KrakOS is studying how to evolve system software to better address the challenges of current and future infrastructures. This line of work encompasses two complementary dimensions: firstly, the evolution of the internal architecture of operating systems and hypervisors without necessarily modifying existing interfaces and functionalities to preserve application compatibility; secondly, the proposition of new abstractions, complementary or different from those of classical interfaces.
Mutant Kernels (performance, velocity, and flexibility objectives): For both functional and non-functional reasons, data center applications and software infrastructures generally rely on monolithic kernels with rich interfaces (typically Linux) that are modified and optimized for the needs of the targeted applications. To improve development and deployment agility, KrakOS reexamines the architecture of system kernels used in (physical and virtual) servers by exploring various complementary approaches. Two examples of these are described below.
On the one hand, we revisit the potential of code injection techniques within the kernel or hypervisor, which have regained interest with the rise of technologies like eBPF. However, due to the strong safety and security constraints they raise, these techniques also present significant constraints regarding expressiveness and flexibility.
On the other hand, we study the extensibility of monolithic kernels through the outsourcing of services and abstractions in user mode. This approach is inspired by microkernels but with different constraints and opportunities. It aims at preserving the rich set of features rather than designing a minimalist kernel with proven guarantees. This has been a recent trend in the Systems community, as evidenced by several works published in major Systems conferences in recent years: uFS [Liu2021] (file system), Snap [Marty2019] (networks), and ghOSt [Humphries2021] (scheduler). However, this approach is still in its early stages, especially since existing works only consider outsourcing a single service at a time and rely solely on classical abstractions (e.g., the concept of Process, which does not enable the necessary nuances between application code and semi-privileged system services). KrakOS aims at holistically studying the outsourcing of System services, allowing efficient and secure cooperation between multiple outsourced services, as well as the use of high-level languages to implement certain services
