[uml-devel] Skas Mode : How does it work ?

[uml-devel] Skas Mode : How does it work ?

[Sébastien Frémal]

[-- Attachment #1.1: Type: text/plain, Size: 616 bytes --]

Hello,

I'm a PhD Student studying virtualization methods. I found an article on
UML explaining how it works in TT mode (
https://www.kernel.org/doc/ols/2001/uml.pdf).

I read that there is now a skas mode fixing security and performance
issuses of the TT mode (http://user-mode-linux.sourceforge.net/old/skas.html),
but I don't find informations on how it works. It seems that the tracing
thread doesn't exist in skas mode. I'm searching informations on how this
system works, especially how system calls are virtualized. Is this
information available somewhere ?

Best regards,

Sébastien Frémal

[-- Attachment #1.2: Type: text/html, Size: 831 bytes --]

[-- Attachment #2: Type: text/plain, Size: 417 bytes --]

------------------------------------------------------------------------------
The best possible search technologies are now affordable for all companies.
Download your FREE open source Enterprise Search Engine today!
Our experts will assist you in its installation for $59/mo, no commitment.
Test it for FREE on our Cloud platform anytime!
http://pubads.g.doubleclick.net/gampad/clk?id=145328191&iu=/4140/ostg.clktrk

[-- Attachment #3: Type: text/plain, Size: 194 bytes --]

_______________________________________________
User-mode-linux-devel mailing list
User-mode-linux-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/user-mode-linux-devel

Re: [uml-devel] Skas Mode : How does it work ?

[Michael Richardson]

Sébastien Frémal <sebastien.fremal@gmail.com> wrote:
    > I'm a PhD Student studying virtualization methods. I found an article
    > on UML explaining how it works in TT mode
    > (https://www.kernel.org/doc/ols/2001/uml.pdf ).

    > I read that there is now a skas mode fixing security and performance
    > issuses of the TT mode
    > (http://user-mode-linux.sourceforge.net/old/skas.html), but I don't
    > find informations on how it works. It seems that the tracing thread

You may be able to find some talks/etc. on this in archives.
Jeff Dike might be able to recall which years...
Maybe LinuxSymposium in 1999 and 2000.

Also, I suggest you read the source code: that means going back to
Linux 2.6. and 2.4 versions.

--
]               Never tell me the odds!                 | ipv6 mesh networks [
]   Michael Richardson, Sandelman Software Works        | network architect  [
]     mcr@sandelman.ca  http://www.sandelman.ca/        |   ruby on rails    [


------------------------------------------------------------------------------
The best possible search technologies are now affordable for all companies.
Download your FREE open source Enterprise Search Engine today!
Our experts will assist you in its installation for $59/mo, no commitment.
Test it for FREE on our Cloud platform anytime!
http://pubads.g.doubleclick.net/gampad/clk?id=145328191&iu=/4140/ostg.clktrk
_______________________________________________
User-mode-linux-devel mailing list
User-mode-linux-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/user-mode-linux-devel

Re: [uml-devel] Skas Mode : How does it work ?

[stian]

Den 2014-05-27 21:08, skrev Michael Richardson:
> Sébastien Frémal <sebastien.fremal@gmail.com> wrote:
>     > I'm a PhD Student studying virtualization methods. I found an 
> article
>     > on UML explaining how it works in TT mode
>     > (https://www.kernel.org/doc/ols/2001/uml.pdf ).
>
>     > I read that there is now a skas mode fixing security and 
> performance
>     > issuses of the TT mode
>     > (http://user-mode-linux.sourceforge.net/old/skas.html), but I 
> don't
>     > find informations on how it works. It seems that the tracing 
> thread
>
> You may be able to find some talks/etc. on this in archives.
> Jeff Dike might be able to recall which years...
> Maybe LinuxSymposium in 1999 and 2000.
>
> Also, I suggest you read the source code: that means going back to
> Linux 2.6. and 2.4 versions.

If you read too old emails, you might be a bit confused, since there 
has been more than one version of SKAS. (I might write wrong here, so 
please double check things). Current version is called SKAS0. The 
previous versions of SKAS required modifications on the host kernel. 
This modification used to allow a process to have multiple memory maps, 
and a tracing process could use a syscall to change which memory map a 
process should have at any given time. With SKAS0, this is no longer 
required, hence the version was set to zero.

Googleling SKAS3 and SKAS0 should give some nice hits.


--
Stian Skjelstad

------------------------------------------------------------------------------
The best possible search technologies are now affordable for all companies.
Download your FREE open source Enterprise Search Engine today!
Our experts will assist you in its installation for $59/mo, no commitment.
Test it for FREE on our Cloud platform anytime!
http://pubads.g.doubleclick.net/gampad/clk?id=145328191&iu=/4140/ostg.clktrk
_______________________________________________
User-mode-linux-devel mailing list
User-mode-linux-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/user-mode-linux-devel

Re: [uml-devel] Skas Mode : How does it work ?

[Richard Weinberger]

On Tue, May 27, 2014 at 3:58 PM, Sébastien Frémal
<sebastien.fremal@gmail.com> wrote:
> Hello,
>
> I'm a PhD Student studying virtualization methods. I found an article on UML
> explaining how it works in TT mode
> (https://www.kernel.org/doc/ols/2001/uml.pdf).
>
> I read that there is now a skas mode fixing security and performance issuses
> of the TT mode (http://user-mode-linux.sourceforge.net/old/skas.html), but I
> don't find informations on how it works. It seems that the tracing thread
> doesn't exist in skas mode. I'm searching informations on how this system
> works, especially how system calls are virtualized. Is this information
> available somewhere ?

Feel free to ask me whatever you want to know.

SKAS means "Separated Kernel Address Space".
It ensures that userspace cannot access kernel memory.
The first version of SKAS was SKAS3 it needed a kernel patch on the
host side which
never went mainline.
There was also an attempt to make SKAS mainline ready, SKAS4.
Then the UML developers found a way to implement SKAS without patching
the host kernel, SKAS0.
Currently UML supports SASK0 and SKAS3.
But I bet SKAS3 support is broken as nobody uses it anymore. I'll
remove it soon.

In SKAS0 every guest process has a twin on the host side.
If the UML kernel wants to change a memory mapping of a process it has to
do it within the guest process on the host. This mechanism is done using
the stub pages.
The kernel owns two pages within every guest process and can execute
code as the guest.
Of course UML has to make sure that no guest process every can control
its stub pages,
otherwise it could break out.

System call visualization on UML is done using ptrace().
UML is basically system call emulator. It uses ptrace() to make every
system call void
and emulates it.

-- 
Thanks,
//richard

------------------------------------------------------------------------------
Time is money. Stop wasting it! Get your web API in 5 minutes.
www.restlet.com/download
http://p.sf.net/sfu/restlet
_______________________________________________
User-mode-linux-devel mailing list
User-mode-linux-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/user-mode-linux-devel

Re: [uml-devel] Skas Mode : How does it work ?

[Sébastien Frémal]

[-- Attachment #1.1: Type: text/plain, Size: 625 bytes --]

Hello,

Thank you for these informations, it helps me to understand how skas works.
I read on the skas website that "This also provides a noticable speedup by
eliminating the signal delivery that used to happen for every UML system
call." I read that UML processes (in TT mode) in user space were controlled
with signals (especially to do the transition between the user mode and the
kernel mode). The presentation of skas suggests that this transition and
communications between UML and its processes are not executed anymore with
signals. Do you know what is used instead ?

Best regards,

Frémal Sébastien

[-- Attachment #1.2: Type: text/html, Size: 719 bytes --]

[-- Attachment #2: Type: text/plain, Size: 366 bytes --]

------------------------------------------------------------------------------
Learn Graph Databases - Download FREE O'Reilly Book
"Graph Databases" is the definitive new guide to graph databases and their 
applications. Written by three acclaimed leaders in the field, 
this first edition is now available. Download your free book today!
http://p.sf.net/sfu/NeoTech

[-- Attachment #3: Type: text/plain, Size: 194 bytes --]

_______________________________________________
User-mode-linux-devel mailing list
User-mode-linux-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/user-mode-linux-devel

Re: [uml-devel] Skas Mode : How does it work ?

[Richard Weinberger]

Hi!

Am 02.06.2014 11:05, schrieb Sébastien Frémal:
> Hello,
> 
> Thank you for these informations, it helps me to understand how skas works. I read on the skas website that "This also provides a noticable speedup by eliminating the signal
> delivery that used to happen for every UML system call." I read that UML processes (in TT mode) in user space were controlled with signals (especially to do the transition between
> the user mode and the kernel mode). The presentation of skas suggests that this transition and communications between UML and its processes are not executed anymore with signals.
> Do you know what is used instead ?

In SASK0 mode UML controls the guest processes using the stub pages.
Every guest process has two installed where the UML kernel can inject commands.
Just grep the sources for STUB_CODE and STUB_DATA.

Thanks,
//richard

------------------------------------------------------------------------------
Learn Graph Databases - Download FREE O'Reilly Book
"Graph Databases" is the definitive new guide to graph databases and their 
applications. Written by three acclaimed leaders in the field, 
this first edition is now available. Download your free book today!
http://p.sf.net/sfu/NeoTech
_______________________________________________
User-mode-linux-devel mailing list
User-mode-linux-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/user-mode-linux-devel