User Mode Linux Linux inside Linux inside Linux inside...



Similar documents
Lecture 5. User-Mode Linux. Jeff Dike. November 7, Operating Systems Practical. OSP Lecture 5, UML 1/33

Making Linux Safe for Virtual Machines

Configuring CoreNet Platform Cache (CPC) as SRAM For Use by Linux Applications

Intel P6 Systemprogrammering 2007 Föreläsning 5 P6/Linux Memory System

Operating Systems and Networks

The Linux Kernel: Process Management. CS591 (Spring 2001)

Carnegie Mellon Virtual Memory of a Linux Process Process-specific data structs (ptables, Different for

VMware Server 2.0 Essentials. Virtualization Deployment and Management

Virtualization for Cloud Computing

Application-Level Debugging and Profiling: Gaps in the Tool Ecosystem. Dr Rosemary Francis, Ellexus

User-Mode Linux. Jeff Dike. Abstract. 2 Devices. 1 Introduction

Virtual Servers. Virtual machines. Virtualization. Design of IBM s VM. Virtual machine systems can give everyone the OS (and hardware) that they want.

COS 318: Operating Systems

Running virtualized native drivers in User Mode Linux p.1/30

How do Users and Processes interact with the Operating System? Services for Processes. OS Structure with Services. Services for the OS Itself

Operating System Structures

Example of Standard API

Virtual Private Systems for FreeBSD

Outline. Outline. Why virtualization? Why not virtualize? Today s data center. Cloud computing. Virtual resource pool

x86 ISA Modifications to support Virtual Machines

COS 318: Operating Systems. Virtual Machine Monitors

EXPLORING LINUX KERNEL: THE EASY WAY!

Virtualization Technologies

KVM: A Hypervisor for All Seasons. Avi Kivity avi@qumranet.com

Chapter 3: Operating-System Structures. System Components Operating System Services System Calls System Programs System Structure Virtual Machines

kvm: Kernel-based Virtual Machine for Linux

Linux/UNIX System Programming. POSIX Shared Memory. Michael Kerrisk, man7.org c February 2015

W4118 Operating Systems. Junfeng Yang

Xen and the Art of. Virtualization. Ian Pratt

L 4 Linux Porting Optimizations

Real-Time Systems Prof. Dr. Rajib Mall Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur

Frysk The Systems Monitoring and Debugging Tool. Andrew Cagney

10 Things Every Linux Programmer Should Know Linux Misconceptions in 30 Minutes

Red Hat Linux Internals

Programmation Systèmes Cours 9 Memory Mapping

Shared Memory Introduction

CGL Architecture Specification

The Plan Today... System Calls and API's Basics of OS design Virtual Machines

CPS221 Lecture: Operating System Structure; Virtual Machines

Project No. 2: Process Scheduling in Linux Submission due: April 28, 2014, 11:59pm

What is virtualization

Virtual Machines.

Uses for Virtual Machines. Virtual Machines. There are several uses for virtual machines:

Cloud^H^H^H^H^H Virtualization Technology. Andrew Jones May 2011

Virtualization. Types of Interfaces

Advanced Server Virtualization: Vmware and Microsoft Platforms in the Virtual Data Center

Virtualization. Jukka K. Nurminen

Virtual Machine Monitors. Dr. Marc E. Fiuczynski Research Scholar Princeton University

VMware and CPU Virtualization Technology. Jack Lo Sr. Director, R&D

OPERATING SYSTEM SERVICES

Assignment 5: Adding and testing a new system call to Linux kernel

Objectives. Chapter 2: Operating-System Structures. Operating System Services (Cont.) Operating System Services. Operating System Services (Cont.

Operating Systems. Lecture 03. February 11, 2013

FAME Operating Systems

COS 318: Operating Systems. Virtual Machine Monitors

Chapter 3 Operating-System Structures

Virtualization: Concepts, Applications, and Performance Modeling

FRONT FLYLEAF PAGE. This page has been intentionally left blank

IOS110. Virtualization 5/27/2014 1

Networked I/O for Virtual Machines

An Implementation Of Multiprocessor Linux

Thomas Fahrig Senior Developer Hypervisor Team. Hypervisor Architecture Terminology Goals Basics Details

Visualizing gem5 via ARM DS-5 Streamline. Dam Sunwoo ARM R&D December 2012

Chapter 2 System Structures

Oracle Database Solutions on VMware High Availability. Business Continuance of SAP Solutions on Vmware vsphere

Full and Para Virtualization

Cloud9 Parallel Symbolic Execution for Automated Real-World Software Testing

CS 377: Operating Systems. Outline. A review of what you ve learned, and how it applies to a real operating system. Lecture 25 - Linux Case Study

Virtualization System Vulnerability Discovery Framework. Speaker: Qinghao Tang Title:360 Marvel Team Leader

Going Linux on Massive Multicore

System Structures. Services Interface Structure

Sistemi Operativi. Lezione 25: JOS processes (ENVS) Corso: Sistemi Operativi Danilo Bruschi A.A. 2015/2016

User-level processes (clients) request services from the kernel (server) via special protected procedure calls

Lecture 2 Cloud Computing & Virtualization. Cloud Application Development (SE808, School of Software, Sun Yat-Sen University) Yabo (Arber) Xu

Enterprise-Class Virtualization with Open Source Technologies

Linux scheduler history. We will be talking about the O(1) scheduler

Real-time Debugging using GDB Tracepoints and other Eclipse features

Virtual Computing and VMWare. Module 4

Virtualization Technologies (ENCS 691K Chapter 3)

Virtualization. Dr. Yingwu Zhu

64 Bit File Access. 1.0 Introduction. 2.0 New Interfaces. 2.1 New User Visible Types. Adam Sweeney

What s Cool in the SAP JVM (CON3243)

Multi-core architectures. Jernej Barbic , Spring 2007 May 3, 2007

SUSE Linux Enterprise 10 SP2: Virtualization Technology Support

Virtualizare sub Linux: avantaje si pericole. Dragos Manac

Introduction to Virtualization & KVM

How To Make A Minecraft Iommus Work On A Linux Kernel (Virtual) With A Virtual Machine (Virtual Machine) And A Powerpoint (Virtual Powerpoint) (Virtual Memory) (Iommu) (Vm) (

Department of Electrical Engineering and Computer Science MASSACHUSETTS INSTITUTE OF TECHNOLOGY Operating System Engineering: Fall 2005

Virtualization. Explain how today s virtualization movement is actually a reinvention

Table of Contents Introduction and System Requirements 9 Installing VMware Server 35

Oracle Databases on VMware High Availability

Module I-7410 Advanced Linux FS-11 Part1: Virtualization with KVM

Basics of Virtualisation

Operating Systems. Privileged Instructions

ò Paper reading assigned for next Thursday ò Lab 2 due next Friday ò What is cooperative multitasking? ò What is preemptive multitasking?

Transcription:

User Mode Linux Linux inside Linux inside Linux inside... Muli Ben-Yehuda mulix@mulix.org IBM Haifa Research Labs Linux Study Group, HRL, Oct 2003 p.1/23

what is UML? User Mode Linux (UML, hereafter) is a port of Linux (the kernel) to run as a program inside Linux (the system), creating a free software production quality Linux virtual machine. Instead of working directly with the hardware, UML uses the host s system call interface in place of the hardware. Surprisingly enough, it actually works. UML was developed primarily by Jeff Dike <jdike@karaya.com>. Many people (including yours truly) contributed patches and bug fixes. UML is part of the official Linux kernel distribution as of kernel 2.5, and there are patches available for 2.2 and 2.4. Linux Study Group, HRL, Oct 2003 p.2/23

TOC Introduction to UML (what is it good for?) UML capabilities UML limitations Overview of UML architecture Interlude - the ptrace API Tracing Thread (TT) mode Seperate Kernel Addressspace (SKAS) mode Linux Study Group, HRL, Oct 2003 p.3/23

what is it good for? testing and debugging kernel patches, without requiring a reboot and using a mature debugger (gdb) private servers on shared hosts, virtual machine hosting - people are selling hosting based on UML experimenting with system administration scenarios and new Linux distributions / services teaching operating systems ;-) UML clusters... (when UML-win32 comes of age) running Linux on windows machine - tapping into unused resources at night Linux Study Group, HRL, Oct 2003 p.4/23

building and running it make menuconfig ARCH=um make linux./linux [gazillion optional options here] simple, isn t it? Don t forget you also need the UML utilities and a root file systems. You can get everything (with instructions) from http://user-mode-linux.sf.net Linux Study Group, HRL, Oct 2003 p.5/23

UML capabilities run user space code unmodified (like vmware and as opposed to e.g. the Xen virtual machine) secure virtual machine in software only reasonable performance, dependant on the workload but generally speaking no worse than half than the host s performance access to host file systems via hostfs full networking support SMP, highmem support can run Linux on any other OS potential access to kernel primitives as a user space library Linux Study Group, HRL, Oct 2003 p.6/23

UML limitations performance... access to hardware requires special UML drivers cannot be used to debug architecture dependent kernel code only runs on Linux currently, and only on i386 (but porting to other OS s / architectures a Simple Matter of Programming) Linux Study Group, HRL, Oct 2003 p.7/23

UML design UML is a port of the Linux kernel to a new virtual architecture - Linux s system call interface. The Linux kernel is divided into an architecture independent part, which is the bulk of the code, and into an architecture dependent part (include/asm-* and arch/*). UML is a port of Linux to the UML architecture. Under arch/um, it implements the architecture specific interface the rest of the Linux kernel expects. Linux Study Group, HRL, Oct 2003 p.8/23

Example: setting up physical memory When UML starts up, libc s startup code calls main(), which then calls linux_main(). linux_main() calls setup_physmem() to setup UML s imitation of physical memory: void setup_physmem(unsigned long start, unsigned long reserve_end, unsigned long len) { unsigned long reserve = reserve_end - start; int pfn = PFN_UP( pa(reserve_end)); int delta = (len - reserve) >> PAGE_SHIFT; int err, offset, bootmap_size; physmem_fd = create_mem_file(len); } offset = uml_reserved - uml_physmem; err = os_map_memory((void *) uml_reserved, physmem_fd, offset, len - offset, 1, 1, 0); [snip] Linux Study Group, HRL, Oct 2003 p.9/23

create_mem_file int create_mem_file(unsigned long len) { int fd, err; char zero; } fd = make_tempfile(tempname_template, NULL, 1); [snip error checking] err = os_mode_fd(fd, 0777); [snip various checks] err = os_set_exec_close(fd, 1); if(err < 0) os_print_error(err, "exec_close"); return(fd); Linux Study Group, HRL, Oct 2003 p.10/23

s_close_on_exec - Linux implementation int os_set_exec_close(int fd, int close_on_exec) { int flag, err; if(close_on_exec) flag = FD_CLOEXEC; else flag = 0; do { err = fcntl(fd, F_SETFD, flag); } while((err < 0) && (errno == EINTR)) ; } if(err < 0) return(-errno); return(err); Linux Study Group, HRL, Oct 2003 p.11/23

s_map_memory - Linux implementation int os_map_memory(void *virt, int fd, unsigned long off, unsigned long len int r, int w, int x) { void *loc; int prot; prot = (r? PROT_READ : 0) (w? PROT_WRITE : 0) (x? PROT_EXEC : 0); } loc = mmap((void *) virt, len, prot, MAP_SHARED MAP_FIXED, fd, off); if(loc == MAP_FAILED) return(-errno); return(0); Linux Study Group, HRL, Oct 2003 p.12/23

interlude - the ptrace API ptrace is a low level, architecture dependant POSIX API for one process to intimately manipulate another. It is the mechanism used by debuggers, for example. show strace /bin/echo as an example of syscall tracing show dumpmem /bin/echo as an example of memory dumping Linux Study Group, HRL, Oct 2003 p.13/23

interlude - the ptrace API interface #include <sys/ptrace.h> long ptrace(enum ptrace_request request, pid_t pid, void *addr, void *data); enum ptrace_request { /* Indicate that the process making this request should be traced. All signals received by this process can be intercepted by its parent, and its parent can use the other ptrace requests. */ PTRACE_TRACEME = 0, /* Return the word in the process s text space at address ADDR. */ PTRACE_PEEKTEXT = 1, /* Return the word in the process s data space at address ADDR. */ PTRACE_PEEKDATA = 2, Linux Study Group, HRL, Oct 2003 p.14/23

nterlude - the ptrace API interface - cont /* Return the word in the process s user area at offset ADDR. */ PTRACE_PEEKUSER = 3, /* Write DATA into the process s text space at address ADDR.*/ PTRACE_POKETEXT = 4, /* Write DATA into the process s data space at address ADDR.*/ PTRACE_POKEDATA = 5, /* Write DATA into the process s user area at offset ADDR. */ PTRACE_POKEUSER = 6, /* Continue the process. */ PTRACE_CONT = 7, /* Kill the process. */ PTRACE_KILL = 8, /* Single step the process. This is not supported on all machines. */ PTRACE_SINGLESTEP = 9, /* Get all general purpose registers used by a processes. This is not supported on all machines. */ PTRACE_GETREGS = 12, Linux Study Group, HRL, Oct 2003 p.15/23

nterlude - the ptrace API interface - cont /* Set all general purpose registers used by a processes. This is not supported on all machines. */ PTRACE_SETREGS = 13, [snip] /* Attach to a process that is already running. */ PTRACE_ATTACH = 16, /* Detach from a process attached to with PTRACE_ATTACH. */ PTRACE_DETACH = 17, [snip] /* Continue and stop at the next (return from) syscall. */ PTRACE_SYSCALL = 24 }; Linux Study Group, HRL, Oct 2003 p.16/23

Tracing Thread mode overview each UML process gets a process on the host the tracing thread system call tracing on the UML processes (via ptrace) the tracing thread nullified system calls, and caused the process to enter the UML kernel, which is mapped into the upper part of its address space All user processes share the UML kernel s address space! without due care, they can write it and escapte the virtual machine. With due care, performance suffers. Linux Study Group, HRL, Oct 2003 p.17/23

guest process system calls A process running inside UML (guest process) executes a system call instruction (int 0x80) via ptrace, the tracing thread is woken up the tracing thread annuls the system call on behalf of the UML process, and then forces the kernel to execute the system call the system call is executed, and when it is done, the tracing thread is woken up again the tracing thread manipulates the UML process state to think it completed the system call the UML process continues running Linux Study Group, HRL, Oct 2003 p.18/23

SKAS mode the UML kernel runs in an entirely different host address space from its processes solves the security problem - UML kernel totally inaccessible to UML processes also solves the fingerprinting problem - guest processes address space now identical to what they would be on a non UML host major speedup by eliminating signal delivery(?) Linux Study Group, HRL, Oct 2003 p.19/23

SKAS mode - /proc/mm Let s look at what is required in order to support seperate address spaces... go over the host-skas3.patch Linux Study Group, HRL, Oct 2003 p.20/23

SKAS mode - switch_mm schedule(), the scheduler function, calls switch_mm() before switching tasks via switch_to(). switch_mm() is implemented in asm/um/mmu_context.h as: static inline void switch_mm(struct mm_struct *prev, struct mm_struct *next, struct task_struct *tsk, unsigned cpu) { if(prev!= next){ clear_bit(cpu, &prev->cpu_vm_mask); set_bit(cpu, &next->cpu_vm_mask); if(next!= &init_mm) { int fd = next->context.skas.mm_fd; CHOOSE_MODE((void) 0, switch_mm_skas(fd)); } } } Linux Study Group, HRL, Oct 2003 p.21/23

SKAS mode - switch_mm_skas void switch_mm_skas(int mm_fd) { int err; } err = ptrace(ptrace_switch_mm, userspace_pid, 0, mm_fd); if(err) panic("switch_mm_skas - PTRACE_SWITCH_MM failed," "errno = %d\n", errno); Linux Study Group, HRL, Oct 2003 p.22/23

References The User Mode Linux homepage: http://user-mode-linux.sourceforge.net/ The User Mode Linux SKAS page: http://user-mode-linux.sourceforge.net/skas.html The User Mode Linux Community Site: http://usermodelinux.org/ Linux Study Group, HRL, Oct 2003 p.23/23

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information