--- title: "Maintainers' Meeting, September 5, 2022" tags: unikraft, maintainers datetime: 2022-09-05T11:00:00+02:00 location: Online, Discord (https://bit.ly/UnikraftDiscord), the `#monkey-business` voice channel teams: - maintainers participants: - Simon - Alex - Marc - RăzvanD - Cezar - Marco - ȘtefanJ --- ## :dart: Agenda - plat re-architecting (Michalis) - bootloader support + packaging (Alex, Simon, Cristi) - memory randomization (+loading) (Marc, Simon) - SMP-related features: scheduler, synchronization, allocators (Marc, Michalis) ## :closed_book: Discussions ### Plat Re-architecting https://docs.google.com/document/d/1Kz0fWUe7pLl2kIx_CnNotY53h8vvSH8owUAd-ZNtB3I/edit Michalis will lead this. We need a separate first discussion with all relevant people, before bringing it to the maintainers' meeting. ### Memory Randomization MR: The loader would be the first item to create. The loader randomizes where the sections are loaded. And then figure out how to randomize the dynamic sections. MR: The 1-to-1 mapping where the pages are located needs to SK: Have the libraries built as dynamic loader. MS: The `-omagic` flag is an issue with padding that affects sessions. SK: Later version: build libraries as `.so` objects at different addresses. MR: I would prefer the loader as different sections in the Unikernel image. SK: A first step would be adding an option for compile time randomization. Sketch planning: 0. build-time randomization: https://github.com/unikraft/unikraft/pull/492 1. TRNG (hw rand) 2. PIC/PIE support 3. Loader + separate Unikraft image 4. randomize dynamic ones (heap, stack, mappings) 5. randomizing individual libraries - it depends on the packaging Everything would be configurable: poor man's ASLR vs. strong (and complicated) ASLR. ### Multiple bootloaders and Packaging https://jamboard.google.com/d/1u5lHvXoIREkNJfqoNkqu6imxP7grAYbyDttx97W-Svo/viewer?f=0 AJ: Kraftkit is 2nd level (higher-level). AJ: There will always be a layer of config checks. kraftkit will probably wrap something else on top of that. SK: Packaging will be done by kraftkit. We can use GitHub issues to organize this. SK: We need an owner that fills this issue and that makes sure things are moving forward. SK: We need an initial ### SMP + synchronization MR: Sairaj added sync primitives that as read-write locks. I didn't do a deep review, the PR looks good. MP: What's missing is synchronization for wait queues. Protecting the structures themselves (for SMP). MP: This could be upstreamed in the next version (0.11). MP: Then he worked on proper APIC support. Currently xAPIC is only used for IPIs. The legacy PIC is used for all other interrupts. The goal is to fully use APIC. This will clean up the SMP work and prepare the I/O to be in a modern state. MP: A good 6-month project for Sairaj would be SMP-enabled networking. SK: There may be minor changes required to ukthread / uksched for SMP-aware scheduling. ### Internal and External Libraries SK: The decision should be individual. SK: You shouldn't overload the core. SK: It is an individual discussion affected by the roadmap. SK: Firecracker is likely goig to make it to the core, as a light VMM. VMware / Hyper-V likely not. ## :wrench: TODOs and Decisions TODO SK: Prepare input for plat re-arch document: https://docs.google.com/document/d/1Kz0fWUe7pLl2kIx_CnNotY53h8vvSH8owUAd-ZNtB3I/edit Owners: Have separate discussion on each topic before bringing it out to the maintainers discussion. TODO RD: Talk to Terry about spliting the static from the dynamic part: https://github.com/unikraft/unikraft/pull/492/files#diff-5a287a81131bf449f46414eb06a0296ee6b93e3e5690794acb4b3b382c6454ec TODO: Goal to include link-time ASLR in 0.11 (owner: RD, tech lead: SK). TODO: Goals, requirements and tasks for bootloader + packaging part MR: Check if synchronization PR from Sairaj is arch-independent. Robert can check. Individual decisions for each component (lib, arch, plat) to be part of the core or be an external library. RD: Resume work on testing Musl builds (Ștefan, Radu, Maria).