PC TCB Scheduler code Synchron. code Program code

41 Advantage of kernel threads
SP Interrupt-handler code Handler code PC Why is this wasteful? TCB Scheduler code Synchron. code There are other threads that could run! Kernel doesn’t know they exist Program code

42 Parts of a process (revised)
Thread Sequence of executing instructions Active: does things Address space Data the process uses as it runs Passive: acted upon by threads File descriptors Communication channels (e.g., files, sockets, pipes) Passive: read-from/written-to by threads

43 Parts of a process (revised)
Thread 1 Thread 2 Page table File descriptors Stack 1 Stack 2 Readable pages Writable pages TCP socket Open file Each thread has its own stack, but everything else is shared: same pages, file descriptors

44 Parts of a process (revised)
Threads are not well isolated from each other. Process Thread 1 Thread 2 Page table File descriptors Stack 1 Stack 2 Readable pages Writable pages TCP socket Open file Threads can run in parallel on different cores.

45 Parts of a process (revised)
Thread 1 Thread 2 Page table File descriptors Stack 1 Stack 2 Readable pages Writable pages TCP socket Open file If one thread fails, entire process fails.

46 Parts of a process (revised)
Thread 2 Page table File descriptors Stack 1 Stack 2 Readable pages Writable pages TCP socket Open file Compromising a thread, compromises all data.

47 Parts of a process (revised)
Thread 2 Stack 1 Stack 2 Readable pages Writable pages TCP socket Open file Compromising a thread, compromises all data.

48 Parts of a process (revised)
Thread 2 Stack 1 Stack 2 Readable pages Writable pages TCP socket Open file See: heartbleed, cloudbleed, etc.

49 Heartbleed

50 Heartbleed bug Nasty bug in OpenSSL implementation
Made public by Google in April, 2014 “A missing bounds check in the handling of the TLS heartbeat extension.” What is a heartbeat message? A small message to check if machine is alive (like in Raft) In SSL, keeps peers from needlessly renegotiating keys

51 Heartbleed bug Sequence number + random num struct {
HeartbeatMessageType type; uint16 payload_length; opaque payload[HeartbeatMessage.payload_length]; opaque padding[padding_length]; } HeartbeatMessage; buffer = OPENSSL_malloc( payload + padding); Created for response Payload length (up to 0xFFFF) Padding length

52 Heartbleed bug

53 Parts of a process (revised)
Thread 1 Thread 2 Page table File descriptors Stack 1 Stack 2 Readable pages Writable pages TCP socket Open file How do we normally isolate tasks?

54 Parts of a process (revised)
Thread Page table File descriptors Stack Readable pages Writable pages TCP socket Open file Separate processes!

55 Example: Chrome browser

56 Separate processes What has to happen to switch processes?
Trap to the kernel (either by syscall or interrupt) Kernel chooses next process to run Point PTBR to page table of next process to run Flush the TLB Set mode to user Jump to next process Lightweight Contexts (lwCs) Want isolation provided by processes But with faster, easier switching than processes

57 Processes vs lwCs Processes Fork Exec lwCs Create Switch
Create identical copy of vm Use CoW for isolation New process w/ new PID New process now schedulable Exec Launch new program Overwrite existing vm lwCs Create Create identical copy of vm New lwC shares PID w/ parent No execution until switch Simple way to snapshot state Switch Similar to thread yield Switch back resumes at call Restrict, overlay, syscall Define sharing between parent, child Trap syscalls from child in parent Key differences: Processes are scheduled by kernel lwCs are enabled by user code Threads execute w/i an lwC

58 Example 1 Snapshot and rollback
Want to process requests from same state Rollback to eliminate residue from other requests Isolate influence of requests on each other Initial lwC Process starts in main

59 Server initializes its state
Example 1 Snapshot and rollback Want to process requests from same state Rollback to eliminate residue from other requests Isolate influence of requests on each other Initial lwC Server initializes its state

60 Server creates a snapshot
Example 1 Snapshot and rollback Want to process requests from same state Rollback to eliminate residue from other requests Isolate influence of requests on each other Initial lwC Server creates a snapshot

61 new stores copy (CoW) of current lwC
Example 1 Snapshot and rollback Want to process requests from same state Rollback to eliminate residue from other requests Isolate influence of requests on each other Initial lwC snap lwC new stores copy (CoW) of current lwC

62 caller is -1 for now (until new is switched to)
Example 1 Snapshot and rollback Want to process requests from same state Rollback to eliminate residue from other requests Isolate influence of requests on each other Initial lwC snap lwC caller is -1 for now (until new is switched to)

63 Example 1 Snapshot and rollback
Want to process requests from same state Rollback to eliminate residue from other requests Isolate influence of requests on each other Initial lwC snap lwC return new as snapshot

64 Keep ref to snap so that we can go back.
Example 1 Snapshot and rollback Want to process requests from same state Rollback to eliminate residue from other requests Isolate influence of requests on each other Initial lwC snap lwC Keep ref to snap so that we can go back.

65 Example 1 Snapshot and rollback
Want to process requests from same state Rollback to eliminate residue from other requests Isolate influence of requests on each other Initial lwC snap lwC Process request.

66 Now want to use snap to return to initial state.
Example 1 Snapshot and rollback Want to process requests from same state Rollback to eliminate residue from other requests Isolate influence of requests on each other Initial lwC snap lwC Now want to use snap to return to initial state.

67 Where will switching to snap return thread to?
Example 1 Snapshot and rollback Want to process requests from same state Rollback to eliminate residue from other requests Isolate influence of requests on each other Initial lwC snap lwC Where will switching to snap return thread to?

68 Switching to snap brings us back to create.
Example 1 Snapshot and rollback Want to process requests from same state Rollback to eliminate residue from other requests Isolate influence of requests on each other Initial lwC snap lwC Switching to snap brings us back to create.

69 Example 1 Snapshot and rollback
Want to process requests from same state Rollback to eliminate residue from other requests Isolate influence of requests on each other Initial lwC snap lwC What is the current lwC?

70 What are the values of caller and new?
Example 1 Snapshot and rollback Want to process requests from same state Rollback to eliminate residue from other requests Isolate influence of requests on each other Initial lwC snap lwC What are the values of caller and new?

71 state from processed request
Example 1 Snapshot and rollback Want to process requests from same state Rollback to eliminate residue from other requests Isolate influence of requests on each other snap lwC Close caller to delete state from processed request

72 Example 1 Snapshot and rollback
Want to process requests from same state Rollback to eliminate residue from other requests Isolate influence of requests on each other snap lwC What is the current lwC?

73 Why recursively call snapshot?
Example 1 Snapshot and rollback Want to process requests from same state Rollback to eliminate residue from other requests Isolate influence of requests on each other snap lwC Why recursively call snapshot?

74 new stores copy (CoW) of current lwC
Example 1 Snapshot and rollback Want to process requests from same state Rollback to eliminate residue from other requests Isolate influence of requests on each other snap’ lwC snap lwC new stores copy (CoW) of current lwC

75 caller is -1 for now (until new is switched to)
Example 1 Snapshot and rollback Want to process requests from same state Rollback to eliminate residue from other requests Isolate influence of requests on each other snap’ lwC snap lwC caller is -1 for now (until new is switched to)

76 Example 1 Snapshot and rollback
Want to process requests from same state Rollback to eliminate residue from other requests Isolate influence of requests on each other snap’ lwC snap lwC return new as snapshot

77 Keep ref to snap so that we can go back …
Example 1 Snapshot and rollback Want to process requests from same state Rollback to eliminate residue from other requests Isolate influence of requests on each other snap’ lwC snap lwC Keep ref to snap so that we can go back …

78 Example 2 Sensitive data isolation
Only want specific lwC to access crypto key Other lwCs shouldn’t access key Process starts in main Initial lwC

79 Load key into variable privkey
Example 2 Sensitive data isolation Only want specific lwC to access crypto key Other lwCs shouldn’t access key Load key into variable privkey Initial lwC

80 Create new snapshot lwC that can overlay any part of parent memory
Example 2 Sensitive data isolation Only want specific lwC to access crypto key Other lwCs shouldn’t access key Create new snapshot lwC that can overlay any part of parent memory Initial lwC Child lwC

81 caller is -1 (until child is switched to)
Example 2 Sensitive data isolation Only want specific lwC to access crypto key Other lwCs shouldn’t access key caller is -1 (until child is switched to) Initial lwC Child lwC

82 Destroy the key. Which lwC still has a copy?
Example 2 Sensitive data isolation Only want specific lwC to access crypto key Other lwCs shouldn’t access key Destroy the key. Which lwC still has a copy? Initial lwC Child lwC

83 Restrict current lwC from accessing child memory. Why?
Example 2 Sensitive data isolation Only want specific lwC to access crypto key Other lwCs shouldn’t access key Restrict current lwC from accessing child memory. Why? Initial lwC Child lwC

84 Loop to process requests.
Example 2 Sensitive data isolation Only want specific lwC to access crypto key Other lwCs shouldn’t access key Loop to process requests. Initial lwC Child lwC

85 To sign data switch to child lwC, passing in buffer from current lwC.
Example 2 Sensitive data isolation Only want specific lwC to access crypto key Other lwCs shouldn’t access key To sign data switch to child lwC, passing in buffer from current lwC. Initial lwC Child lwC

86 Why will child be able to access buffer?
Example 2 Sensitive data isolation Only want specific lwC to access crypto key Other lwCs shouldn’t access key Why will child be able to access buffer? Initial lwC Child lwC

87 Thread starts running in child lwC.
Example 2 Sensitive data isolation Only want specific lwC to access crypto key Other lwCs shouldn’t access key Thread starts running in child lwC. Initial lwC Child lwC

88 What is the value of caller?
Example 2 Sensitive data isolation Only want specific lwC to access crypto key Other lwCs shouldn’t access key What is the value of caller? Initial lwC Child lwC

89 Example 2 Sensitive data isolation
Only want specific lwC to access crypto key Other lwCs shouldn’t access key Why a stub function? Initial lwC Child lwC

90 Map content pointed to by arg in caller to arg in current lwC.
Example 2 Sensitive data isolation Only want specific lwC to access crypto key Other lwCs shouldn’t access key Map content pointed to by arg in caller to arg in current lwC. Initial lwC Child lwC

91 Example 2 Sensitive data isolation
Only want specific lwC to access crypto key Other lwCs shouldn’t access key Why is this allowed? Initial lwC Child lwC

92 Perform the actual signing using the key and mapped in arg.
Example 2 Sensitive data isolation Only want specific lwC to access crypto key Other lwCs shouldn’t access key Perform the actual signing using the key and mapped in arg. Initial lwC Child lwC

93 Why are writes to arg in current lwC visible in caller?
Example 2 Sensitive data isolation Only want specific lwC to access crypto key Other lwCs shouldn’t access key Why are writes to arg in current lwC visible in caller? Initial lwC Child lwC

94 Why unmap arg after signing?
Example 2 Sensitive data isolation Only want specific lwC to access crypto key Other lwCs shouldn’t access key Why unmap arg after signing? Initial lwC Child lwC

95 Where will thread resume?
Example 2 Sensitive data isolation Only want specific lwC to access crypto key Other lwCs shouldn’t access key Switch back to caller. Where will thread resume? Initial lwC Child lwC

96 Back in parent lwC (i.e., previous caller).
Example 2 Sensitive data isolation Only want specific lwC to access crypto key Other lwCs shouldn’t access key Back in parent lwC (i.e., previous caller). Initial lwC Child lwC

97 Parent lwC can see updates to arg performed in child.
Example 2 Sensitive data isolation Only want specific lwC to access crypto key Other lwCs shouldn’t access key Parent lwC can see updates to arg performed in child. Initial lwC Child lwC

98 With data signed, process request, loop back for more …
Example 2 Sensitive data isolation Only want specific lwC to access crypto key Other lwCs shouldn’t access key With data signed, process request, loop back for more … Initial lwC Child lwC

99 Evaluation Is switching between lwCs fast?
Vs processes (different page tables) Vs kernel threads (thread queues in kernel) Vs user threads (thread queues in user space)

100 What is true for each approach (on FreeBSD)?
Evaluation Is switching between lwCs fast? Vs processes (different page tables) Vs kernel threads (thread queues in kernel) Vs user threads (thread queues in user space) What is true for each approach (on FreeBSD)?

101 Note: swapcontext in FreeBSD is a syscall
Evaluation Is switching between lwCs fast? Vs processes (different page tables) Vs kernel threads (thread queues in kernel) Vs user threads (thread queues in user space) Note: swapcontext in FreeBSD is a syscall

102 Note: swapcontext in Linux is not asyscall
Evaluation Is switching between lwCs fast? Vs processes (different page tables) Vs kernel threads (thread queues in kernel) Vs user threads (thread queues in user space) Note: swapcontext in Linux is not asyscall

103 On Linux this number is 6% of lwC …
Evaluation Is switching between lwCs fast? Vs processes (different page tables) Vs kernel threads (thread queues in kernel) Vs user threads (thread queues in user space) On Linux this number is 6% of lwC …

104 Why are processes and k-threads twice as slow as lwCs?
Evaluation Is switching between lwCs fast? Vs processes (different page tables) Vs kernel threads (thread queues in kernel) Vs user threads (thread queues in user space) Why are processes and k-threads twice as slow as lwCs?

105 Evaluation Is switching between lwCs fast?
Vs processes (different page tables) Vs kernel threads (thread queues in kernel) Vs user threads (thread queues in user space) lwCs avoid: * scheduling overhead (go right to next lwC)

Download ppt "Light-weight Contexts: An OS Abstraction for Safety and Performance"

Similar presentations

More on Processes Chapter 3. Process image _the physical representation of a process in the OS _an address space consisting of code, data and stack segments.

More on Processes Chapter 3. Process image _the physical representation of a process in the OS _an address space consisting of code, data and stack segments.
Chapter 6 Limited Direct Execution

Chapter 6 Limited Direct Execution
CSC 501 Lecture 2: Processes. Von Neumann Model Both program and data reside in memory Execution stages in CPU: Fetch instruction Decode instruction Execute.

CSC 501 Lecture 2: Processes. Von Neumann Model Both program and data reside in memory Execution stages in CPU: Fetch instruction Decode instruction Execute.
Processes CSCI 444/544 Operating Systems Fall 2008.

Processes CSCI 444/544 Operating Systems Fall 2008.
Threads 1 CS502 Spring 2006 Threads CS-502 Spring 2006.

Threads 1 CS502 Spring 2006 Threads CS-502 Spring 2006.
Advanced OS Chapter 3p2 Sections 3.4 / 3.5. Interrupts These enable software to respond to signals from hardware. The set of instructions to be executed.

Advanced OS Chapter 3p2 Sections 3.4 / 3.5. Interrupts These enable software to respond to signals from hardware. The set of instructions to be executed.
CPS110: Implementing threads/locks on a uni-processor Landon Cox.

CPS110: Implementing threads/locks on a uni-processor Landon Cox.
1 Process Description and Control Chapter 3 = Why process? = What is a process? = How to represent processes? = How to control processes?

1 Process Description and Control Chapter 3 = Why process? = What is a process? = How to represent processes? = How to control processes?
Threads CS 416: Operating Systems Design, Spring 2001 Department of Computer Science Rutgers University

Threads CS 416: Operating Systems Design, Spring 2001 Department of Computer Science Rutgers University
Process Description and Control A process is sometimes called a task, it is a program in execution.

Process Description and Control A process is sometimes called a task, it is a program in execution.
Chapter 51 Threads Chapter 5. 2 Process Characteristics  Concept of Process has two facets.  A Process is: A Unit of resource ownership:  a virtual.

Chapter 51 Threads Chapter 5. 2 Process Characteristics  Concept of Process has two facets.  A Process is: A Unit of resource ownership:  a virtual.
CSE 451: Operating Systems Autumn 2013 Module 6 Review of Processes, Kernel Threads, User-Level Threads Ed Lazowska 570 Allen.

CSE 451: Operating Systems Autumn 2013 Module 6 Review of Processes, Kernel Threads, User-Level Threads Ed Lazowska 570 Allen.
Operating Systems CSE 411 CPU Management Sept. 29 2006 - Lecture 11 Instructor: Bhuvan Urgaonkar.

Operating Systems CSE 411 CPU Management Sept Lecture 11 Instructor: Bhuvan Urgaonkar.
CSC 501 Lecture 2: Processes. Process Process is a running program a program in execution an “instantiation” of a program Program is a bunch of instructions.

CSC 501 Lecture 2: Processes. Process Process is a running program a program in execution an “instantiation” of a program Program is a bunch of instructions.
Threads, Thread management & Resource Management.

Threads, Thread management & Resource Management.
Lecture 3 Process Concepts. What is a Process? A process is the dynamic execution context of an executing program. Several processes may run concurrently,

Lecture 3 Process Concepts. What is a Process? A process is the dynamic execution context of an executing program. Several processes may run concurrently,
CPS110: Implementing threads Landon Cox. Recap and looking ahead Hardware OS Applications Where we’ve been Where we’re going.

CPS110: Implementing threads Landon Cox. Recap and looking ahead Hardware OS Applications Where we’ve been Where we’re going.
Operating Systems CSE 411 CPU Management Sept. 27 2006 - Lecture 10 Instructor: Bhuvan Urgaonkar.

Operating Systems CSE 411 CPU Management Sept Lecture 10 Instructor: Bhuvan Urgaonkar.
Processes, Threads, and Process States. Programs and Processes  Program: an executable file (before/after compilation)  Process: an instance of a program.

Processes, Threads, and Process States. Programs and Processes  Program: an executable file (before/after compilation)  Process: an instance of a program.
Processes and Virtual Memory

Processes and Virtual Memory

Similar presentations

Ads by Google