NFU Specification

From ReddNet
Revision as of 07:58, 2 July 2008 by Dano (talk | contribs)
Jump to navigation Jump to search

Simple overview:

  • NFU server -- "adjacent" to IBP depot, runs NFU Ops
  • NFU Op -- lightweight program, written in C, or Java, depending on server.
  • NFU client -- initiates launch of an nfu Op and exchanges data with it.
  • NFU API -- Two iotypes for data exchange between nfu_op and nfu_client:
    • 1. IBP_VAL_[IN, OUT, INOUT]
      • variable/values exchanged directly between nfu client and nfu Op
    • 2. IBP_REF_[RD, WR, RDWR]
      • NFU Server (not nfuOp) processes IBP Caps
      • E.G. _RD: client sends readCap to server, NFU server provides nfuOp a pointer to mmap of the allocation
      • nfuOp does not receive readCap string
  • security issues
    • Java NFU server has VM isolation of nfuOp
    • UTK NFU server has option to run Cap as process to isolate nfuOp from server
    • UTK NFU server mmaps allocations from readCaps, i.e. nfuOp has no direct knowledge of allocation file names.
  • compatibility issues:
    • Java NFU server currently has no way to run C nfuOps
    • if nfu server is not part of the ibp depot, then all IBP_REF_* exchanges need to be changed to IBP_VAL_* exchanges forcing the nfuOp to process IBP caps which would otherwise be processed by the nfuServer.
      • this disables 1/2 of the NFU api