[WIP] Porting LKL to BitVisor

Slide 1

Slide 1 text

[WIP] Porting LKL to BitVisor June 25th, 2018 @retrage Turing Complete FM Meetup

Slide 2

Slide 2 text

BitVisor[1] • Thin Hypervisor • Pass-through hardware access from guest OS. • Used in security context. (ex. Monitoring I/O) • Easy to hack: • vThrii[3] • TinyVisor[4] • bitvisor-gdb[5] • See: • https://www.bitvisor.org/ 1

Slide 3

Slide 3 text

Porting to BitVisor • Several Applications are ported to BitVisor. • Lua (LVisor[6]) • mruby (bitvisor_mruby[7]) • Running apps in BitVisor • INITFUNC • thread • process • vmmcall • No libc, but it provides some fucntions. • ex. process/lib/lib_*.h 2

Slide 4

Slide 4 text

Linux Kernel Library (LKL)[2] • LKL is anykernel: Run a real kernel in the userspace. • Reuse Linux Kernel as a library. (ex. liblkl.so) • LKL is implemented as one of architectures. • LKL runs on: • *nix • Windows • UEFI (EFIDroid) • See https://lkl.github.io/ 3

Slide 5

Slide 5 text

Porting LKL to * • Dependancies: • libc • timer, thread, semaphore, mutex, file read/write • Add green threads: • Port a part of LK[8] • Dependancies: libc, timer and file read/write • https://github.com/retrage/linux/tree/retrage/fiber • This will make porting easier? 4

Slide 6

Slide 6 text

Porting LKL to BitVisor • Motivation: • Just for fun • Use LKL as a reusable tools for BitVisor and guest OS • Design: • Run LKL as a BitVisor process. • No interaction with guest OS. 5 BitVisor guest OS musl LKL

Slide 7

Slide 7 text

Problems remain • Implementation • BitVisor as a new LKL host. • Bring missing libc functions from musl. (It’s Ad-hoc) • Current status • LKL build: Done • Integrating LKL to BitVisor: Not yet (No timer) • It’s hard to embed LKL to BitVisor build system. • Porting musl to BitVisor? • Anykernel on Hypervisor will be a research topic? 6

Slide 8

Slide 8 text

Reference • [1] T. Shinagawa, H. Eiraku, K. Tanimoto, K. Omote, S. Hasegawa, T. Horie, M. Hirano, K. Kourai, Y. Oyama, E. Kawai, K. Kono, S. Chiba, Y. Shinjo, and K. Kato, “BitVisor: a thin hypervisor for enforcing i/o device security,” VEE 09 Proc. 2009 ACM SIGPLANSIGOPS Int. Conf. Virtual Exec. Environ., no. Vee, pp. 121–130, 2009. • [2] O. Purdila, L. A. Grijincu, and N. R. I. C. R. 2010 9th Tapus, “LKL: The Linux kernel library,” Roedunet Int. Conf. (RoEduNet), 2010 9th, no. May 2014, pp. 328–333, 2010. • [3] https://www.igel.co.jp/solution/ • [4] https://ja.osdn.net/projects/tinyvisor/ • [5] https://github.com/RKX1209/bitvisor-gdb • [6] https://www.slideshare.net/icchyr/how-to-port-to-bitvisor • [7] https://github.com/chikuwait/bitvisor_mruby • [8] https://github.com/littlekernel/lk 7