Cooperation and security isolation of library OSes for multi-process applications

Library OSes are a promising approach for applications to efficiently obtain the benefits of virtual machines, including security isolation, host platform compatibility, and migration. Library OSes refactor a traditional OS kernel into an application library, avoiding overheads incurred by duplicate functionality. When compared to running a single application on an OS kernel in a VM, recent library OSes reduce the memory footprint by an order-of-magnitude. Previous library OS (libOS) research has focused on single-process applications, yet many Unix applications, such as network servers and shell scripts, span multiple processes. Key design challenges for a multi-process libOS include management of shared state and minimal expansion of the security isolation boundary. This paper presents Graphene, a library OS that seamlessly and efficiently executes both single and multi-process applications, generally with low memory and performance overheads. Graphene broadens the libOS paradigm to support secure, multi-process APIs, such as copy-on-write fork, signals, and System V IPC. Multiple libOS instances coordinate over pipe-like byte streams to implement a consistent, distributed POSIX abstraction. These coordination streams provide a simple vantage point to enforce security isolation. Copyright 2007 by the Association for Computing Machinery, Inc.

Tsai, C., Arora, K. S., Bandi, N., Jain, B., Jannen, W., John, J., ... Porter, D. E.

Tsai, Chia-Che||Arora, Kumar Saurabh||Bandi, Nehal||Jain, Bhushan||Jannen, William||John, Jitin||Kalodner, Harry A||Kulkarni, Vrushali||Oliveira, Daniela||Porter, Donald E

Cooperation and security isolation of library OSes for multi-process applications Conference Paper