lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 29 Apr 2020 15:32:47 -0400
From:   Javier Malave <javier.malave@...findustries.com>
To:     bx@...findustries.com
Cc:     Javier Malave <javier.malave@...findustries.com>,
        linux-kernel@...r.kernel.org, ah@...findustries.com
Subject: [RFC 0/9] Popcorn Linux Distributed Thread Execution

This patch set adds the Popcorn Distributed Thread Execution support
to the kernel. It is based off of Linux 5.2 commit 72a20ce. We are
looking for feedback on design and implementation from the community.

Background
==========

Popcorn Linux is a collaborative work by the Software and Systems Research
Group at Virginia Tech. It is based on the original thesis by David
Katz. Principal contributors since include, Sang-Hoon Kim, Maria Sadini
Ajith Saya, Vicnent Legout, Antonio Barbalace and Binoy Ravindran. 

Popcorn Linux is a Linux kernel-based software stack that enables
applications to execute, with a shared code base, on distributed hosts.
Popcorn allows applications to start execution on a particular host and
migrate, at run-time, to a remote host. Multi-threaded applications may
migrate any particular thread to any remote host. 

Unlike userspace checkpoint-restart solutions (e.g., CRIU), Popcorn 
enables seamless and dynamic migration across hosts during execution
(no user interaction), and ensures coherent virtual memory across hosts 
for concurrent thread execution.

Popcorn Linux implements a software-based distributed shared memory 
by extending Linux's virtual memory subsystem and it enables processes 
on different machines to observe a common and coherent virtual address
space. Coherency of virtual memory pages of different hosts is ensured 
using a reader-replicate/writer-invalidate, page-level consistency protocol.

The version of Popcorn Linux presented in this RFC supports only x86
configurations. The stack in this RFC includes a modified kernel and a 
userspace run-time library.

There is a more advanced version of Popcorn Linux that allows applications
to concurrently execute across ISA-different cores (.e.g. X86, ARM). This 
feature-rich version adds a customized LLVM-compiler toolchain to the stack. 
Nevertheless, this RFC focuses on a simpler single-architecture form of 
Popcorn that does not require compiler modifications.

Both the compiler toolchain and the heterogeneous implementation of
Popcorn Linux may be found at these github locations. It should be noted
the heterogeneous version is under active development and is likely less 
stable than the one provided in this patch.

Heterogeneous Popcorn Linux
https://github.com/ssrg-vt/popcorn-kernel

LLVM Compiler
https://github.com/ssrg-vt/popcorn-compiler

More information on the Popcorn Linux research team and their current
work may be found here:

http://popcornlinux.org/

Popcorn Library
===============

The Popcorn kernel library is a suite of light tests that showcase
the use of Popcorn's core system calls. These tests allow for a 
basic migration of processes and threads between 2 or more nodes.

The test suite is being expanded and may be found in at 
https://github.com/ssrg-vt/popcorn-kernel-lib. The branch 
matching this RFC kernel code base is called "upstream". 

Reverting L1TF protections
==========================

This initial iteration of code currently reverts L1TF side channel
protections on x86 systems. Future iterations of code will comply
with the L1TF patches and current pagetable walking algorithms.

Security Disclaimer
===================

Popcorn Linux assumes that it is operating across equally-trusted host
systems. This patch-set is intended to initiate discussions and should
not be built and loaded onto public (internet-connected) machines.
Popcorn Linux, as-is, runs a kernel-based daemon that listens for
messages passed to it via a TCP socket.  This IP-based message layer
is intended for Popcorn testing and development purposes only, given
obvious latency and security issues stemming from passing pages and
kernel structures over TCP.

Andrew Hughes (9):
  Core Popcorn Changes Popcorn Linux
  Add x86 specifc files for Popcorn
  Temporarily revert L1TF mitigation for Popcorn
  Popcorn system call additions
  Popcorn Utility
  Process Server for Popcorn Distributed Thread Execution
  Virtual Memory Address Server for Distributed Thread Execution
  Page Server for Distributed Thread Execution
  Add Popcorn Message Layer and socket support

 arch/x86/Kconfig                       |    3 +
 arch/x86/entry/syscalls/syscall_64.tbl |    3 +
 arch/x86/include/asm/pgtable-2level.h  |   17 -
 arch/x86/include/asm/pgtable-3level.h  |    2 -
 arch/x86/include/asm/pgtable.h         |   52 +-
 arch/x86/include/asm/pgtable_64.h      |    2 -
 arch/x86/kernel/Makefile               |    1 +
 arch/x86/kernel/process_server.c       |  250 +++
 arch/x86/mm/fault.c                    |   18 +
 arch/x86/mm/mmap.c                     |   21 -
 drivers/msg_layer/Kconfig              |   28 +
 drivers/msg_layer/Makefile             |    2 +
 drivers/msg_layer/common.h             |   63 +
 drivers/msg_layer/socket.c             |  710 +++++++++
 fs/proc/base.c                         |    9 +
 fs/read_write.c                        |   15 +-
 include/linux/mm_types.h               |   12 +
 include/linux/sched.h                  |   27 +-
 include/linux/syscalls.h               |    9 +
 include/popcorn/bundle.h               |   38 +
 include/popcorn/debug.h                |   38 +
 include/popcorn/page_server.h          |   34 +
 include/popcorn/pcn_kmsg.h             |  205 +++
 include/popcorn/process_server.h       |   18 +
 include/popcorn/regset.h               |   96 ++
 include/popcorn/stat.h                 |   16 +
 include/popcorn/types.h                |   20 +
 include/popcorn/vma_server.h           |   33 +
 include/uapi/asm-generic/mman-common.h |    4 +
 include/uapi/asm-generic/unistd.h      |   11 +-
 kernel/Kconfig.popcorn                 |   54 +
 kernel/Makefile                        |    1 +
 kernel/exit.c                          |    9 +
 kernel/fork.c                          |   51 +-
 kernel/futex.c                         |   32 +
 kernel/popcorn/Makefile                |    7 +
 kernel/popcorn/bundle.c                |  115 ++
 kernel/popcorn/fh_action.c             |  207 +++
 kernel/popcorn/fh_action.h             |   34 +
 kernel/popcorn/init.c                  |   58 +
 kernel/popcorn/page_server.c           | 2019 ++++++++++++++++++++++++
 kernel/popcorn/page_server.h           |   16 +
 kernel/popcorn/pcn_kmsg.c              |  231 +++
 kernel/popcorn/pgtable.h               |   31 +
 kernel/popcorn/process_server.c        | 1037 ++++++++++++
 kernel/popcorn/process_server.h        |   21 +
 kernel/popcorn/stat.c                  |  165 ++
 kernel/popcorn/trace_events.h          |   76 +
 kernel/popcorn/types.h                 |  358 +++++
 kernel/popcorn/util.c                  |  121 ++
 kernel/popcorn/util.h                  |   14 +
 kernel/popcorn/vma_server.c            |  818 ++++++++++
 kernel/popcorn/vma_server.h            |   24 +
 kernel/popcorn/wait_station.c          |   84 +
 kernel/popcorn/wait_station.h          |   27 +
 kernel/sched/core.c                    |  106 +-
 kernel/sys_ni.c                        |    3 +
 mm/gup.c                               |   18 +
 mm/internal.h                          |    4 +
 mm/madvise.c                           |   51 +
 mm/memory.c                            |  236 ++-
 mm/mmap.c                              |   53 +
 mm/mprotect.c                          |   70 +-
 mm/mremap.c                            |   20 +
 64 files changed, 7763 insertions(+), 165 deletions(-)
 create mode 100644 arch/x86/kernel/process_server.c
 create mode 100644 drivers/msg_layer/Kconfig
 create mode 100644 drivers/msg_layer/Makefile
 create mode 100644 drivers/msg_layer/common.h
 create mode 100644 drivers/msg_layer/socket.c
 create mode 100644 include/popcorn/bundle.h
 create mode 100644 include/popcorn/debug.h
 create mode 100644 include/popcorn/page_server.h
 create mode 100644 include/popcorn/pcn_kmsg.h
 create mode 100644 include/popcorn/process_server.h
 create mode 100644 include/popcorn/regset.h
 create mode 100644 include/popcorn/stat.h
 create mode 100644 include/popcorn/types.h
 create mode 100644 include/popcorn/vma_server.h
 create mode 100644 kernel/Kconfig.popcorn
 create mode 100644 kernel/popcorn/Makefile
 create mode 100644 kernel/popcorn/bundle.c
 create mode 100644 kernel/popcorn/fh_action.c
 create mode 100644 kernel/popcorn/fh_action.h
 create mode 100644 kernel/popcorn/init.c
 create mode 100644 kernel/popcorn/page_server.c
 create mode 100644 kernel/popcorn/page_server.h
 create mode 100644 kernel/popcorn/pcn_kmsg.c
 create mode 100644 kernel/popcorn/pgtable.h
 create mode 100644 kernel/popcorn/process_server.c
 create mode 100644 kernel/popcorn/process_server.h
 create mode 100644 kernel/popcorn/stat.c
 create mode 100644 kernel/popcorn/trace_events.h
 create mode 100644 kernel/popcorn/types.h
 create mode 100644 kernel/popcorn/util.c
 create mode 100644 kernel/popcorn/util.h
 create mode 100644 kernel/popcorn/vma_server.c
 create mode 100644 kernel/popcorn/vma_server.h
 create mode 100644 kernel/popcorn/wait_station.c
 create mode 100644 kernel/popcorn/wait_station.h

-- 
2.17.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ