3. Plan 9
• OS
• UNIX UNIX OS
•
•
• GSoC 2010
accept
4. Plan 9 on SL-C3100
http://server.hemiola.co.uk/zaurus.jpg
5. Google
Plan 9
• Plan 9 Google
• Rob Pike Ken Thompson Dave
Presotto Russ Cox ...
• Plan 9
Mac OS X Plan9port
• 9term acme sam
• venti
6. UNIX Plan 9
• Plan9port (a.k.a. Plan 9 from User Space)
• http://swtch.com/plan9port/
• 9vx (a.k.a. Plan 9 Virtual eXecutable)
• http://swtch.com/9vx/
Russ Cox
7. Plan9port
• Plan 9
• OS
• v9fs Linux 9P2000 FS
•
• NetBSD/evbarm LinkStation
• NIMIX3 Pthread
11. 9vx
Plan 9 Plan 9 Plan 9
1 a.out a.out a.out
vx32 sandbox library
Modified Plan 9 kernel
Host OS
(Linux, *BSD, MacOS X)
12. vx32
separate signal stack, passing vx32 the full saved register
state when such a signal occurs. Again, all widely-used
x86 operating systems have this capability.
Finally, vx32 can benefit from being able to map disk
files into the host application’s address space and to
control the read/write/execute permissions on individual
pages in the mapping. Although these features are not
strictly required by vx32, they are, once again, provided
by all widely-used x86 operating systems.
On modern Unix variants such as Linux, FreeBSD,
and OS X, specific system calls satisfying the above re-
•
quirements are modify_ldt/i386_set_ldt, sigaction,
Guest Data Segment
sigaltstack, mmap, and mprotect. Windows NT, 2000,
and XP support equivalent system calls, though we have
•
not ported vx32 to Windows. We have not examined
Guest Control Segment
whether Windows Vista retains this functionality.
Guest code. Although vx32 uses x86 segmentation
• vx32 sandbox library
for data sandboxing, it assumes that guest code running
in the sandbox conforms to the 32-bit “flat model” and
makes no explicit reference to segment registers. In fact,
vx32 rewrites any guest instructions referring to segment
registers so that they raise a virtual illegal instruction
exception. This “flat model” assumption is reasonable
for practically all modern, compiled 32-bit x86 code; it
Bryan Ford and Russ Cox,only if, for example, the
would typically be a problem “Vx32: Lightweight
User-level Sandboxing on the DOS or USENIX
sandboxed guest wished to run 16-bit x86,” Windows
2008 or wished to run apaper award) of vx32 itself.
code (Best student nested instance
Some modern multithreading libraries use segment Figure 1: Guest and Host Address Space Structure
13. int 0x64
Plan 9 Plan 9 Plan 9
1 a.out a.out a.out virtual
trap
vx32 sandbox library
Modified Plan 9 kernel
Host OS
(Linux, *BSD, MacOS X)
14. 08048160 int 0x64
unsafe
b7d8d0f9 mov ebx, fs:[0x2c] GCS
b7d8d100 mov fs:[0x20], eax
b7d8d106 mov eax, 0x264 ; 0x264 = int 0x64
b7d8d10b mov fs:[0x40], 0x8048162
b7d8d116 jmb vxrun_gentrap
(fragment index table)
code fragment cache
Guest
Control (code fragment)
Segment
Endpoint hash table
Fixed execution state, register save area
16. 1.0
1.0
1.
1.
1.0
1
1.
1
0.98
1
Core 2 D
Core 2 D
Core 2 D
1.0
Core 2 D
Core 2 D
Athlon64
Athlon64
Athlon64
Athlon64
Athlon64
1.
1.
Xeon, Li
Xeon, Li
Xeon, Li
Xeon, Li
Xeon, Li
Pentium
Pentium
Pentium
Pentium
Pentium
Pentium
Pentium
Pentium
Pentium
Pentium
Opteron
Opteron
Opteron
Opteron
Opteron
0.92
1
0.85
0.74
0
Athlon64 x86-32, Linux
Athlon64 x86-32, Linux
Athlon64 x86-32, Linux
Athlon64 x86-32, Linux
Athlon64 x86-32, Linux
Opteron x86-32, Linux
Opteron x86-32, Linux
Opteron x86-32, Linux
Opteron x86-32, Linux
Opteron x86-32, Linux
md5 sha1 sha512 ripemd whirlpool
Core 2 Duo, OS X
Core 2 Duo, OS X
Core 2 Duo, OS X
Core 2 Duo, OS X
Core 2 Duo, OS X
Pentium M, Linux
Pentium M, Linux
Pentium M, Linux
Pentium M, Linux
Pentium M, Linux
Pentium 4, Linux
Pentium 4, Linux
Pentium 4, Linux
Pentium 4, Linux
Pentium 4, Linux
Xeon, Linux
Xeon, Linux
Xeon, Linux
Xeon, Linux
Xeon, Linux
10: Normalized run times for cryptographic hash functions running under vx32. Each bar plots run time using vx32
time for the same benchmark running natively (smaller bars mark faster runs).
0
VMWare QEMU md5 sha1 sha512 ripemd whirlpool
Figure 10: Normalized run times for cryptographic hash functions running under vx32. Each bar plots run time using vx32 divided
4.8
23
21
22
18
9.1
3.9
by run time for the same benchmark running natively (smaller bars mark faster runs).
3.8
4
2.8
3
2.7
2.7
2.6
4.8
23
21
22
18
9.1
3.9
3.8
2.5
4
1.90
1.90
1.69
2
2.8
3
2.7
2.7
2.6
2.5
1.32
1.90
1.90
1.00
0.93
1.69
2
vx32 0.57
vx32 0.63
1
QEMU1.32
VMware
VMware
VMware
VMware
VMware
VMware
VMware
1.00
0.93
QEMU
QEMU
QEMU
QEMU
QEMU
QEMU
native
native
native
native
native
native
native
vx32 0.57
vx32 0.63
vx32
vx32
vx32
vx32
vx32
1
VMware
VMware
VMware
VMware
VMware
VMware
VMware
QEMU
QEMU
QEMU
QEMU
QEMU
QEMU
QEMU
native
native
native
native
native
native
native
0
vx32
vx32
vx32
vx32
vx32
0
syscall pipe-byte pipe-bulk rdwr sha1zero du mk
syscall pipe-byte pipe-bulk rdwr sha1zero du mk
11: Normalized Normalized run times for simple Plan 9 benchmarks. The four barsbars correspond9to Plannatively, Plan 9 VX,
Figure 11: run times for simple Plan 9 benchmarks. The four correspond to Plan running 9 running natively, Pla
under VMware Workstation 6.0.2 on Linux, and Plan 9 under QEMU on LinuxLinux using the kqemu kernel extensio
Plan 9 under VMware Workstation 6.0.2 on Linux, and Plan 9 under QEMU on using the kqemu kernel extension. Each
bar plots run time divided by the native Plan 9 run time (smaller bars mark faster runs). The tests are: swtch, a system call that
ts run time divided by theprocess, causing a9contexttime (smaller bars marktwo processes sending a single byte back and forthsystem
reschedules the current native Plan run switch (sleep(0)); pipe-byte, faster runs). The tests are: swtch, a
dules theover a pairprocess,pipe-bulk, twocontext switch (sleep(0)); pipe-byte, two data over a pipe; rdwr, aa single byte back a
current of pipes; causing a processes (one sender, one receiver) transferring bulk processes sending single process
pair of pipes; pipe-bulk, two processes; sha1zero, a singleone receiver) /dev/zero and computing its over a pipe; rdwr, a single
copying from /dev/zero to /dev/null (one sender, process reading transferring bulk data SHA1 hash; du, a single
process traversing the file system; and mk, building a Plan 9 kernel. See Section 5.3 for performance explanations.
g from /dev/zero to /dev/null; sha1zero, a single process reading /dev/zero and computing its SHA1 hash; du,
s traversing the file system; and mk, building a Plan 9 kernel. See Section 5.3 for performance explanations.
17. Tiny Core Linux
• DawmSmallLinux Robert
Shingledecker
• Linux GUI 10 MB
• BusyBox Tiny X FLTK
• 3.0 7/31
• 2.6.11