[CSE]  Advanced Operating Systems 
  COMP9242 2002/S2  		UNSW
PRINTER Printer-Friendly Version
Administration               
- Notices
- Course Intro
- Consultations
# On-line Survey (closed)
- Survey Results
 
Work
- Lectures
- Milestone 0
- Project Admin
- Project Spec
- Project FAQ
- Exam
 
Documentation
- ASysT Lab
- L4 source browser
- Sulima ISA Simulator
R4x00 ISA Summary 
MIPS R4700 ReferenceMIPS R4000 User Manual 
- Network Driver
- GT64111
 
Related Info
- Aurema OS Prize
- OS Hall of Fame
 
History
- 2000
- 1999
- 1998
 
Staff
- Gernot Heiser (LiC)

 
Valid HTML 4.0!
next up previous
Next: Cool Stuff: Soft Timers[AD99] Up: 14-hot Previous: 14-hot

Subsections

Hot Topics -- Cool Systems

Cool System: EROS[SSF99]

Idea: fast, secure, reliable OS

Features:

  • segregated capabilities,
  • single-level store,
  • persistence (via checkpointing),
  • fast,
  • mandatory access control,
  • formal proof of confinement[SW00].
EROS is a re-design of KeyKOS[BFF$^+$92].

EROS memory and access management

eros-tree

Clists form page table

EROS access rights management

  • Limit propagation and support revocation of rights by:
    • ``weak capabilities'':
      • reading/writing any cap via a weak cap makes it R/O and weak
      • can obtain transitive read-only access
    • indirection:
      • Reference monitor (similar to L4 chief mediates cap transfer
      • inserts forwarding objects to capabilities
      • implements security policy
      • on change of policy can revoke caps by revoking forwarding object

EROS performance

eros-bm

Note: No data on cost of indirection for MAC.


Gernot Heiser 2002-11-07