Exploring Rust for Unikernel Development
Stefan Lankes,Jens Breitbart,Simon Pickartz +2 more
- 27 Oct 2019
- pp 8-15
TL;DR: This paper explores the programming language Rust for kernel development and presents RustyHermit, which is a unikernel completely written in Rust without any C/C++, and shows that the support for Rusty hermit can be transparently integratable in the Rust toolchain and common Rust applications are build-able on top ofRustHermit.
read more
Abstract: System-level development has been dominated by programming languages like C/C++ for decades. These languages are inherently unsafe, error-prone, and a major reason for vulnerabilities. High-level programming languages with a secure memory model and strong type system are able to improve the quality of the system software. In this paper, we explore the programming language Rust for kernel development and present RustyHermit, which is a unikernel completely written in Rust without any C/C++. We show that the support for RustyHermit can be transparently integratable in the Rust toolchain and common Rust applications are build-able on top of RustyHermit. Previously, we developed the C-based unikernel HermitCore with a similar design to RustyHermit and we are able to compare both kernels. We show that the performance of both kernels is similar and only ~3.27 % of RustyHermit relies on unsafe code, that cannot be checked by the compiler in detail.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
Intra-unikernel isolation with Intel memory protection keys
Mincheol Sung,Pierre Olivier,Stefan Lankes,Binoy Ravindran +3 more
- 17 Mar 2020
TL;DR: A new design is proposed that brings memory isolation inside a unikernel instance while keeping a single address space, and leverages Intel's Memory Protection Key to do so without impacting the lightweightness and performance benefits of unikernels.
64
•Proceedings Article
RedLeaf: Isolation and Communication in a Safe Operating System.
Vikram Narayanan,Tianjiao Huang,David Detweiler,Dan Appel,Zhaofeng Li,Gerd Zellweger,Anton Burtsev +6 more
- 01 Jan 2020
TL;DR: A new abstraction of a lightweight language-based isolation domain that provides a unit of information hiding and fault isolation in Rust, and demonstrates the possibility to implement end-to-end zero-copy, fault isolation, and transparent recovery of device drivers.
Preventing Kernel Hacks with HAKCs
Derrick McKee,Yianni Giannaris,Carolina Ortega,Howie Shrobe,Mathias J. Payer,Hamed Okhravi,Nathan Burow +6 more
- 01 Jan 2022
The Benefits and Costs of Writing a POSIX Kernel in a High-Level Language.
Cody Cutler,M. Frans Kaashoek,Robert Morris +2 more
- 01 Jan 2019
TL;DR: Biscuit as discussed by the authors is a high-level language (HLL) with garbage collection to implement a monolithic POSIX-style kernel, which makes liberal use of Go's HLL features (closures, channels, maps, interfaces, garbage collected heap allocation), subjectively made programming easier.
15
Fast Intra-kernel Isolation and Security with IskiOS
TL;DR: In this article, the authors present an approach to memory protection, allowing PKU to be used within the operating system kernel on existing Intel hardware, replacing the traditional user/supervisor isolation mechanism and simultaneously enabling efficient intra-kernel isolation.
14
References
google,我,萨娜
方华
- 01 Jan 2006
TL;DR: After you change your VT Google password, you will be unable to log on to VT Google Apps services including Mail, Drive, Groups, etc.
3.8K
Unikernels: library operating systems for the cloud
Anil Madhavapeddy,Richard Mortier,Charalampos Rotsos,David Scott,Balraj Singh,Thomas Gazagnaire,Steven G. Smith,Steven Hand,Jon Crowcroft +8 more
- 16 Mar 2013
TL;DR: The Mirage prototype compiles OCaml code into unikernels that run on commodity clouds and offer an order of magnitude reduction in code size without significant performance penalty, and demonstrates that the hypervisor is a platform that overcomes the hardware compatibility issues that have made past library operating systems impractical to deploy in the real-world.
The Go Programming Language
TL;DR: Andrew Gerrand explains how Go intends to simplify problems which have been motifs as Google has scaled, including the details behind how Go was conceived and how the open source community contributes to it.
434
Unikernels: the rise of the virtual library operating system
Anil Madhavapeddy,David Scott +1 more
TL;DR: What if all the software layers in a virtual appliance were compiled within the same safe, high-level language framework?
196
•Proceedings Article
OS v : optimizing the operating system for virtual machines
Avi Kivity,Dor Laor,Glauber Costa,Pekka Enberg,Nadav Har'El,Don Marti,Vlad Zolotarov +6 more
- 19 Jun 2014
TL;DR: The design and implementation of OSv is presented, a new guest operating system designed specifically for running a single application on a virtual machine in the cloud that addresses the duplication issues by using a low-overhead library-OS-like design.
Related Papers (5)
Joshua Yanovski,Hoang-Hai Dang,Ralf Jung,Derek Dreyer +3 more
- 18 Aug 2021
Christopher League,Zhong Shao +1 more
- 01 Jan 2002