COMP 790: Schedule

This schedule is also available as an ical file that you can subscribe to.

Unless otherwise noted, you only need to review the first paper listed for each day.

Note that optional readings are available for those with more interest in a topic, and are not required reading for any exams or homework assignments.

Papers are only accessible to hosts in the unc.edu domain, although most are available elsewhere online.

Date Topics Notes Readings Optional Readings
Part 1: Hypervisor design and implementation
Wed 01/11 Introduction and Basics
No review due on the first day of the course. Don's Notes. Formal Requirements for Virtualizable Third Generation Architectures (Popek and Goldberg, CACM, 1974).
Mon 01/16 Martin Luther King Jr. Day, No class.
Wed 01/18 VMware Workstation Design (part 1)
Read through the end of Section 6.1 Bringing Virtualization to the x86 Architecture with the Original VMware Workstation (Bugnion, Devine, Rosenblum, Sugerman, and Wang, TOCS, 2012)
  1. Disco: Running Commodity Operating Systems on Scalable Multiprocessors (Bugnion, Devine, and Rosenblum, SOSP, 1997).
  2. The Evolution of an x86 Virtual Machine Monitor (Agesen, Garthwaite, Sheldon, and Subrahmanyan, OSR, 2010)
Mon 01/23 VMware Workstation Design (part 2)
Read Sections 6.2--11. Don's Notes. Bringing Virtualization to the x86 Architecture with the Original VMware Workstation (Bugnion, Devine, Rosenblum, Sugerman, and Wang, TOCS, 2012) Memory Resource Management in VMware ESX Server (Waldspurger, OSDI, 2002).
Wed 01/25 x86 Virtualization Hardware
Don's Notes. A comparison of software and hardware techniques for x86 virtualization (Adams and Agesen, ASPLOS, 2006).
Mon 01/30 Hacking Day!
Wed 02/01 Binary Translation
Don's Notes. Fast Dynamic Binary Translation for the Kernel (Kedia and Bansal, SOSP 2013)
Fri 02/03 Lab 1 Due (11:59 PM)
Mon 02/06 Paravirtualization
Don's Notes. Xen and Art of Virtualization (Barham, Dragovic, Fraser, Hand, Harris, Ho, Neugebaur, Pratt and Warfield, SOSP 2003).
  1. Are Virtual Machine Monitors Microkernels Done Right? (Hand, Warfield, Fraser, Kotsovinos, and Magenheimer, HotOS 2005).
  2. Are Virtual Machine Monitors Microkernels Done Right? (Heiser, Uhlig, and LeVasseur, SIGOPS OSR, 2006).
Wed 02/08 Virtualizing the VMM
Don's Notes. The Turtles Project: Design and Implementation of Nested Virtualization (Ben-Yehuda, Day, Dubitzky, Factor, Har'El, Gordon, Liguori, Wasserman, and Yassour, OSDI 2010)
Fri 02/10 Hacking Day!
Make-up, in FB 331 (2-3:30)
Mon 02/13 Library OSes
Rethinking the Library OS from the Top-Down (Porter, Boyd-Wickizer, Howell, Olinsky, Hunt, ASPLOS, 2011)
  1. Unikernels: Library Operating Systems for the Cloud (Madhavapeddy, Mortier, Rotsos, Scott, Singh, Gazagnaire, Smith, Hand, and Crowcroft, ASPLOS 2013)
  2. The nonkernel: A Kernel Designed for the Cloud (Ben-Yehuda, Peleg, Ben-Yehuda, Smolyar, and Tsafrir, APSys 2013)
Wed 02/15 VM == Process?
Don's Notes. Dune: Safe User-Level Access to Privileged CPU Features (Belay, Bittau, Mashtizadeh, Terei, Mazieres, and Kozyrakis, OSDI 2012)
  1. Scale and Performance in the Denali Isolation Kernel (Whitaker, Shaw, and Gribble, OSDI 2002)
Fri 02/17 Hacking Day!
Make-up, in FB 007 (2-3:30)
Part 2: Virtual I/O
Mon 02/20 Virtual I/O "Classic"
Don's notes Virtualizing I/O Devices on VMware Workstation's Hosted Virtual Machine Monitor (Sugerman, Venkitachalam, and Lim, USENIX 2001)
Wed 02/22 virtio and vfio
Don's Notes.
  1. virtio: Towards a De-Facto Standard For Virtual I/O Devices (Russell, OLS 2008)
  2. Safe device assignment with VFIO (Corbet, LWN 2012)
Fri 02/24 Lab 2 Due 11:59 PM
Mon 02/27 Class Rescheduled
Wed 03/01 Class Rescheduled
Fri 03/03 Lab 3a Due (Advisory Deadline)
Mon 03/06 Fast Virtual I/O
Don's Notes. A Comprehensive Implementation and Evaluation of Direct Interrupt Delivery (Tu, Ferdman, Lee, and Chiueh, VEE 2015).
  1. High Performance VMM-Bypass I/O in Virtual Machines (Liu, Huang, Abali, and Panda, USENIX 2006)
  2. vIOMMU: Efficient IOMMU Emulation (Amit, Ben-Yehuda, Tsafrir, and Schuster, USENIX 2011)
  3. ELI: Bare-Metal Performance for I/O Virtualization (Gordon, Amit, Har'El, Ben-Yehuda, Landau, Schuster, and Tsafrir, ASPLOS 2012)
Wed 03/08 Hacking Day!
Fri 03/10 Lab 3 Due 11:59PM
Mon 03/13 Spring Recess, Class Canceled
Wed 03/15 Spring Recess, Class Canceled
Mon 03/20 Hole Punching
Don's Notes. IX: A Protected Dataplane Operating System for High Throughput and Low Latency (Belay, Prekas, Klimovic, Grossman, Kozyrakis, and Bugnion, OSDI 2014)
  1. Arrakis: A Case for the End of the Empire (Peter and Anderson, HotOS '13)
  2. Arrakis: The Operating System is the Control Plane (Peter, Li, Zhang, Ports, Woos, Krishnamurthy, Anderson, and Roscoe, OSDI '14)
Tue 03/21
Project Proposal Due. 11:59PM
Wed 03/22 Virtual I/O at Rack Scale
Don's Notes. Paravirtual Remote I/O (Kuperman, Moscovici, Nider, Ladelsky, Gordon, and Tsafrir, ASPLOS 2016)
  1. I/O Virtualization (Waldspurger and Rosenblum, CACM 2012)
  2. Efficient and Scalable Paravirtual I/O System(Har'El, Gordon, Landau, Ben-Yehuda, Traeger, and Ladelsky, ATC 2013)
Fri 03/24 Hacking Day!
Make-up Day (2-3:30), FB 007
Mon 03/27 Class Rescheduled
Wed 03/29 Virtual Disks
Don's Notes. Parallax: Virtual Disks for Virtual Machines (Meyer, Aggarwal, Cully, Lefebvre, Feeley, Hutchinson, and Warfield, EuroSys 2008)
Mon 04/03 Software-Defined Storage
Don's Notes. IOFlow: A Software-Defined Storage Architecture (Thereska, Ballani, O'Shea, Karagiannis, Rowstron, Talpey, Black, and Zhu, SOSP 2013)
Part 3: Security
Wed 04/05 Introspection
Review the second paper.
Don's Notes.
  1. When Virtual is Better than Real (Chen and Noble, HotOS 01)
  2. Space Traveling across VM: Automatically Bridging the Semantic Gap in Virtual Machine Introspection via Online Kernel Data Redirection (Fu and Lin, Oakland 2012)
  1. When Virtual is Harder than Real: Security Challenges in Virtual Machine Based Computing Environments (Garfinkel and Rosenblum, HotOS 2005)
  2. Compatibility is not transparency: VMM detection myths and realities (Garfinkel, Adams, Warfield, and Franklin, HotOS, 2007).
Mon 04/10 Reducing the TCB (1)
Don's Notes. TrustVisor: Efficient TCB Reduction and Attestation (McCune, Li, Qu, Zhou, Datta, Gligor, and Perrig, Oakland 2010)
  1. SecVisor: A Tiny Hypervisor to Provide Lifetime Kernel Code Integrity for Commodity OSes (Seshadri, Luk, Qu, and Perrig, SOSP 2007)
  2. Flicker: An Execution Infrastructure for TCB Minimization(McCune, Parno, Perrig, Reiter, and Isozaki, EuroSys 2008)
  3. Building Verifiable Trusted Path on Commodity x86 Computers (Zhou, Newsome, Gligor, and McCune, Oakland 2012)
Wed 04/12 Hacking Day!
Fri 04/14
Lab 4 Due. 11:59PM.
Mon 04/17 Reducing the TCB (2)
Don's Notes. Breaking Up is Hard to Do: Security and Functionality in a Commodity Hypervisor (Colp, Nanavati, Zhu, Aiello, Coker, Deegan, Loscocco, and Warfield, SOSP 2011) VirtuOS: an operating system with kernel virtualization (Nikolaev and Black, SOSP 2013)
Wed 04/19 Removing Trust from the OS (1)
Don's Notes. InkTag: Secure Applications on an Untrusted Operating System (Hofmann, Kim, Dunn, Lee, and Witchel, ASPLOS 2013)
  1. Overshadow: A Virtualization-Based Approach to Retrofitting Protection in Commodity Operating Systems (Chen, Garfinkel, Lewis, Subrahmanyan, Waldspurger, Boneh, Dwoskin, and Ports, ASPLOS 2008)
  2. Iago Attacks: Why the System Call API is a Bad Untrusted RPC Interface (Checkoway and Shachman, ASPLOS 2013)
Mon 04/24 Removing Trust from the OS (2)
Don's Notes. SCONE: Secure Linux Containers with Intel SGX (Arnautov, Trach, Gregor, Knauth, Martin, Priebe, Lind, Muthukumaran, O'Keeffe, Stillwell, Goltzsche, Eyers, Kaptiza, Pietzuch, and Fetzer, OSDI 2016)
  1. Innovative Instructions and Software Model for Isolated Execution (Mckeen, Alexandrovich, Berenzon, Rozas, Shafi, Shanbhogue and Savagaonkar, HASP 2013)
  2. Using Innovative Instructions to Create Trustworthy Software Solutions (Hoekstra, Lal, Pappachan, Rozas, Phegade and del Cuvillo, HASP 2013)
  3. Slides from HASP for the first paper (may be helpful).
  4. Shielding Applications from an Untrusted Cloud with Haven (Baumann, Peinado, and Hunt, OSDI 2014)
  5. Panoply: Low-TCB Linux Applications with SGX Enclaves (Shinde, Tien, Tople, and Saxena, NDSS 2017)
Wed 04/26 Project Demos
Fri 04/28
Final Projects Due. 11:59PM.

Copyright Notice: These lecture notes, homeworks, and lab assignments are part of a graduate course on operating systems. You must ask me permission to use these materials. I do not grant to you the right to publish these materials for profit in any form.
Donald Porter, The University of North Carolina at Chapel Hill

Last updated: 2017-05-01 20:56:57 -0400 [validate xhtml]