Novel storage technologies like non-volatile memory (NVM) with support for byte-granular accesses are considered disruptive. In particular, because they enable the access of volatile and non-volatile memory in the exact same manner. However, NVM poses a challenge for OSes, because it mixes properties of current non-volatile storage devices (e.g., SSDs) and current volatile storage devices (e.g., DRAM): SSDs are persistent like NVM, but are accessed block-wise and indirectly via an OS-provided file system. DRAM is mapped into the applications' address space, like NVM, but is used without an OS-provided abstraction. Handling NVM like SSDs would mute some of its advantages, whereas the handling of NVM like DRAM would remove the ability for the OS to provide abstractions with certain guarantees efficiently (e.g., data consistency also after a power outage).Fortunately, another technology trend is the introduction of "fast calls" in various forms (Apple M1, Itanium) or hardware capabilities (CHERI, ARM Morello). These fast calls avoid the expensive switch to the OS kernel, but still allow the OS to enforce certain properties for resource accesses. For that reason, fast calls are a promising candidate to address the challenge that OSes face with NVM: OSes can map NVM into the application's address space and let applications use fast calls to efficiently enforce a specific structure.We plan to build two use cases: 1) a protected shared file system, and 2) support for rapid recovery of processes in case of intermittent power supplies. To keep the starting point for our research simple, we use microkernel technology developed by the team of the project's PI, which by now has become mature enough to be deployed in important industrial applications (e.g., automotive) and security-critical application areas. In the project, we will extend an L4-like capability system in such a way that it survives loss of volatile information caused by power outage. To this end, we explore if fast calls can be used to check fine-granular capability permissions without expensive kernel invocations. In addition, we will study a persistency design where persistent and volatile representations have to maintain certain invariants in case of power outages.

DFG Programme Priority Programmes

Subproject of SPP 2377:  Disruptive Main-Memory Technologies