Devconf.US

Porting and Generalizing Dynamic Privilege in Linux
2024-08-15 , East Balcony (capacity 80)

Dynamic Privilege is the ability for an authorized process to acquire and
relinquish hardware privilege (supervisor privilege) on the fly. Recent work
in our research group introduced the notion of Dynamic Privilege, and the
attendant kernel mechanisms to introduce it to the Linux kernel. This permits
the exploration of several interesting optimizations and novel approaches to
system specialization - for example, shortcutting long code paths by calling
internal kernel routines.
The initial implementation was developed in x86_64. In this talk, we will
present our work in porting the core primitives for Dynamic Privilege to
ARM64 and discuss the details of this approach. Through a comparison of the
ARM64 and x86 implementations, we will seek to differentiate the functional
goal of Dynamic Privilege from the underlying architectural mechanisms. In
doing so, we will summarize what we have learned through the process of
generalizing its implementation beyond a single architecture. Finally, we
will discuss how our experiences introducing the mechanism to ARM64 inform a
natural path towards a RISC-V implementation which we will briefly introduce.