Protected Data Plane OS Using Memory Protection Keys and Lightweight Activation

Abstract: Increasing data center network speed coupled with application requirements for high throughput and low latencies have raised the efficiency bar for network stacks. To reduce substantial kernel overhead in network processing, recent proposals bypass the kernel or implement the stack as user space OS service -- both with performance isolation, security, and resource efficiency trade-offs. We present Tardis, a new network stack architecture that combines the performance and resource efficiency benefits of kernel-bypass and the security and performance enforcement of in-kernel stacks. Tardis runs the OS I/O stack in user-level threads that share both address spaces and kernel threads with applications, avoiding almost all kernel context switch and cross-core communication overheads. To provide sufficient protection, Tardis leverages x86 protection keys (MPK) extension to isolate the I/O stack from application code. And to enforce timely scheduling of network processing and fine-grained performance isolation, Tardis implements lightweight scheduler activations with preemption timers.