CSE 591: Schedule

This schedule is also available as an ical file that you can subscribe to.

Unless otherwise noted, you only need to review the first paper listed for each day.

Note that optional readings are available for those with more interest in a topic, and are not required reading for any exams or homework assignments.

Papers are only accessible to hosts in the stonybrook.edu domain, although most are available elsewhere online.

Marking a paper as "Light" is not a criticism, but rather that you need not tease out every low-level detail. It is there to provide extra context and you should come to class prepared to discuss its main points.

Date Topics Notes Readings Optional Readings
Part 1: Hypervisor design and implementation
Tue 01/28 Introduction and Basics
Homework 1 assigned. No review due on the first day of the course. Don's Notes. Formal Requirements for Virtualizable Third Generation Architectures (Popek and Goldberg, CACM, 1974).
Thu 01/30 VMware Workstation Design (part 1)
Read through the end of Section 6.1 Bringing Virtualization to the x86 Architecture with the Original VMware Workstation (Bugnion, Devine, Rosenblum, Sugerman, and Wang, TOCS, 2012)
  1. Disco: Running Commodity Operating Systems on Scalable Multiprocessors (Bugnion, Devine, and Rosenblum, SOSP, 1997).
  2. The Evolution of an x86 Virtual Machine Monitor (Agesen, Garthwaite, Sheldon, and Subrahmanyan, OSR, 2010)
Tue 02/04 VMware Workstation Design (part 2)
Read Sections 6.2--11. Don's Notes. Bringing Virtualization to the x86 Architecture with the Original VMware Workstation (Bugnion, Devine, Rosenblum, Sugerman, and Wang, TOCS, 2012)
  1. Memory Resource Management in VMware ESX Server (Waldspurger, OSDI, 2002).
  2. Virtualizing I/O Devices on VMware Workstation's Hosted Virtual Machine Monitor (Sugerman, Venkitachalam, and Lim, USENIX 2001)
Thu 02/06 x86 Virtualization Hardware
Don's Notes. A comparison of software and hardware techniques for x86 virtualization (Adams and Agesen, ASPLOS, 2006). Software Techniques for Avoiding Hardware Virtualization Exits (Agesen, Mattson, Rugina, and Sheldon, USENIX 2012)
Tue 02/11 Hacking Day!
In-class quiz over Homework 1
Thu 02/13 Snow day
Tue 02/18 Binary Translation
Don's Notes. Fast Dynamic Binary Translation for the Kernel (Kedia and Bansal, SOSP 2013)
Thu 02/20 Paravirtualization
Don's Notes. Xen and Art of Virtualization (Barham, Dragovic, Fraser, Hand, Harris, Ho, Neugebaur, Pratt and Warfield, SOSP 2003).
  1. (Light) Are Virtual Machine Monitors Microkernels Done Right? (Hand, Warfield, Fraser, Kotsovinos, and Magenheimer, HotOS 2005).
  2. (Light) Are Virtual Machine Monitors Microkernels Done Right? (Heiser, Uhlig, and LeVasseur, SIGOPS OSR, 2006).
Tue 02/25 Hacking Day!
Thu 02/27 Virtualizing the VMM
Don's Notes. The Turtles Project: Design and Implementation of Nested Virtualization (Ben-Yehuda, Day, Dubitzky, Factor, Har'El, Gordon, Liguori, Wasserman, and Yassour, OSDI 2010)
Tue 03/04 lguest and KVM
Don's Notes.
  1. lguest: Implementing the little Linux hypervisor (Russell, OLS 2007)
  2. kvm: the Linux Virual Machine Monitor (Kivity, Kamay, Laor, Lublin, and Liguori, OLS 2007)
Part 2: Virtual I/O
Thu 03/06 virtio and vfio
Don's Notes.
  1. virtio: Towards a De-Facto Standard For Virtual I/O Devices (Russell, OLS 2008)
  2. Safe device assignment with VFIO (Corbet, LWN 2012)
Tue 03/11 Fast Virtual I/O
Don's Notes. ELI: Bare-Metal Performance for I/O Virtualization (Gordon, Amit, Har'El, Ben-Yehuda, Landau, Schuster, and Tsafrir, ASPLOS 2012)
  1. High Performance VMM-Bypass I/O in Virtual Machines (Liu, Huang, Abali, and Panda, USENIX 2006)
  2. vIOMMU: Efficient IOMMU Emulation (Amit, Ben-Yehuda, Tsafrir, and Schuster, USENIX 2011)
Thu 03/13 Hacking Day!
Tue 03/18 Spring Recess, Class Canceled
Thu 03/20 Spring Recess, Class Canceled
Fri 03/21
Project Proposal Due. 11:59PM
Tue 03/25 Virtualization Aware File Systems
Don's Notes. Virtualization Aware File Systems: Getting Beyond the Limitations of Virtual Disks (Pfaff, Garfinkel, and Rosenblum, NSDI 2006)
Thu 03/27 Hacking Day!
Tue 04/01 Virtual Disks
Don's Notes. Parallax: Virtual Disks for Virtual Machines (Meyer, Aggarwal, Cully, Lefebvre, Feeley, Hutchinson, and Warfield, EuroSys 2008) IOFlow: A Software-Defined Storage Architecture (Thereska, Ballani, O'Shea, Karagiannis, Rowstron, Talpey, Black, and Zhu, SOSP 2013)
Part 3: Security
Thu 04/03 Introspection
Review the second paper.
Don's Notes.
  1. When Virtual is Better than Real (Chen and Noble, HotOS 01)
  2. Space Traveling across VM: Automatically Bridging the Semantic Gap in Virtual Machine Introspection via Online Kernel Data Redirection (Fu and Lin, Oakland 2012)
  1. When Virtual is Harder than Real: Security Challenges in Virtual Machine Based Computing Environments (Garfinkel and Rosenblum, HotOS 2005)
  2. Compatibility is not transparency: VMM detection myths and realities (Garfinkel, Adams, Warfield, and Franklin, HotOS, 2007).
Fri 04/04
Lab 1 Due. 11:59PM.
Tue 04/08 Reducing the TCB (1)
Don's Notes. TrustVisor: Efficient TCB Reduction and Attestation (McCune, Li, Qu, Zhou, Datta, Gligor, and Perrig, Oakland 2010)
  1. SecVisor: A Tiny Hypervisor to Provide Lifetime Kernel Code Integrity for Commodity OSes (Seshadri, Luk, Qu, and Perrig, SOSP 2007)
  2. Flicker: An Execution Infrastructure for TCB Minimization(McCune, Parno, Perrig, Reiter, and Isozaki, EuroSys 2008)
  3. Building Verifiable Trusted Path on Commodity x86 Computers (Zhou, Newsome, Gligor, and McCune, Oakland 2012)
Thu 04/10 Reducing the TCB (2)
Don's Notes. Breaking Up is Hard to Do: Security and Functionality in a Commodity Hypervisor (Colp, Nanavati, Zhu, Aiello, Coker, Deegan, Loscocco, and Warfield, SOSP 2011) VirtuOS: an operating system with kernel virtualization (Nikolaev and Black, SOSP 2013)
Tue 04/15 Hacking Day!
Thu 04/17 Removing Trust from the OS (1)
Guest Lecture by Long Lu
Don's Notes.
InkTag: Secure Applications on an Untrusted Operating System (Hofmann, Kim, Dunn, Lee, and Witchel, ASPLOS 2013)
  1. Overshadow: A Virtualization-Based Approach to Retrofitting Protection in Commodity Operating Systems (Chen, Garfinkel, Lewis, Subrahmanyan, Waldspurger, Boneh, Dwoskin, and Ports, ASPLOS 2008)
  2. Iago Attacks: Why the System Call API is a Bad Untrusted RPC Interface (Checkoway and Shachman, ASPLOS 2013)
Tue 04/22 Removing Trust from the OS (2)
Don's Notes.
  1. Innovative Instructions and Software Model for Isolated Execution (Mckeen, Alexandrovich, Berenzon, Rozas, Shafi, Shanbhogue and Savagaonkar, HASP 2013)
  2. Using Innovative Instructions to Create Trustworthy Software Solutions (Hoekstra, Lal, Pappachan, Rozas, Phegade and del Cuvillo, HASP 2013)
Slides from HASP for the first paper (may be helpful).
Thu 04/24 Hacking Day!
Part 4: Potpourri
Tue 04/29 VM == Process?
Don's Notes. Dune: Safe User-Level Access to Privileged CPU Features (Belay, Bittau, Mashtizadeh, Terei, Mazieres, and Kozyrakis, OSDI 2012)
  1. Scale and Performance in the Denali Isolation Kernel (Whitaker, Shaw, and Gribble, OSDI 2002)
  2. Rethinking the Library OS from the Top-Down (Porter, Boyd-Wickizer, Howell, Olinsky, Hunt, ASPLOS, 2011)
  3. Unikernels: Library Operating Systems for the Cloud (Madhavapeddy, Mortier, Rotsos, Scott, Singh, Gazagnaire, Smith, Hand, and Crowcroft, ASPLOS 2013)
  4. The nonkernel: A Kernel Designed for the Cloud (Ben-Yehuda, Peleg, Ben-Yehuda, Smolyar, and Tsafrir, APSys 2013)
Thu 05/01 Virtual Middleboxes
Don's Notes. Split/Merge: System Support for Elastic Execution in Virtual Middleboxes (Rajagopalan, Williams, Jamjoom, and Warfield, NSDI 2013)
Tue 05/06 Project Demos
Thu 05/08 Project Demos
Mon 05/19 Final Exam
11:15 am - 1:45pm. Melville Library W4535.
Final Project Due. 11:59PM

Copyright Notice: These lecture notes, homeworks, and lab assignments are part of a graduate course on operating systems. You must ask me permission to use these materials. I do not grant to you the right to publish these materials for profit in any form.
Donald Porter, Stony Brook University

Last updated: 2014-05-10 12:03:13 -0400 [validate xhtml]