FlexOS and Beyond: Towards Easy, Flexible, and Safe OS Compartmentalization
Hugo Lefeuvre, Manchester University
Abstract: At design time, modern operating systems are locked in a specific safety and isolation strategy that mixes one or more hardware/software protection mechanisms (e.g. user/kernel separation); revisiting these choices after deployment requires a major refactoring effort. This rigid approach shows its limits given the wide variety of modern applications' safety/performance requirements, when new hardware isolation mechanisms are rolled out, or when existing ones break. In this talk I will present FlexOS, our attempt at designing an OS that allows users to easily specialize the safety and isolation strategy of an OS at compilation/deployment time instead of design time. This work was previously featured at ASPLOS'22. Following this presentation, I will briefly talk about my follow-up work on the safety of compartmentalization interfaces, and open the discussion on flexible compartmentalization and broader compartmentalization topics.
Date & Time
Thursday, October 20, 2022 - 14:00
Huxley 218 + online