FlexOS: Towards Flexible OS Isolation

by   Hugo Lefeuvre, et al.

At design time, modern operating systems are locked in a specific safety and isolation strategy that mixes one or more hardware/software protection mechanisms (e.g. user/kernel separation); revisiting these choices after deployment requires a major refactoring effort. This rigid approach shows its limits given the wide variety of modern applications' safety/performance requirements, when new hardware isolation mechanisms are rolled out, or when existing ones break. We present FlexOS, a novel OS allowing users to easily specialize the safety and isolation strategy of an OS at compilation/deployment time instead of design time. This modular LibOS is composed of fine-grained components that can be isolated via a range of hardware protection mechanisms with various data sharing strategies and additional software hardening. The OS ships with an exploration technique helping the user navigate the vast safety/performance design space it unlocks. We implement a prototype of the system and demonstrate, for several applications (Redis/Nginx/SQLite), FlexOS' vast configuration space as well as the efficiency of the exploration technique: we evaluate 80 FlexOS configurations for Redis and show how that space can be probabilistically subset to the 5 safest ones under a given performance budget. We also show that, under equivalent configurations, FlexOS performs similarly or better than several baselines/competitors.



There are no comments yet.


page 3

page 5

page 9


Efficient Sealable Protection Keys for RISC-V

With the continuous increase in the number of software-based attacks, th...

Domain Page-Table Isolation

Modern applications often consist of different security domains that req...

XOS: An Application-Defined Operating System for Data Center Servers

Rapid growth of datacenter (DC) scale, urgency of cost control, increasi...

Secure Memory Management on Modern Hardware

Almost all modern hardware, from phone SoCs to high-end servers with acc...

Provably Secure Isolation for Interruptible Enclaved Execution on Small Microprocessors: Extended Version

Computer systems often provide hardware support for isolation mechanisms...

A Design-Time/Run-Time Application Mapping Methodology for Predictable Execution Time in MPSoCs

Executing multiple applications on a single MPSoC brings the major chall...

Look Mum, no VM Exits! (Almost)

Multi-core CPUs are a standard component in many modern embedded systems...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.