1 / 19

Janos

Janos. Patrick Tullmann Flux Research Group University of Utah. Janos JVM. Extend Java virtual machine Support OS-like processes Fine-grained resource controls Flexible system Run on OSKit == Active Node Run as Unix process == Java OS. Ex: Network Administration. MCI. Attacker.

kasimir-swanson
Download Presentation

Janos

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Janos Patrick Tullmann Flux Research Group University of Utah

  2. Janos JVM • Extend Java virtual machine • Support OS-like processes • Fine-grained resource controls • Flexible system • Run on OSKit == Active Node • Run as Unix process == Java OS

  3. Ex: Network Administration MCI Attacker Victim AT&T

  4. A Current Approach • MCI’s Denial of Service Tracker (DoSTrack) • DoSTrack walks “upstream” following the trail to the attacker • Shortcomings of DoSTrack • Only works in the MCI administrative domain • Requires a Cisco router and Perl5

  5. An Active Network Approach 1. Install extensible system on each router Safe language system 2. Add infrastructure to separate tasks Who & what is executing 3. Add support for hierarchical resource controls Packet Forwarding MCI Other AT & T

  6. Motivation • Java Virtual Machine provides: • Safety • Platform independence • Active Node OS needs: • Multiple “user” management • Resource management • Flexible & extensible control

  7. Approach • Traditional OS a good model • Hardware provides safety mechanism • OS provides management • Fluke OS nested process model

  8. Nested Process Model • Hierarchical • Environment of process controlled by parents • Parent can manage all, few, or no resources of child • Any process can create sub-processes AltaVirtual Machine Untrusted Container Trusted Container Root Task Admin Component

  9. Mapping an OS into Java • Type safety replaces hardware page protections • Bytecodes replace simple instructions • Native methods replace privileged instructions • All higher-level abstractions are equivalent

  10. JavaOS Prototype: Alta • Supports Fluke features for process management • Mimics Fluke structure • Provides parent process with control • No CPU controls • Maintains backwards compatibility • Existing Java apps work (JDK 1.0)

  11. JavaOS Prototype: Alta • Maintains “whole JVM” illusion • Per-process, flexible typespaces • Inter-process sharing • Sharing & resource control

  12. User-level Sharing • Child allocates -> Parent references • Harmless. If parent dies then child dies • Useful. Child can pass IPC arguments • Sibling allocates -> Sibling references • Allowable. Parent trades communication costs for separation • Parent allocates -> Child references • Standard server behavior • Cannot deallocate without child’s cooperation

  13. Alta vs. Fluke • Use similar internal organization • Both implement a “red line” [Back 1999] • Fully preemptible kernel • Alta allows kernel / user data sharing • Performance is weak • Improve Java • Improve structure of Alta

  14. Contributions • Prototype demonstrates applicability of OS abstractions to Java • The Fluke NPM with a different protection mechanism • Multiple application support in a JVM • Type-safe sharing between inconsistent typespaces

  15. Building an Active Node • Expand resource management • CPU Inheritance Scheduling • Network access • Memory management • Shared objects • Garbage collection • Flask security architecture • Java optimizations and improvements

  16. Memory: GC & Sharing • CPU time for GC • Charging for shared objects

  17. Java Optimization • Memory management • Stack allocation • Non-GC processes • Optimized/restricted environments • Java code on the fast-path

  18. Extend to EE • Provide resource controls in ANTS • CPU • Network • Memory • Challenges in applying to ANTS • Per-protocol • Subdivision of resources

  19. the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end the end

More Related