ITEC -  Operating Systems Group

Address-Space Multiplexing revisited on AMD64/x86_64

  • Type:Studienarbeit
  • Date:30.04.2013
  • Supervisor:

    Prof. Dr. Frank Bellosa, Marius Hillenbrand

  • Graduand:Marco Kroll
  • Links:PDF
  • Abstract:

    Address space multiplexing is a technique which enables multiple Independent processes to share a single address space. This technique can be used to reduce the context switching time and the dependency on special hardware, such as tagged translation lookaside buffers.

    The design consist of modifying the program to achieve isolation. Thereafter the program is loaded into a single address space where the necessary process-related structures are initialized and execution of the subprocess is started.

    In this thesis we explore how LLVM intermediate representation (LLVM IR) can be used to achieve isolation of multiplexed processes. Using LLVM IR allows us to be independent of programming language and hardware. Our main Focus is the protection of memory access, which we achieve by modifying the intermediate representation of the target program. The modification inserts additional instructions to limit the addressable memory of each process, thereby achieving protection from misbehaving processes. Further protection is realized by using mechanisms provided by the underlying operating system, such as the clone system call.

    We developed a prototype that is able to load a modified LLVM IR program into its address space and start its execution in a subprocess. Using our prototype we were able to show that the process-related structures are isolated and that Memory access can only occur within the assigned memory area, at the cost of performance. The performance impact varies depending on which type of Memory access is limited and the total number of memory accesses performed by the target program. The overhead of our prototype for commonly used programs is expected to be between 14% and 50%. The maximum overhead we measured is less than 100%.

    Applications can benefit from using a multiplexed address space if the number of context switches is high enough to compensate the performance loss caused by our modification. Future research has to be done to further optimize the instructions used to limit the addressable memory thereby improving isolation and performance.

    BibTex:

    @mastersthesis{kroll13addressspacemultiplexing,
     author = {Marco Kroll},
     title = {Address-Space Multiplexing revisited on AMD64/x86_64},
     type = {Study Thesis},
     school = {System Architecture Group, Karlsruhe Institute of Technology (KIT), Germany},
     month = apr # "30",
     year = 2013,
     note = {\url{http://os.itec.kit.edu/}}
     }