Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
38 tokens/sec
GPT-4o
59 tokens/sec
Gemini 2.5 Pro Pro
41 tokens/sec
o3 Pro
7 tokens/sec
GPT-4.1 Pro
50 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

Loupe: Driving the Development of OS Compatibility Layers (2309.15996v1)

Published 27 Sep 2023 in cs.OS

Abstract: Supporting mainstream applications is fundamental for a new OS to have impact. It is generally achieved by developing a layer of compatibility allowing applications developed for a mainstream OS like Linux to run unmodified on the new OS. Building such a layer, as we show, results in large engineering inefficiencies due to the lack of efficient methods to precisely measure the OS features required by a set of applications. We propose Loupe, a novel method based on dynamic analysis that determines the OS features that need to be implemented in a prototype OS to bring support for a target set of applications and workloads. Loupe guides and boosts OS developers as they build compatibility layers, prioritizing which features to implement in order to quickly support many applications as early as possible. We apply our methodology to 100+ applications and several OSes currently under development, demonstrating high engineering effort savings vs. existing approaches: for example, for the 62 applications supported by the OSv kernel, we show that using Loupe, would have required implementing only 37 system calls vs. 92 for the non-systematic process followed by OSv developers. We study our measurements and extract novel key insights. Overall, we show that the burden of building compatibility layers is significantly less than what previous works suggest: in some cases, only as few as 20% of system calls reported by static analysis, and 50% of those reported by naive dynamic analysis need an implementation for an application to successfully run standard benchmarks.

PDF HTML Abstract
Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize File Document Download Save Streamline Icon: https://streamlinehq.com PDF File Document Download Save Streamline Icon: https://streamlinehq.com Markdown Bookmark Chat Bubble Oval Streamline Icon: https://streamlinehq.com Chat (Pro)
Definition Search Book Streamline Icon: https://streamlinehq.com
References (65)
  1. debhelper(7) — linux manual page. https://www.man7.org/linux/man-pages/man7/debhelper.7.html, accessed 08/17/23.
  2. dh_auto_test - automatically runs a package’s test suites. https://manpages.debian.org/testing/debhelper/dh_auto_test.1.en.html, accessed 08/17/23.
  3. errno - number of last error (including a description of -ENOSYS). https://www.man7.org/linux/man-pages/man3/errno.3.html, accessed 08/01/23.
  4. Github – Rumprun packages: Ready-made packages of software for running on the Rumprun unikernel. https://github.com/rumpkernel/rumprun-packages, accessed 08/01/23.
  5. Google Fuchsia website. https://fuchsia.dev/, accessed 08/01/23.
  6. Google Gvisor Github webpage. https://github.com/google/gvisor, accessed 05/03/2018.
  7. Gramine: a library OS for unmodified applications. https://gramineproject.io, accessed 08/10/23.
  8. How sqlite is tested. https://www.sqlite.org/testing.html, accessed 08/17/23.
  9. iPerf - the ultimate speed test tool for TCP, UDP and SCTP. https://iperf.fr/iperf-doc.php, accessed 08/01/23.
  10. Kerla GitHub repository: A new Operating System kernel with Linux binary compatibility written in Rust. https://github.com/nuta/kerla, accessed 08/01/23.
  11. Linuxulator (Linux emulation): running unmodified Linux binaries under FreeBSD. https://wiki.freebsd.org/Linuxulator, accessed 08/01/23.
  12. madvise(2) — Linux manual page. https://man7.org/linux/man-pages/man2/madvise.2.html, accessed 08/01/23.
  13. Newlib: a c library intended for use on embedded systems. https://sourceware.org/newlib/, accessed 12/12/2017.
  14. Nginx docs: Configuring logging. https://docs.nginx.com/nginx/admin-guide/monitoring/logging/, accessed 08/17/23.
  15. nscd - name service cache daemon. https://www.man7.org/linux/man-pages/man8/nscd.8.html, accessed 08/17/23.
  16. OpenBenchmarking.org software repository. https://openbenchmarking.org/, accessed 08/01/23.
  17. OSv application repository. https://github.com/cloudius-systems/osv-apps, accessed 08/01/23.
  18. Proton (Valve Software) GitHub repository. https://github.com/ValveSoftware/Proton, accessed 08/01/23.
  19. ptrace(2) - process trace. https://man7.org/linux/man-pages/man2/ptrace.2.html, accessed 07/31/2023.
  20. ReactOS Github page: A free Windows-compatible Operating System. https://github.com/reactos/reactos, accessed 08/01/23.
  21. Redis benchmark: Using the redis-benchmark utility on a Redis server. https://redis.io/docs/management/optimization/benchmarks/, accessed 08/01/23.
  22. Redis test suite. https://github.com/redis/redis/tree/unstable/tests, accessed 08/17/23.
  23. seccomp(2) - operate on secure computing state of the process. https://man7.org/linux/man-pages/man2/seccomp.2.html, accessed 07/31/2023.
  24. strace - linux syscall tracer. https://strace.io/, accessed 08/17/23.
  25. Unikraft application repository: Applications supported by the Unikraft libOS. https://github.com/orgs/unikraft/repositories, accessed 08/01/23.
  26. Unikraft static binary analysis tool (part of the Loupe artifact). https://github.com/unikraft/loupe/tree/staging/src/static-binary-analyser, accessed 08/17/23.
  27. Unikraft static source analysis tool (part of the Loupe artifact). https://github.com/unikraft/loupe/tree/staging/src/static-source-analyser, accessed 08/17/23.
  28. Wine HQ – a compatibility layer to run Windows applications on POSIX. https://www.winehq.org/about, accessed 08/01/23.
  29. wrk - a HTTP benchmarking tool. https://github.com/wg/wrk, accessed 08/01/23.
  30. Zephyr Project: A proven RTOS ecosystem. https://www.zephyrproject.org/, accessed 08/01/23.
  31. Providing a Linux API on the scalable K42 kernel. In Proceedings of the 2003 USENIX Annual Technical Conference, FREENIX Track, ATC’03, 2003.
  32. POSIX abstractions in modern operating systems: The old, the new, and the missing. In Proceedings of the 11th European Conference on Computer Systems, EuroSys’16, 2016.
  33. Breaking the boundaries in heterogeneous-ISA datacenters. In Proceedings of the 22nd International Conference on Architectural Support for Programming Languages and Operating Systems, ASPLOS’17, 2017.
  34. The multikernel: a new OS architecture for scalable multicore systems. In Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles, SOSP’09, 2009.
  35. Saphire: Sandboxing PHP applications with tailored system call allowlists. In Proceedings of the 30th USENIX Security Symposium, USENIX Security’21, 2021.
  36. Automating seccomp filter generation for Linux applications. In Proceedings of the 2021 on Cloud Computing Security Workshop, CCSW’21, 2021.
  37. Sysfilter: Automated system call filtering for commodity software. In Proceedings of the 23rd International Symposium on Research in Attacks, Intrusions and Defenses, RAID’20, 2020.
  38. Confine: Automated system call policy generation for container attack surface reduction. In Proceedings of the 23rd International Symposium on Research in Attacks, Intrusions and Defenses, RAID’20, 2020.
  39. Embassies: Radically refactoring the web. In Proceedings of the 10th USENIX Symposium on Networked Systems Design and Implementation, NSDI’13, 2013.
  40. How to run POSIX apps in a minimal picoprocess. In Proceedings of the 2013 USENIX Annual Technical Conference, ATC’13, 2013.
  41. Antti Kantee. The rise and fall of the operating system. USENIX login, 40(5), 2015.
  42. The AMD Opteron processor for multiprocessor servers. IEEE Micro, 23(2), 2003.
  43. OSv - optimizing the operating system for virtual machines. In Proceedings of the 2014 USENIX Annual Technical Conference, ATC’14, 2014.
  44. K42: building a complete operating system. In Proceedings of the 1st European Conference on Computer Systems, EuroSys’06, 2006.
  45. Unikraft: Fast, specialized unikernels the easy way. In Proceedings of the 16th European Conference on Computer Systems, EuroSys’21, 2021.
  46. A Linux in Unikernel Clothing. In Proceedings of the 15th European Conference on Computer Systems, EuroSys’20, 2020.
  47. Unikraft and the coming of age of unikernels. USENIX; login, 2021.
  48. Unikernels: library operating systems for the cloud. In Proceedings of the 18th International Conference on Architectural Support for Programming Languages and Operating Systems, ASPLOS’13, 2013.
  49. Clickos and the art of network function virtualization. In Proceedings of the 11th USENIX Conference on Networked Systems Design and Implementation, NSDI’14, 2014.
  50. Christopher McLellan. Docker desktop for Mac - support for running x86-64 binaries with Rosetta 2, 2022. https://github.com/docker/roadmap/issues/384, accessed 08/01/23.
  51. A binary-compatible unikernel. In Proceedings of the 15th ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments, VEE’19, 2019.
  52. A syscall-level binary-compatible unikernel. IEEE Transactions on Computers, 2021.
  53. OSv Contributors. Stub of io_setup, 2021. https://github.com/cloudius-systems/osv/blob/317d259ab5b0b49a1a114bc837147746e471abc9/core/libaio.cc#L17, accessed 08/21/2022.
  54. Automated policy synthesis for system call sandboxing. Proceedings of the ACM on Programming Languages, 4(OOPSLA), 2020.
  55. Rethinking the Library OS from the top down. In Proceedings of the 16th International Conference on Architectural Support for Programming Languages and Operating Systems, ASPLOS’11, 2011.
  56. Browsix: Bridging the gap between UNIX and the browser. In Proceedings of the 22nd International Conference on Architectural Support for Programming Languages and Operating Systems, ASPLOS’17, 2017.
  57. FL. Rawson. Experience with the development of a microkernel-based, multiserver operating system. In Proceedings of the 6th Workshop on Hot Topics in Operating Systems, 1997.
  58. Unikernel Linux (UKL). In Proceedings of the 18th European Conference on Computer Systems, EuroSys’23, 2023.
  59. Enhancing server availability and security through failure-oblivious computing. In Proceedings of the 6th Conference on Symposium on Operating Systems Design & Implementation, OSDI’04, 2004.
  60. Willy Tarreau. Nolibc: a minimal C-library replacement shipped with the kernel, 2023. https://lwn.net/Articles/920158/.
  61. Windows Subsystem for Linux (WSL) overview, 2016. https://learn.microsoft.com/en-us/archive/blogs/wsl/windows-subsystem-for-linux-overview.
  62. Cooperation and security isolation of library OSes for multi-process applications. In Proceedings of the 9th European Conference on Computer Systems, EuroSys’14, 2014.
  63. A study of modern Linux API usage and compatibility: what to support when you’re supporting. In Proceedings of the 11th European Conference on Computer Systems, EuroSys’16, 2016.
  64. Graphene-SGX: A practical library OS for unmodified applications on SGX. In Proceedings of the 2017 USENIX Annual Technical Conference, ATC’17, 2017.
  65. D. Wagner and R. Dean. Intrusion detection via static analysis. In Proceedings of the 2001 IEEE Symposium on Security and Privacy., S&P’01, 2000.
User Edit Pencil Streamline Icon: https://streamlinehq.com
Authors (8)
  1. Hugo Lefeuvre (6 papers)
  2. Gaulthier Gain (3 papers)
  3. Vlad-Andrei Bădoiu (8 papers)
  4. Daniel Dinca (1 paper)
  5. Vlad-Radu Schiller (1 paper)
  6. Costin Raiciu (10 papers)
  7. Felipe Huici (10 papers)
  8. Pierre Olivier (16 papers)
Citations (3)
View on Semantic Scholar