Security

Compartmentalization of Monolithic Kernels using Hardware Virtualization (Active)
Collaborator: Zhiyuan (Ryan) Ruan
Advisor: Richard West

Existing monolithic kernels, e.g. Linux, do not inherently enforce any separation between different components. This leads to vulnerabilities in one subsystem affecting the entire kernel. Researchers have considered various compartmentalization techniques to mitigate this issue. We tackle this problem by defining compartment boundaries using hardware virtualization. Using features such as virtualization exceptions, we interpose the execution of a monolithic kernel and use a generic sentry function to validate each cross-compartment access.

Scheduling & Synchronization

Priority Assignment for Global Fixed Priority Scheduling on Multiprocessors
Collaborator: Xuanliang Deng
Advisor: Haibo Zeng

Global scheduling is an attractive option for multiprocessors as it allows tasks to be placed on any available core, freely allowing load balancing. Assigning fixed priorities to tasks avoids the updation of the relative position of a task in the global runqueue when its priority changes, minimizing contention on a shared resource. Prior work by Yecheng Zhao and Haibo Zeng has proposed an optimization-based approach that uses response time estimation to assign priorities to tasks under the Global Fixed Priority paradigm. In this work, we develop a novel algorithm that extends the aforementioned method by including a simple heuristic, extending its applicability to the latest, and hence the most accurate schedulability analysis.