Safe user-level sharing of memory-mapped resources

The operating systems community has long sought to move services out of the kernel and into user space to increase modularity, facilitate rapid prototyping, and minimize I/O overhead. The need for protection, however, has generally meant that sensitive data and device registers can be mapped into only one address space at a time.

This talk will present the Hodor project, which overcomes the single address space limitation by using the memory protection keys of recent Intel processors to implement a _protected library_ mechanism. Using this mechanism, a Hodor application can access shared resources quickly and safely, running its threads in a trusted library code. As a proof of concept, kernel-bypass networking in Hodor has allowed us to sustain over 3M IO ops per second while enforcing cross-application quality of service. In future work, we believe we can leverage Hodor to migrate functionality out of a monolithic kernel like Linux on an incremental basis, achieving the structuring benefits of microkernels incrementally and without a performance penalty.