More Web Proxy on the site http://driver.im/

research-article

AnyCall: Fast and Flexible System-Call Aggregation

Authors:

Benedict Herzog,

Wolfgang Schröder-Preikschat,

Timo HönigAuthors Info & Claims

PLOS '21: Proceedings of the 11th Workshop on Programming Languages and Operating Systems

Pages 1 - 8

https://doi.org/10.1145/3477113.3487267

Published: 25 October 2021 Publication History

Abstract

Operating systems rely on system calls to allow the controlled communication of isolated processes with the kernel and other processes. Every system call includes a processor mode switch from the unprivileged user mode to the privileged kernel mode. Although processor mode switches are the essential isolation mechanism to guarantee the system's integrity, they induce direct and indirect performance costs as they invalidate parts of the processor state. In recent years, high-performance networks and storage hardware has made the user/kernel transition overhead the bottleneck for IO-heavy applications. To make matters worse, security vulnerabilities in modern processors (e.g., Meltdown) have prompted kernel mitigations that further increase the transition overhead. To decouple system calls from user/kernel transitions we propose AnyCall, which uses an in-kernel compiler to execute safety-checked user bytecode in kernel mode. This allows for very fast system calls interleaved with error checking and processing logic using only a single user/kernel transition. We have implemented AnyCall based on the Linux kernel's extended Berkeley Packet Filter (eBPF) subsystem. Our evaluation demonstrates that system call bursts are up to 55 times faster using AnyCall and that real-world applications can be sped up by 24 % even if only a minimal part of their code is run by AnyCall.

Supplementary Material

MP4 File (21-10-17_8521e23_169.mp4)

Presentation video - long version

Download
171.15 MB

References

[1]

Mark Aiken, Manuel Fähndrich, Chris Hawblitzel, Galen Hunt, and James Larus. 2006. Deconstructing Process Isolation. In Proceedings of the 2006 Workshop on Memory System Performance and Correctness (MSPC'06). ACM, 1--10. https://doi.org/10.1145/1178597.1178599

Digital Library

[2]

Omar Alhubaiti and El-Sayed M. El-Alfy. 2019. Impact of Spectre/Meltdown Kernel Patches on Crypto-Algorithms on Windows Platforms. In Proceedings of the 2nd International Conference on Innovation and Intelligence for Informatics, Computing, and Technologies (3ICT'19). IEEE, 1--6. https://doi.org/10.1109/3ICT.2019.8910282

[3]

Nadav Amit and Michael Wei. 2018. The Design and Implementation of Hyperupcalls. In Proceedings of the 2018 USENIX Annual Technical Conference (USENIX ATC'18). USENIX, 97--112. Retrieved 2021-05-21 from https://www.usenix.org/system/files/conference/atc18/atc18-amit.pdf

[4]

Vaggelis Atlidakis, Jeremy Andrus, Roxana Geambasu, Dimitris Mitropoulos, and Jason Nieh. 2016. POSIX Abstractions in Modern Operating Systems: The Old, the New, and the Missing. In Proceedings of the 11th European Conference on Computer Systems (EuroSys'16). ACM, Article 19, 17 pages. https://doi.org/10.1145/2901318.2901350

Digital Library

[5]

Jens Axboe. 2019. Efficient IO with_iouring. Retrieved 2021-05-21 from https://kernel.dk/io_uring.pdf

[6]

Jens Axboe. 2020. Re: [PATCHSET v2 0/6] io_uring: add support for open/close. Retrieved 2021-05-22 from https://lwn.net/ml/linux-fsdevel/[email protected]/

[7]

Adam Belay, George Prekas, Ana Klimovic, Samuel Grossman, Christos Kozyrakis, and Edouard Bugnion. 2014. IX: A Protected Dataplane Operating System for High Throughput and Low Latency. In Proceedings of the 11th Symposium on Operating Systems Design and Implementation (OSDI'14). USENIX, 49--65. Retrieved 2021-05-21 from https://www.usenix.org/system/files/conference/osdi14/osdi14-paper-belay.pdf

[8]

Suparna Bhattacharya, Steven Pratt, Badari Pulavarty, and Janet Morgan. 2003. Asynchronous I/O support in Linux 2.5. In Proceedings of the 2003 Linux Symposium. 371--386. Retrieved 2021-05-21 from https://www.kernel.org/doc/mirror/ols2003.pdf#page=351

[9]

Ashish Bijlani and Umakishore Ramachandran. 2018. A Lightweight and Fine-grained File System Sandboxing Framework. In Proceedings of the 9th Asia-Pacific Workshop on Systems (APSys'18). ACM, 1--7. https://doi.org/10.1145/3265723.3265734

Digital Library

[10]

Jonathan Corbet. 2019. Reconsidering unprivileged BPF. Retrieved 2020-11-03 from https://lwn.net/Articles/796328/

[11]

Jonathan Corbet. 2019. Ringing in a new asynchronous I/O API. Retrieved 2021-05-21 from https://lwn.net/Articles/776703/

[12]

Jonathan Corbet. 2021. BPF meets io_uring. https://lwn.net/Articles/847951/

[13]

Jonathan Corbet. 2021. eBPF seccomp() filters. Retrieved 2021-07-27 from https://lwn.net/Articles/857228/

[14]

Jonathan Corbet. 2021. Toward signed BPF programs. Retrieved 2021-05-12 from https://lwn.net/Articles/853489/

[15]

Linux Kernel Developers. 2021. Linux Kernel v5.11.22 Source Code. Retrieved 2021-05-20 from https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/tree/?h=v5.11.22

[16]

Linux Kernel Developers. 2021. vdso(7) - Linux manual page. Retrieved 2021-05-18 from https://man7.org/linux/man-pages/man7/vdso.7.html

[17]

Will Drewry. 2012. dynamic seccomp policies (using BPF filters). Retrieved 2021-05-20 from https://lwn.net/Articles/475019/

[18]

Kevin Elphinstone and Gernot Heiser. 2013. From L3 to SeL4 What Have We Learnt in 20 Years of L4 Microkernels?. In Proceedings of the 24th ACM Symposium on Operating Systems Principles (SOSP'13). ACM, 133--150. https://doi.org/10.1145/2517349.2522720

Digital Library

[19]

Pekka Enberg, Ashwin Rao, and Sasu Tarkoma. 2019. I/O Is Faster Than the CPU: Let's Partition Resources and Eliminate (Most) OS Abstractions. In Proceedings of the 17th Workshop on Hot Topics in Operating Systems (HotOS'19). ACM, 81--87. https://doi.org/10.1145/3317550.3321426

Digital Library

[20]

Qian Ge, Yuval Yarom, Tom Chothia, and Gernot Heiser. 2019. Time Protection: The Missing OS Abstraction. In Proceedings of the 14th EuroSys Conference (EuroSys'19). ACM, 1--17. https://doi.org/10.1145/3302424.3303976

Digital Library

[21]

Yoann Ghigoff, Julien Sopena, Kahina Lazri, Antoine Blin, and Gilles Muller. 2021. BMC: Accelerating Memcached using Safe In-kernel Caching and Pre-stack Processing. In Proceedings of the 18th USENIX Symposium on Networked Systems Design and Implementation (NSDI'21). USENIX, 487--501. Retrieved 2021-05-21 from https://www.usenix.org/system/files/nsdi21-ghigoff.pdf

[22]

Benedict Herzog, Stefan Reif, Julian Preis, Timo Hönig, and Wolfgang Schröder-Preikschat. 2021. The Price of Meltdown and Spectre: Energy Overhead of Mitigations at Operating System Level. In Proceedings of the 14th European Workshop on Systems Security (EuroSec'21). ACM, 8--14. https://doi.org/10.1145/3447852.3458721

Digital Library

[23]

Ralf Hund, Carsten Willems, and Thorsten Holz. 2013. Practical Timing Side Channel Attacks against Kernel Space ASLR. In Proceedings of the 2013 IEEE Symposium on Security and Privacy (SP'13). IEEE, 191--205. https://doi.org/10.1109/SP.2013.23

Digital Library

[24]

Antoine Kaufmann, Tim Stamler, Simon Peter, Naveen Sharma, Arvind Krishnamurthy, and Thomas Anderson. 2019. TAS: TCP Acceleration As an OS Service. In Proceedings of the 14th EuroSys Conference (EuroSys'19). ACM, 24:1--24:16. https://doi.org/10.1145/3302424.3303985

Digital Library

[25]

Vasileios P Kemerlis, Georgios Portokalidis, and Angelos D Keromytis. 2012. kguard: Lightweight Kernel Protection against Return-to-User Attacks. In Proceedings of the 21st USENIX Security Symposium. USENIX, 459--474.

[26]

Paul Kocher, Jann Horn, Anders Fogh, Daniel Genkin, Daniel Gruss, Werner Haas, Mike Hamburg, Moritz Lipp, Stefan Mangard, Thomas Prescher, Michael Schwarz, and Yuval Yarom. 2019. Spectre Attacks: Exploiting Speculative Execution. In Proceedings of the 2019 IEEE Symposium on Security and Privacy (SP'19). IEEE, 1--19. https://doi.org/10.1109/SP.2019.00002

[27]

Linux Kernel Developers. 2020. readv(2) - Linux Programmer's Manual. Retrieved 2021-09-16 from https://manpages.debian.org/bullseye/manpages-dev/readv.2.en.html

[28]

Moritz Lipp, Michael Schwarz, Daniel Gruss, Thomas Prescher, Werner Haas, Anders Fogh, Jann Horn, Stefan Mangard, Paul Kocher, Daniel Genkin, Yuval Yarom, and Mike Hamburg. 2018. Meltdown: Reading Kernel Memory from User Space. In Proceedings of the 27th USENIX Security Symposium. USENIX, 973--990. Retrieved 2021-05-21 from https://www.usenix.org/system/files/conference/usenixsecurity18/sec18-lipp.pdf

[29]

Steven McCanne and Van Jacobson. 1993. The BSD Packet Filter: A New Architecture for User-level Packet Capture. In Proceedings of the Winter 1993 USENIX Conference. USENIX, 259--269. Retrieved 2021-05-21 from https://vodun.org/papers/net-papers/van_jacobson_the_bpf_packet_filter.pdf

Digital Library

[30]

Sebastiano Miano, Matteo Bertrone, Fulvio Risso, Massimo Tumolo, and Mauricio Vásquez Bernal. 2018. Creating Complex Network Services with eBPF: Experience and Lessons Learned. In Proceedings of the 2018 IEEE 19th International Conference on High Performance Switching and Routing (HPSR'18). IEEE, 1--8.

[31]

Saidgani Musaev and Christof Fetzer. 2021. Transient Execution of Non-Canonical Accesses. (2021). Retrieved 2020-09-18 from https://arxiv.org/abs/2108.10771

[32]

Ying-Shiuan Pan, Jui-Hao Chiang, Han-Lin Li, Po-Jui Tsao, Ming-Fen Lin, and Tzi-cker Chiueh. 2011. Hypervisor Support for Efficient Memory De-duplication. In Proceedings of the 2011 IEEE 17th International Conference on Parallel and Distributed Systems (ICPADS'11). IEEE, 33--39. https://doi.org/10.1109/ICPADS.2011.71

Digital Library

[33]

Simon Peter, Jialin Li, Irene Zhang, Dan Ports, Doug Woos, Arvind Krishnamurthy, Thomas Anderson, and Timothy Roscoe. 2014. Arrakis: The Operating System is the Control Plane. In Proceedings of the 11th Symposium on Operating Systems Design and Implementation (OSDI'14). USENIX, 1--16. https://doi.org/10.1145/2812806

Digital Library

[34]

IO Visor Project. 2021. BCC - Tools for BPF-based Linux IO analysis, networking, monitoring, and more. Retrieved 2021-05-21 from https://github.com/iovisor/bcc

[35]

Andrew Prout, William Arcand, David Bestor, Bill Bergeron, Chansup Byun, Vijay Gadepally, Michael Houle, Matthew Hubbell, Michael Jones, Anna Klein, Peter Michaleas, Lauren Milechin, Julie Mullen, Antonio Rosa, Siddharth Samsi, Charles Yee, Albert Reuther, and Jeremy Kepner. 2018. Measuring the Impact of Spectre and Meltdown. In Proceedings of the 22nd High Performance Extreme Computing Conference (HPEC'18). IEEE, 1--5. https://doi.org/10.1109/HPEC.2018.8547554

[36]

Xiang Ren, Kirk Rodrigues, Luyuan Chen, Camilo Vega, Michael Stumm, and Ding Yuan. 2019. An Analysis of Performance Evolution of Linux's Core Operations. In Proceedings of the 27th Symposium on Operating Systems Principles (SOSP'19). ACM, 554--569. https://doi.org/10.1145/3341301.3359640

Digital Library

[37]

Ryan Roemer, Erik Buchanan, Hovav Shacham, and Stefan Savage. 2012. Return-Oriented Programming: Systems, Languages, and Applications. ACM Transactions on Information and System Security 15, 1, Article 2 (March 2012), 34 pages. https://doi.org/10.1145/2133375.2133377

Digital Library

[38]

Stephen Rumble, Diego Ongaro, Ryan Stutsman, Mendel Rosenblum, and John Ousterhout. 2011. It's Time for Low Latency. In Proceedings of the 13th Conference on Hot Topics in Operating Systems (HotOS'11). USENIX, 1--5. Retrieved 2021-07-29 from https://www.usenix.org/legacy/event/hotos11/tech/final_files/Rumble.pdf

Digital Library

[39]

Livio Soares and Michael Stumm. 2010. FlexSC: Flexible System Call Scheduling with Exception-Less System Calls. In Proceedings of the 9th Symposium on Operating Systems Design and Implementation (OSDI'09). USENIX, 33--46. Retrieved 2021-05-21 from https://static.usenix.org/event/osdi10/tech/full_papers/Soares.pdf

[40]

Yuhong Zhong, Hongyi Wang, Yu Jian Wu, Asaf Cidon, Ryan Stutsman, Amy Tai, and Junfeng Yang. 2021. BPF for Storage: An Exokernel-Inspired Approach. In Proceedings of the 18th Workshop on Hot Topics in Operating Systems (HotOS'21). ACM. Retrieved 2021-05-21 from https://sigops.org/s/conferences/hotos/2021/papers/hotos21-s07-zhong.pdf

Digital Library

Cited By

Gerhorst LHerzog HWägemann POtt MKapitza RHönig T(2024)VeriFence: Lightweight and Precise Spectre Defenses for Untrusted Linux Kernel ExtensionsProceedings of the 27th International Symposium on Research in Attacks, Intrusions and Defenses10.1145/3678890.3678907(644-659)Online publication date: 30-Sep-2024
https://dl.acm.org/doi/10.1145/3678890.3678907
Lößer ARaskob FScheuermann B(2023)Lazy Read: Asynchronous Execution of Synchronous File I/O2023 IEEE International Conference on Big Data (BigData)10.1109/BigData59044.2023.10386429(2311-2318)Online publication date: 15-Dec-2023
https://doi.org/10.1109/BigData59044.2023.10386429
Cheng YHuang CTu C(2022)ESCA: Effective System Call Aggregation for Event-Driven Servers2022 30th Euromicro International Conference on Parallel, Distributed and Network-based Processing (PDP)10.1109/PDP55904.2022.00012(18-25)Online publication date: Mar-2022
https://doi.org/10.1109/PDP55904.2022.00012
Show More Cited By

Recommendations

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

PLOS '21: Proceedings of the 11th Workshop on Programming Languages and Operating Systems

October 2021

96 pages

ISBN:9781450387071

DOI:10.1145/3477113

Copyright © 2021 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Sponsors

SIGOPS: ACM Special Interest Group on Operating Systems

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 25 October 2021

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Qualifiers

Research-article
Research
Refereed limited

Conference

SOSP '21

Sponsor:

SIGOPS

SOSP '21: ACM SIGOPS 28th Symposium on Operating Systems Principles

October 25, 2021

Virtual Event, Germany

Acceptance Rates

Overall Acceptance Rate 17 of 32 submissions, 53%

Upcoming Conference

SOSP '25

Sponsor:
sigops

ACM SIGOPS 31st Symposium on Operating Systems Principles

October 13 - 16, 2025

Seoul , Republic of Korea

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

4
Total Citations
View Citations
456
Total Downloads

Downloads (Last 12 months)98
Downloads (Last 6 weeks)6

Reflects downloads up to 24 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Gerhorst LHerzog HWägemann POtt MKapitza RHönig T(2024)VeriFence: Lightweight and Precise Spectre Defenses for Untrusted Linux Kernel ExtensionsProceedings of the 27th International Symposium on Research in Attacks, Intrusions and Defenses10.1145/3678890.3678907(644-659)Online publication date: 30-Sep-2024
https://dl.acm.org/doi/10.1145/3678890.3678907
Lößer ARaskob FScheuermann B(2023)Lazy Read: Asynchronous Execution of Synchronous File I/O2023 IEEE International Conference on Big Data (BigData)10.1109/BigData59044.2023.10386429(2311-2318)Online publication date: 15-Dec-2023
https://doi.org/10.1109/BigData59044.2023.10386429
Cheng YHuang CTu C(2022)ESCA: Effective System Call Aggregation for Event-Driven Servers2022 30th Euromicro International Conference on Parallel, Distributed and Network-based Processing (PDP)10.1109/PDP55904.2022.00012(18-25)Online publication date: Mar-2022
https://doi.org/10.1109/PDP55904.2022.00012
Sharaf HAhmad IDimitriou T(2022)Extended Berkeley Packet Filter: An Application PerspectiveIEEE Access10.1109/ACCESS.2022.322626910(126370-126393)Online publication date: 2022
https://doi.org/10.1109/ACCESS.2022.3226269

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents