517 research outputs found
Hardware Acceleration in Genode OS Using Dynamic Partial Reconfiguration
Algorithms with operations on large regular data structures such as image processing can be highly accelerated when executed as hardware tasks in an FPGA fabric. The Dynamic Partial Reconfiguration (DPR) feature of new SRAM-based FPGA families allows a dynamic swapping and replacement of hardware tasks during runtime. Particularly embedded systems with processing chains that change over time or that are too large to be implemented in an FPGA fabric in parallel, benefit from DPR. In this paper we present a complete framework for hardware acceleration using DPR in the microkernel based Genode OS. This makes the DPR feature available not only for the high-performance computing field, but also for safety-critical applications. The new framework is evaluated for an exemplary imaging application running on a Xilinx Zynq-7000 SoC
Mini-NOVA: A Lightweight ARM-based Virtualization Microkernel Supporting Dynamic Partial Reconfiguration
International audienceToday, ARM is becoming the mainstream family of processors in the high-performance embedded systems domain. In this context, adding a run-time reconfigurable FPGA device to the ARM processor into a single chip makes it possible to combine high performance and flexibility. In this paper, we propose a low-complexity design of system virtualization running on the Zynq platform. Virtualization of software and hardware resources are managed by a custom microkernel. The dedicated features to efficiently manage the dynamic partial reconfiguration (DPR) technology are described in details. The performance of the DPR management is evaluated and presented at the end of this paper
You and I are Past Our Dancing Days
Operating systems have grown in size and functionality. Today's many flavours of Unix provide a multi-user environment with protection, address spaces, and attempts to allocate resources fairly to users competing for them, They provide processes and threads, mechanisms for synchronization and memory sharing, blocking and nonblocking system calls, and a complex file system. Since it was first introduced, Unix has grown more then a factor twenty in size. Several operating systems now consist of a microkernel, surrounded by user-space services [Accetta et al., 1986; Mullender et al., 1990; Rozier et al., 1988]. Together they provide the functionality of the operating system. This operating system structure provides an opportunity to make operating systems even larger. The trend for operating systems to grow more and more baroque was signalled more than a decade ago [Feldman, 1980], but has continued unabated until, today, we have OSF/1, the most baroque Unix system ever. And we have Windows/NT as a demonstration that MS-DOS also needed to be replaced by something much bigger and a little better.\ud
In this position paper, I am asking what community we serve with our operating systems research. Should we continue doing this, or can we make ourselves more useful to society and industry by using our experience in operating systems in new environments.\ud
I argue that there is very little need for bigger and better operating systems; that, in fact, most cPus will never run an operating system at all; and that our experience in operating systems will be better applied to designing new generations of distributed and ubiquitous applications
A TrustZone-assisted hypervisor supporting dynamic partial reconfiguration
Dissertação de mestrado em Engenharia Eletrónica Industrial e ComputadoresTraditionally, embedded systems were dedicated single-purpose systems characterised
by hardware resource constraints and real-time requirements. However,
with the growing computing abilities and resources on general purpose platforms,
systems that were formerly divided to provide different functions are now merging
into one System on Chip. One of the solutions that allows the coexistence
of heterogeneous environments on the same hardware platform is virtualization
technology, usually in the form of an hypervisor that manage different instances
of OSes and arbitrate their execution and resource usage, according to the chosen
policy.
ARM TrustZone has been one of the technologies used to implement a virtualization
solution with low overhead and low footprint. µRTZVisor a TrustZoneassisted
hypervisor with a microkernel-like architecture - is a bare-metal embedded
hypervisor that relies on TrustZone hardware to provide the foundation to implement
strong spatial and temporal isolation between multiple guest OSes.
The use of Partial Reconfiguration allows the designer to define partial reconfigurable
regions in the FPGA and reconfigure them during runtime. This allows
the system to have its functionalities changed during runtime using Dynamic Partial
Reconfiguration (DPR), without needing to reconfigure all the FPGA. This
is a major advantage, as it decreases the configuration overhead since partial bitstreams
are smaller than full bitstreams and the reconfiguration time is shorter.
Another advantage is reducing the need for larger logic areas and consequently
reducing their power consumption.
Therefore, a hypervisor that supports DPR brings benefits to the system. Aside
from better FPGA resources usage, another improvement that it brings, is when
critical hardware modules misbehave and the hardware module can be replaced.
It also enables the controlling and changing of hardware accelerators dynamically,
which can be used to meet the guest OSes requests for hardware resources as the
need appears. The propose of this thesis is extending the µRTZVisor to have a
DPR mechanism.Tradicionalmente, os sistemas embebidos eram sistemas dedicados a uma única
tarefa e apenas limitados pelos seus requisitos de tempo real e de hardware. Contudo,
como as plataformas de uso geral têm cada vez mais recursos e capacidade
de processamento, muitos dos sistemas que executavam separadamente, passaram
a apenas um sistema em plataforma recorrendo à tecnologia de virtualização, normalmente
como um hipervisor que é capaz de gerir múltiplos sistemas operativos
arbitrando a sua execução e acesso aos recursos da plataforma de acordo com uma
politica predefinida.
A tecnologia TrustZone da ARM tem sido uma das soluções implementadas
sem ter grande impacto na performance dos sistemas operativos. µRTZVisor é um
dos hipervisores baseados na TrustZone para implementar um isolamento espacial
e temporal entre múltiplos sistemas operativos, sendo que defere de outras uma
vez que é de arquitectura microkernel.
O uso de Reconfiguração Parcial Dinâmica (RPD) permite ao designer definir
várias regiões reconfiguráveis no FPGA que podem ser dinamicamente reconfiguradas
durante o período de execução. Esta é uma grande vantagem, porque reduz
os tempos de reconfiguração de módulos reconfiguráveis uma vez que os seus bitstreams
são mais pequenos que bitstreams para a plataforma toda. A tecnologia
também permite que nos FPGAs não sejam necessárias áreas lógicas tão grandes,
o que também reduz o consumo de energia da plataforma.
Um hipervisor que suporte RPD traz grandes benefícios para o sistema, nomeadamente
melhor uso dos recursos de FPGA, implementação de aceleradores em
hardware dinamicamente reconfiguráveis, e tratamento de falhas no hardware. Se
houverem módulos que estejam a demonstrar comportamentos inesperados estes
podem ser reconfigurados. O uso de aceleradores reconfiguráveis permite que o
hardware seja adaptável conforme a necessidade destes pelos diferentes sistemas
operativos. A proposta desta dissertação é então estender o µRTZVisor para ter
a capacidade de usar módulos reconfiguráveis por RPD
Hardware IPC for a TrustZone-assisted Hypervisor
Dissertação de mestrado em Engenharia Eletrónica Industrial e ComputadoresIn this modern era ruled by technology and the IoT (Internet of Things),
embedded systems have an ubiquitous presence in our daily lives. Although they
do differ from each other in their functionalities and end-purpose, they all share the
same basic requirements: safety and security. Whether in a non-critical system
such as a smartphone, or a critical one, like an electronic control unit of any
modern vehicle, these requirements must always be fulfilled in order to accomplish
a reliable and trust-worthy system.
One well-established technology to address this problem is virtualization. It
provides isolation by encapsulating each subsystem in separate Virtual-Machines
(VMs), while also enabling the sharing of hardware resources. However, these
isolated subsystems may still need to communicate with each other. Inter-Process
Communication is present in most OSes’ stacks, representing a crucial part of
it, which allows, through a myriad of different mechanisms, communication be-
tween tasks. In a virtualized system, Inter-Partition Communication mechanisms
implement the communication between the different subsystems referenced above.
TrustZone technology has been in the forefront of hardware-assisted security
and it has been explored for virtualization purposes, since natively it provides sep-
aration between two execution worlds while enforcing, by design, different privi-
lege to these execution worlds. LTZVisor, an open-source lightweight TrustZone-
assisted hypervisor, emerged as a way of providing a platform for exploring how
TrustZone can be exploited to assist virtualization. Its IPC mechanism, TZ-
VirtIO, constitutes a standard virtual I/O approach for achieving communication
between the OSes, but some overhead is caused by the introduction of the mech-
anism. Hardware-based solutions are yet to be explored with this solution, which
could bring performance and security benefits while diminishing overhead.
Attending the reasons mentioned above, hTZ-VirtIO was developed as a way
to explore the offloading of the software-based communication mechanism of the
LTZVisor to hardware-based mechanisms.Atualmente, onde a tecnologia e a Internet das Coisas (IoT) dominam a so-
ciedade, os sistemas embebidos são omnipresentes no nosso dia-a-dia, e embora
possam diferir entre as funcionalidades e objetivos finais, todos partilham os mes-
mos requisitos básicos. Seja um sistema não crítico, como um smartphone, ou
um sistema crítico, como uma unidade de controlo de um veículo moderno, estes
requisitos devem ser cumpridos de maneira a se obter um sistema confiável.
Uma tecnologia bem estabelecida para resolver este problema é a virtualiza-
ção. Esta abordagem providencia isolamento através do encapsulamento de sub-
sistemas em máquinas virtuais separadas, além de permitir a partilha de recursos
de hardware. No entanto, estes subsistemas isolados podem ter a necessidade de
comunicar entre si. Comunicação entre tarefas está presente na maioria das pilhas
de software de qualquer sistema e representa uma parte crucial dos mesmos. Num
sistema virtualizado, os mecanismos de comunicação entre-partições implementam
a comunicação entre os diferentes subsistemas mencionados acima.
A tecnologia TrustZone tem estado na vanguarda da segurança assistida por
hardware, e tem sido explorada na implementação de sistemas virtualizados, visto
que permite nativamente a separação entre dois mundos de execução, e impondo
ao mesmo tempo, por design, privilégios diferentes a esses mundos de execução. O
LTZVisor, um hypervisor em código-aberto de baixo overhead assistido por Trust-
Zone, surgiu como uma forma de fornecer uma plataforma que permite a explo-
ração da TrustZone como tecnologia de assistência a virtualização. O TZ-VirtIO,
mecanismo de comunicação do LTZVisor, constitui uma abordagem padrão de
E/S virtuais, para permitir comunicação entre os sistemas operativos. No entanto,
a introdução deste mecanismo provoca sobrecarga sobre o hypervisor. Soluções
baseadas em hardware para o TZ-VirtIO ainda não foram exploradas, e podem
trazer benefícios de desempenho e segurança, e diminuir a sobrecarga.
Atendendo às razões mencionadas acima, o hTZ-VirtIO foi desenvolvido como
uma maneira de explorar a migração do mecanismo de comunicação baseado em
software do LTZVisor para mecanismos baseados em hardware
MINIX4RT: real-time interprocess communications facilities
MINIX4RT es una extensión del conocido Sistema Operativo MINIX que incorpora servicios de Tiempo Real Estricto en un nuevo microkernel pero manteniendo compatibilidad con las versiones anteriores del MINIX estándar.
La Comunicación entre Procesos es un mecanismo que permite hacer extensible a un Sistema Operativo, pero debe estar libre de Inversión de Prioridades para ser utilizado en aplicaciones de Tiempo Real. Como las primitivas de MINIX no disponen de esta funcionalidad, se incorporaron nuevas primitivas de Comunicación entre Procesos al microkernel de Tiempo Real. El presente artículo describe las facilidades de Comunicaciones entre Procesos en Tiempo Real disponibles en MINIX4RT, su diseño, implementación, tests de desempeño y sus resultados.MINIX4RT is an extension of the well-known MINIX Operating System that adds Hard Real-Time services in a new microkernel but keeping backward compatibility with standard MINIX versions.
Interprocess Communications provides a mechanism to make Operating System extensible, but they must be Priority Inversion free for Real-Time applications. As MINIX Interprocess Communications primitives does not have this functionality, new primitives were added to the Real-Time microkernel. This article describes the Real- Time Interprocess Communications facilities available on MINIX4RT, its design, implementation, performance tests and their results.I Workshop de Arquitecturas, Redes y Sistemas Operativos (WARSO)Red de Universidades con Carreras en Informática (RedUNCI
- …