Avoiding syscall Overhead

Synopsis

At the moment the setproctitle call is implemented with a sysctl, this has the unfortunate side effect that this simple call locks the Giant-lock. As this call is a simple matter of setting a value, it could be better implemented with shared memory between the kernel and user-space.

Project

This project purposes a scheme to securely share process specific data, between the kernel and a user-space process. This is done by having each process allocate a special memory page, on which the kernel and user-space process can share data. This will give the security needed, as the VM-system will make sure that no outside processes can fiddle with a process' data. As everything is going on it user-space, there is no concern about a rogue process could write inside the kernel memory. There is still a locking concern, which will be addressed either by locking the entire page, or micro-locking each data field on the page. To test the scheme, I will implement the setproctitle call with share memory as oppose to the current syscall version.

Update: Howard Su has sugested a a multi page scheme, where a read/write page is used for things like get/setproctitle and a read-only page for things like getpid. And maybe a system wide read-only page for things like getdomain, gethostname etc. More on this to follow.

Milestone

This is a list of milestone, and the order in which I will take them.

  1. Allocate a page in each process on creation. (./)

  2. Deallocate the page. (./)

  3. Write something to the page. (./)

  4. Read and write to the page from user space. (./)

  5. Figure out a suitable data structure. (./)

  6. Figure out a locking scheme.
  7. Add the new scheme to setproctitle, running along side the old.
  8. Phase out the old scheme.

Completed milestones will be marked with ( (./) ).

Schedule

Week 27-28

Have milestones 1-4 completed before the midterm evaluation.

Week 29

Think up the data structure and locking scheme (milestones 5 and 6).

week 30-33

The two last milestone, and delivery.

All weeks included.

---

Patch/Source

This should add a working getpid() through the page-scheme. A page is allocated on fork() and exec() and its address is accesible through the kern.usrsysshm sysctl. There is a struct on the page which is hold the pid, the pid is set from the kernel, and is accessible directly from the user process' vmspace.

http://www.cs.aau.dk/~jbr/patch.diff http://www.cs.aau.dk/~jbr/tests.tar.bz2

This project is for the 2007 Google Summer of Code. Jesper B. Rosenkilde will be working on it with Jeff Roberson as mentor

ReducingSyscallOverhead (last edited 2008-06-17 21:37:48 by localhost)