 So, I come from Bologna, I'm at the University of Bologna, and this icon here is virtual square, which is a team, which is developing solutions, tools, ideas in the field of virtualization. VOS, give your processes a new view. View, it's not an acronym, it must sound like view. So, which is the point? What is, what a process can, can view? A process running on an operative system is able by itself to execute machine operations, is able by itself to access its own memory, but everything else must be obtained through system codes. So, the environment, the view, the panorama that the process is seeing outside its world, it's given by the answer, by the reply that the system calls gives you back, gives it back. Okay, so, namespaces in the kernel are ways to provide processes with different views, different views on a file system, different views on networking, different views on process ideas, user ID, or whatever. What we are designing with VOS is something similar, but completely developed, completely running in user space with just user permissions without the need to be root. This, this can reduce dramatically the, the taxal phase because we don't use namespace feature in the kernel. So, you can imagine to run a kernel with namespaces disabled and at the same time, we, we provide the solutions that are available to standard users. Nowadays, it happens so often that solutions tools are provided for system administrators, but that it means that some, it's another way to enlarge the, the taxal phase as faulty programs, bugs can create damages to the system. So, what the idea starts is the idea come, comes from a need. Why? It is not possible for a, for a user to mount a file system. If I have a file system image, it's a file of mine. So, mounting a file system image and changing the contents of the files, including that file system image once mounted is just a sophisticated editing of a file of yours. Why is it forbidden in, in a standard system? Just because the idea of mount is an idea of a global operation of the system. This operation either is provided as a global operation as in the past or is provided just as to a subset of processes but, but by the kernel in namespaces. Instead, it must be possible to mount the file systems as users. In this presentation, I want to show you first what and why. And then at the end, how? The reverse way around. So, with other applications, I can need a virtual device. So, I want to create a RAM disk for my application. So, if it's a RAM disk for my application, why I need to pre-root? Why I need to, to, to need the kernel services? Or I want to use a different network stack? Or I want to see a file which is here there, like the bind mount. Or I want to mount the entire file system in, in car mode, in copy and write mode. I want to change the, you name the time, user ID, whatever, but I want to do everything in user space, user permission. So, instead of, I have slides with demo, but I prefer to, to provide with you with a demo result. Here I have, here I have a, a file system image. I would like to do this because this is the natural way to mount a file system. Actually, I get from the kernel, actually not from the kernel. This is an error of the tool. It's the mount tool that says you're not root. This is an error of the tool. But even if you try to, to call the system call, you get the error. Okay, you do that. You start a VOS machine. This window is running inside the machine. Again, if I try to mount this, I get the error. But if I add the module to provide the file system virtualization and mount this just saying the type of a system and tool, as I work around to the mount command error, I have to use view mount, which is a mount. You can use view mount to mount everything else, but it tries the system call. Well, what is now about live, okay. The problem is that, okay. Now I have mounted the file system, but just for this, okay. Actually, this is mounted, but this is another file system, as you can see. So I've mounted my file system over there. This is just an example. Okay, let's start another virtual machine. I have here some comments to be, okay. Let us, this time, if I can pick up the comment, I add two models. One is for virtual devices. One is for virtual files. And with this comment, I create a virtual device named dev ramdisk, which is a ramdisk 100 megabit, megabyte large. So as a user, I can create a file system on a ramdisk. Then I can mount the file system. And now on the dash mount, I have the new file system, which is into the ramdisk. I want to point out that I'm using the comments that I use as an ordinary system administrator outside the virtual machine. So one of the goals of the process is to use the natural comments to do what you need. Let us go further. This is a common problem I had. I always forget the comments to loop mount partition of file system units. For example, if you have a Raspberry Pi, the image has two partitions. If you want to mount one partition to change one file, it is a mess. And second, you need to be root. Now I'm showing you how to access the partition of a Raspberry Pi image as a user. So again, I add the two models. Now I use another virtual device module, which is Partix. And as you can see, that's an image I've just downloaded from a Raspberry Pi site. And now I have in slash dash slash sdx my disk. So I can, okay, I'm not root, so I need, you can see the partitions. Okay. And given there are sdx1, sdx2, I can mount sdx2. So I can mount the second partition. Here I have the root partition of the Raspberry Pi. I could change the file, do whatever I want. Or let's continue. Okay. Now let us play with another toy, networking. The model for networking is VONET. Now let me try, okay. Let us try this experiment. This is quite a new development. It's already unstable, but I want to, there's a development, a development I have created together with the camera. This is Pico TCP as a user mode stack in VOS. And given that the Pico TCP is connected to VD networking, I've used it at the networking interface Slip, which is the tool used by virtual machines to provide the user provider networks. Now we provide in VOS different stacks at the same time in order to change or to decide. And you can see I've mounted the stack in DevNet Pico. So in order to say, I want to use that network because now I have my, here I have my interfaces. But if I say, VOS stack, I open a bash and in this bash I have the Pico TCP interfaces. It's a choice, Pico TCP uses a hash it is. So it's quite different from standard networking because usually you have the name, the number of the interfaces zero one we have there. But now I can self configure the network using a standard the ACP client. Okay. Now I've got the address and again this is my machine, my computer in Bologna. I've used the stack in the virtual environment. Okay. Final demo. This is the current time. Now I can start the VOS machine. And now I start another sub module, mission. And this time, and I start another x clock. Now I mount, let me move this clock, which is, now I mount the module roomish time in mount. And it is like approach file system. So mount contains some fake files. And I can use this to change the view of the process regarding time. For example, if I put two in mount frequency, as you can say, we have relativistic machines. So the time in the virtual machine runs twice as faster as the time in the normal life. Okay. So as you can see, this, the idea of UIS is providing means to provide the processes with the view we need to solve problems. So we have started from the solution. We'll start from what is useful. Now I can show you. Okay. All the demos I've done now are in the slides so you can test by yourself if you like all the demos after the talk. This is the structure of one view, which is an implementation of UIS. We can provide further implementation in the future. There are processes in the user space. And there is a real system call interposition to decide which system calls must be forwarded to the kernel in case you are accessing part of the system, which are real. Or the system calls are completely implemented in the hypervisor code. In order to achieve the better results with parallelism, we use a technique that we have named the guardian angels. So each process running in the user space has in the hypervisor a thread which is providing the virtualization for that thread or process. So each process in the user space has a guardian angel thread in the hypervisor. So if a process runs an open, the guardian angel tries to see if the path is in a real or in a virtual part. If it is the real part, it simply saves the process for what the call to the kernel. Otherwise, the guardian angel and the model choice is for the choice of virtual or real, and in case it's virtual, it returns the module which is responsible for the virtualization. So the system call, there are wrappers that get from the user memory all the parameter what is needed to perform the virtualization. And the system call is forwarded to the module we have seen in the demo's fused dev net. And the implementation of file system, networking, or devices, or whatsoever really perform the actual action to have the result. I have two points to note now. One is I have, in example, I have created a virtual device and inside the virtual device a virtual file system. So this was a nested virtualization. So try to think that we open a file in the virtual file system that call is forwarded to be fused for the virtualization of the file system. How can we achieve the virtualization of the device on this? The hypervisor uses a self-virtualization method. Pure libc is an overlay of on libc that is able to grab, to catch all the system calls generated by the process itself. So even the read or write from a view fuse is returned to the choice function and if it sees that there is a further virtualization in place it calls the, in this case, the device virtualizer and the, for example, from the RAM disk and it provides the correct answer. Let me point out that the interface to the modules is clean, simple, let me see, kiss, keep it simple and stupid. The modules receive just the system calls. So if there is a read here, read file descriptor buffer length, over there the module received a read, a read file descriptor buffer length. So a module is simply created by registering the service to the hash table. So one module can register I can, I am responsible for this subtree of the file system or I am responsible for that file or I am responsible for that address family. I am responsible for that or the other system call. And then it has to provide the implementation of the system call. If somebody want to access that kind of file, so there is a read, what must be the answer? That's all. Okay, I have no time to show the code but everything is available. We have a wiki site, we are redesigning the wiki site. The most important here is the set of repositories and there is actually an infrastructure for a tutorial. We provide a, we provide a disk image and scripts to make it easy for whoever want to try the tools to have the whole infrastructure ready to perform the experiments I've done five minutes ago. So feel free and please download the image, try the tools and if you like, if you want to participate the project is open to all contributions. Thank you. How do you compare a view with a Geovisor or a user mode Linux? How do you compare a view with a Geovisor? User mode Linux, I compare user mode Linux to VOS or UMU. User mode Linux is a complete virtual machine so it puts an entire kernel. We don't put anything, we just put the system in a condition to grab the system call and divert the execution of the system call to modules if required. So two points. Oops. Okay. We use BFS to accelerate the grabbing the system call catching. Now we can do just avoiding the second caller. Each time a system call is grabbed by Petres. You receive two calls, one before and one after. So using BPF now we can avoid the second call whether the system call is completely real or completely or completely virtual. We have a system calls that are at the same time real and virtual, for example, open. We have a virtual open but at the same time we force the process to make a real open because we have to allocate the file descriptor. Okay. We would like to offload many parts of the decision process in the kernel but we would need the eBPF with a comp which is a long discussion in the Linux kernel menu list. So if you are interested and you like the project, I help us to convince the Linux kernel menu list to add the eBPF for the second comp system call. Thank you.