Jon Howell, Jeremy Elson, Bryan Parno, and John R. Douceur
19 June 2014
The Embassies system turns the web browser model inside out: the client
is ultra-minimal, and hence strongly isolates pages and apps; every app
carries its own libraries and provides itself OS-like services. A typical
Embassies app is 100 MiB of binary code. We have found that the first
reaction most people have upon learning of this design is: how can big
apps start quickly in such a harsh, mutually-untrusting environment?
The key is the observation that, with appropriate system organization,
the performance enhancements of a shared buffer cache can be supplied by
an untrusted component. The benefits of sharing depend on availability
of commonality; this paper measures a hundred diverse applications to
show that applications indeed exhibit sufficient commonality to enable
fast start, reducing startup data from 64MiB to 1MiB. Exploiting that
commonality requires careful packaging and appropriate application
of conventional deduplication and incremental start techniques.
These enable an untrusted client-side cache to rapidly assemble an
app image and transfer it---via IP---to the bootstrapping process.
The result is proof that big apps really can start in a few hundred
milliseconds from a shared but untrusted buffer cache.
|Published in||Annual Technical Conference|