FlexOS: making OS isolation flexible

Hugo Lefeuvre; Vlad-Andrei Bădoiu; Stefan Lucian Teodorescu; Tiberiu Mosnoi; Costin Raiciu; Pierre Olivier; Răzvan Deaconescu; Felipe Huici

doi:10.1145/3458336.3465292

FlexOS: making OS isolation flexible

Hugo Lefeuvre, Vlad-Andrei Bădoiu, Stefan Lucian Teodorescu, Tiberiu Mosnoi, Costin Raiciu, Pierre Olivier, Răzvan Deaconescu, Felipe Huici

Research output: Chapter in Book/Report/Conference proceeding › Chapter › peer-review

147 Downloads (Pure)

Abstract

OS design is traditionally heavily intertwined with protection mechanisms. OSes statically commit to one or a combination of (1) hardware isolation, (2) runtime checking, and (3) software verification early at design time. Changes after deployment require major refactoring; as such, they are rare and costly. In this paper, we argue that this strategy is at odds with recent hardware and software trends: protections break (Meltdown), hardware becomes heterogeneous (Memory Protection Keys, CHERI), and multiple mechanisms can now be used for the same task (software hardening, verification, HW isolation, etc). In short, the choice of isolation strategy and primitives should be postponed to deployment time.

We present FlexOS, a novel, modular OS design whose compartmentalization and protection profile can seamlessly be tailored towards a specific application or use-case at build time. FlexOS offers a language to describe components' security needs/behavior, and to automatically derive from it a compartmentalization strategy. We implement an early proto-type of FlexOS that can automatically generate a large array of different OSes implementing different security strategies.

Original language	English
Title of host publication	HotOS 2021 - Proceedings of the 2021 Workshop on Hot Topics in Operating Systems
Place of Publication	New York, United States
Publisher	Association for Computing Machinery
Pages	79–87
Number of pages	9
ISBN (Electronic)	978-1-4503-8438-4
ISBN (Print)	9781450384384
DOIs	https://doi.org/10.1145/3458336.3465292
Publication status	Published - 1 Jun 2021
Event	HotOS '21: Workshop on Hot Topics in Operating Systems - Ann Arbor, Michigan, United States Duration: 31 May 2021 → 2 Jun 2021

Publication series

Name	HotOS 2021 - Proceedings of the 2021 Workshop on Hot Topics in Operating Systems

Conference

Conference	HotOS '21: Workshop on Hot Topics in Operating Systems
Country/Territory	United States
City	Ann Arbor, Michigan
Period	31/05/21 → 2/06/21

Access to Document

10.1145/3458336.3465292

flexos-hotos21Final published version, 573 KB

Cite this

Lefeuvre, H., Bădoiu, V-A., Teodorescu, S. L., Mosnoi, T., Raiciu, C., Olivier, P., Deaconescu, R., & Huici, F. (2021). FlexOS: making OS isolation flexible. In HotOS 2021 - Proceedings of the 2021 Workshop on Hot Topics in Operating Systems (pp. 79–87). (HotOS 2021 - Proceedings of the 2021 Workshop on Hot Topics in Operating Systems). Association for Computing Machinery. https://doi.org/10.1145/3458336.3465292

@inbook{cb554f864e9248abb0364d77d79a7d4b,

title = "FlexOS: making OS isolation flexible",

abstract = "OS design is traditionally heavily intertwined with protection mechanisms. OSes statically commit to one or a combination of (1) hardware isolation, (2) runtime checking, and (3) software verification early at design time. Changes after deployment require major refactoring; as such, they are rare and costly. In this paper, we argue that this strategy is at odds with recent hardware and software trends: protections break (Meltdown), hardware becomes heterogeneous (Memory Protection Keys, CHERI), and multiple mechanisms can now be used for the same task (software hardening, verification, HW isolation, etc). In short, the choice of isolation strategy and primitives should be postponed to deployment time.We present FlexOS, a novel, modular OS design whose compartmentalization and protection profile can seamlessly be tailored towards a specific application or use-case at build time. FlexOS offers a language to describe components' security needs/behavior, and to automatically derive from it a compartmentalization strategy. We implement an early proto-type of FlexOS that can automatically generate a large array of different OSes implementing different security strategies.",

author = "Hugo Lefeuvre and Vlad-Andrei B{\u a}doiu and Teodorescu, {Stefan Lucian} and Tiberiu Mosnoi and Costin Raiciu and Pierre Olivier and R{\u a}zvan Deaconescu and Felipe Huici",

note = "Funding Information: We would like to thank the anonymous reviewers for their comments and insights. A special thanks goes to Julia Lawall for her help on Coccinelle. This work was partly funded by EU H2020 grant agreements 825377 (UNICORE), 871793 (ACCORDION) and 758815 (CORNET), as well as the UK{\textquoteright}s EPSRC New Investigator Award grant EP/V012134/1. Publisher Copyright: {\textcopyright} 2021 ACM.; HotOS '21: Workshop on Hot Topics in Operating Systems ; Conference date: 31-05-2021 Through 02-06-2021",

year = "2021",

month = jun,

day = "1",

doi = "10.1145/3458336.3465292",

language = "English",

isbn = "9781450384384",

series = "HotOS 2021 - Proceedings of the 2021 Workshop on Hot Topics in Operating Systems",

publisher = "Association for Computing Machinery",

pages = "79–87",

booktitle = "HotOS 2021 - Proceedings of the 2021 Workshop on Hot Topics in Operating Systems",

address = "United States",

}

Lefeuvre, H, Bădoiu, V-A, Teodorescu, SL, Mosnoi, T, Raiciu, C, Olivier, P, Deaconescu, R & Huici, F 2021, FlexOS: making OS isolation flexible. in HotOS 2021 - Proceedings of the 2021 Workshop on Hot Topics in Operating Systems. HotOS 2021 - Proceedings of the 2021 Workshop on Hot Topics in Operating Systems, Association for Computing Machinery, New York, United States, pp. 79–87, HotOS '21: Workshop on Hot Topics in Operating Systems, Ann Arbor, Michigan, United States, 31/05/21. https://doi.org/10.1145/3458336.3465292

FlexOS: making OS isolation flexible. / Lefeuvre, Hugo; Bădoiu, Vlad-Andrei; Teodorescu, Stefan Lucian et al.
HotOS 2021 - Proceedings of the 2021 Workshop on Hot Topics in Operating Systems. New York, United States: Association for Computing Machinery, 2021. p. 79–87 (HotOS 2021 - Proceedings of the 2021 Workshop on Hot Topics in Operating Systems).

Research output: Chapter in Book/Report/Conference proceeding › Chapter › peer-review

TY - CHAP

T1 - FlexOS: making OS isolation flexible

AU - Lefeuvre, Hugo

AU - Bădoiu, Vlad-Andrei

AU - Teodorescu, Stefan Lucian

AU - Mosnoi, Tiberiu

AU - Raiciu, Costin

AU - Olivier, Pierre

AU - Deaconescu, Răzvan

AU - Huici, Felipe

N1 - Funding Information: We would like to thank the anonymous reviewers for their comments and insights. A special thanks goes to Julia Lawall for her help on Coccinelle. This work was partly funded by EU H2020 grant agreements 825377 (UNICORE), 871793 (ACCORDION) and 758815 (CORNET), as well as the UK’s EPSRC New Investigator Award grant EP/V012134/1. Publisher Copyright: © 2021 ACM.

PY - 2021/6/1

Y1 - 2021/6/1

N2 - OS design is traditionally heavily intertwined with protection mechanisms. OSes statically commit to one or a combination of (1) hardware isolation, (2) runtime checking, and (3) software verification early at design time. Changes after deployment require major refactoring; as such, they are rare and costly. In this paper, we argue that this strategy is at odds with recent hardware and software trends: protections break (Meltdown), hardware becomes heterogeneous (Memory Protection Keys, CHERI), and multiple mechanisms can now be used for the same task (software hardening, verification, HW isolation, etc). In short, the choice of isolation strategy and primitives should be postponed to deployment time.We present FlexOS, a novel, modular OS design whose compartmentalization and protection profile can seamlessly be tailored towards a specific application or use-case at build time. FlexOS offers a language to describe components' security needs/behavior, and to automatically derive from it a compartmentalization strategy. We implement an early proto-type of FlexOS that can automatically generate a large array of different OSes implementing different security strategies.

AB - OS design is traditionally heavily intertwined with protection mechanisms. OSes statically commit to one or a combination of (1) hardware isolation, (2) runtime checking, and (3) software verification early at design time. Changes after deployment require major refactoring; as such, they are rare and costly. In this paper, we argue that this strategy is at odds with recent hardware and software trends: protections break (Meltdown), hardware becomes heterogeneous (Memory Protection Keys, CHERI), and multiple mechanisms can now be used for the same task (software hardening, verification, HW isolation, etc). In short, the choice of isolation strategy and primitives should be postponed to deployment time.We present FlexOS, a novel, modular OS design whose compartmentalization and protection profile can seamlessly be tailored towards a specific application or use-case at build time. FlexOS offers a language to describe components' security needs/behavior, and to automatically derive from it a compartmentalization strategy. We implement an early proto-type of FlexOS that can automatically generate a large array of different OSes implementing different security strategies.

UR - http://www.scopus.com/inward/record.url?scp=85107893011&partnerID=8YFLogxK

U2 - 10.1145/3458336.3465292

DO - 10.1145/3458336.3465292

M3 - Chapter

SN - 9781450384384

T3 - HotOS 2021 - Proceedings of the 2021 Workshop on Hot Topics in Operating Systems

SP - 79

EP - 87

BT - HotOS 2021 - Proceedings of the 2021 Workshop on Hot Topics in Operating Systems

PB - Association for Computing Machinery

CY - New York, United States

T2 - HotOS '21: Workshop on Hot Topics in Operating Systems

Y2 - 31 May 2021 through 2 June 2021

ER -

Lefeuvre H, Bădoiu V-A, Teodorescu SL, Mosnoi T, Raiciu C, Olivier P et al. FlexOS: making OS isolation flexible. In HotOS 2021 - Proceedings of the 2021 Workshop on Hot Topics in Operating Systems. New York, United States: Association for Computing Machinery. 2021. p. 79–87. (HotOS 2021 - Proceedings of the 2021 Workshop on Hot Topics in Operating Systems). doi: 10.1145/3458336.3465292

FlexOS: making OS isolation flexible

Abstract

Publication series

Conference

Access to Document

Other files and links

Fingerprint

Cite this