OSmosis: No more D\'ej\`a vu in OS isolation

TL;DR

OSmosis introduces a flexible isolation model and framework for operating systems, enabling precise control over resource sharing and isolation levels to improve security and performance management.

Contribution

The paper presents OSmosis, a novel model and framework for customizable OS isolation mechanisms based on explicit resource sharing levels, implemented on seL4.

Findings

Allows precise specification of isolation levels

Enables developers to balance security and performance

Implemented successfully on seL4

Abstract

Operating systems provide an abstraction layer between the hardware and higher-level software. Many abstractions, such as threads, processes, containers, and virtual machines, are mechanisms to provide isolation. New application scenarios frequently introduce new isolation mechanisms. Implementing each isolation mechanism as an independent abstraction makes it difficult to reason about the state and resources shared among different tasks, leading to security vulnerabilities and performance interference. We present OSmosis, an isolation model that expresses the precise level of resource sharing, a framework in which to implement isolation mechanisms based on the model, and an implementation of the framework on seL4. The OSmosis model lets the user determine the degree of isolation guarantee that they need from the system. This determination empowers developers to make informed decisions about isolation and performance trade-offs, and the framework enables them to create mechanisms with the desired degree of isolation.