Pictures and a little more text
This commit is contained in:
parent
fce69a7d57
commit
21f192318b
|
@ -66,14 +66,20 @@ Programs can handle exceptions to @emph{contain} partial failure:
|
||||||
Partial failures interact with shared, mutable state in unpredictable
|
Partial failures interact with shared, mutable state in unpredictable
|
||||||
ways, especially in larger programs that combine stateful subprograms.
|
ways, especially in larger programs that combine stateful subprograms.
|
||||||
|
|
||||||
Programmers often ignore issues of security and trust between
|
@note{For a good overview of PL-based approaches to security and
|
||||||
subprograms within a larger program. Most programming languages
|
trust, see Mark S. Miller's
|
||||||
entirely lack any means of securely isolating subprograms from each
|
"@hyperlink["http://www.erights.org/talks/thesis/markm-thesis.pdf"]{Robust
|
||||||
other, leading to predictable failures. Even memory-safe languages
|
composition: Towards a unified approach to access control and
|
||||||
such as Racket, Java and .NET only offer weak techniques for securely
|
concurrency control}" and Jonathan A. Rees's
|
||||||
composing mutually suspicious subprograms. Techniques such as avoiding
|
"@hyperlink["http://dspace.mit.edu/bitstream/handle/1721.1/5944/AIM-1564.pdf"]{A
|
||||||
@emph{ambient authority} and using @emph{object capabilities} to
|
Security Kernel Based on the Lambda-Calculus}".} Programmers often
|
||||||
compose subprograms
|
ignore issues of security and trust between subprograms within a
|
||||||
|
larger program. Most programming languages entirely lack any means of
|
||||||
|
securely isolating subprograms from each other, leading to predictable
|
||||||
|
failures. Even memory-safe languages such as Racket, Java and .NET
|
||||||
|
only offer weak techniques for securely composing mutually suspicious
|
||||||
|
subprograms. Techniques such as avoiding @emph{ambient authority} and
|
||||||
|
using @emph{object capabilities} to compose subprograms
|
||||||
|
|
||||||
TODO ^
|
TODO ^
|
||||||
|
|
||||||
|
@ -81,22 +87,29 @@ TODO ^
|
||||||
|
|
||||||
Programs which engage in I/O are very obviously part of a network:
|
Programs which engage in I/O are very obviously part of a network:
|
||||||
|
|
||||||
@racketblock[(define username (read-line))
|
@racketblock[(define (greet-user)
|
||||||
(printf "Hello, ~a!\n" username)]
|
(define username (read-line))
|
||||||
|
(define greeting (format "Hello, ~a!\n" username))
|
||||||
|
(display greeting)
|
||||||
|
(newline))
|
||||||
|
(greet-user)]
|
||||||
|
|
||||||
But look closely! There is a difference here between the kind of communication
|
Here, the network has two components: the program, and the user at the
|
||||||
|
terminal.
|
||||||
|
|
||||||
This program is more obviously composed of a number of moving pieces:
|
But look closely! There is a difference here between the kind of
|
||||||
|
communication between this program and its @emph{peer} and the
|
||||||
|
communication @emph{internal} to the program itself. Portions of the
|
||||||
|
program relay information from the outside world, translating it to
|
||||||
|
and from an internal representation as they go, while other portions
|
||||||
|
perform computations on the relayed information.
|
||||||
|
|
||||||
@interaction[(let ((b (box 3)))
|
@vm-figure[(vm (vm-label "Operating System")
|
||||||
(set-box! b (+ (unbox b) 4))
|
(network-label "")
|
||||||
(unbox b))]
|
(process "User")
|
||||||
|
(process-space)
|
||||||
@interaction[(define (add-three-to b)
|
(vm (vm-label "Program")
|
||||||
(set-box! b (+ (unbox b) 3)))
|
(network-label "")
|
||||||
(define (add-four-to b)
|
(process "Read line")
|
||||||
(set-box! b (+ (unbox b) 4)))
|
(process "Format greeting")
|
||||||
(define my-box (box 0))
|
(process "Print greeting")))]
|
||||||
(add-three-to my-box)
|
|
||||||
(add-four-to my-box)
|
|
||||||
(unbox my-box)]
|
|
||||||
|
|
|
@ -4,16 +4,15 @@
|
||||||
|
|
||||||
@title{Concepts}
|
@title{Concepts}
|
||||||
|
|
||||||
We integrate ideas from both distributed systems
|
Marketplace integrates ideas from both distributed systems and
|
||||||
and virtualized operating system designs to obtain a novel
|
virtualized operating system designs to obtain an architecture of
|
||||||
architecture of nested virtual machines. Each nested layer is equipped with
|
nested @emph{virtual machines}. Each nested layer is equipped with its
|
||||||
its own publish/subscribe network that also propagates information
|
own publish/subscribe network that also propagates @emph{presence}
|
||||||
about the (dis)appearance of services.
|
information about the (dis)appearance of services.
|
||||||
|
|
||||||
The result suggests a @emph{
|
The result suggests a @emph{marketplace} metaphor, where communicating
|
||||||
marketplace} metaphor, where communicating programs exist in a
|
programs exist in a noisy, crowded, even chaotic context, rather than
|
||||||
noisy, crowded, even chaotic context, rather than in a quiet place
|
in a quiet place systematically going through their inboxes.
|
||||||
systematically going through their inboxes.
|
|
||||||
|
|
||||||
@section{What is a process, what are event handlers?}
|
@section{What is a process, what are event handlers?}
|
||||||
|
|
||||||
|
|
|
@ -2,6 +2,10 @@
|
||||||
(require scribble/racket
|
(require scribble/racket
|
||||||
scribble/eval
|
scribble/eval
|
||||||
scriblib/footnote
|
scriblib/footnote
|
||||||
|
|
||||||
|
slideshow/pict
|
||||||
|
"vm-pictures.rkt"
|
||||||
|
|
||||||
(for-syntax racket)
|
(for-syntax racket)
|
||||||
(for-label typed/racket/base))
|
(for-label typed/racket/base))
|
||||||
|
|
||||||
|
@ -17,3 +21,6 @@
|
||||||
desc ...)]
|
desc ...)]
|
||||||
[(_ t d desc ...)
|
[(_ t d desc ...)
|
||||||
#`(defthing #:kind "type" t d desc ...)])))
|
#`(defthing #:kind "type" t d desc ...)])))
|
||||||
|
|
||||||
|
(define (vm-figure p)
|
||||||
|
(centered (to-element (render (scale p 1.2) #:target 'pict))))
|
||||||
|
|
|
@ -0,0 +1,113 @@
|
||||||
|
#lang racket/base
|
||||||
|
|
||||||
|
(require (only-in racket/math pi))
|
||||||
|
(require slideshow/pict)
|
||||||
|
(require file/convertible)
|
||||||
|
|
||||||
|
(provide (all-defined-out))
|
||||||
|
|
||||||
|
(define default-process-height 98)
|
||||||
|
|
||||||
|
(define default-font (make-parameter 'roman))
|
||||||
|
|
||||||
|
(define final-border (make-parameter 1))
|
||||||
|
|
||||||
|
(define process-angle (make-parameter 90))
|
||||||
|
(define process-width (make-parameter 24))
|
||||||
|
(define process-corner (make-parameter 6))
|
||||||
|
(define process-height (make-parameter default-process-height))
|
||||||
|
(define process-gap (make-parameter 6))
|
||||||
|
(define process-fill-color (make-parameter "white"))
|
||||||
|
|
||||||
|
(define PROCESS-SHADED (list #xdd #xdd #xdd))
|
||||||
|
|
||||||
|
(define leg-offset (make-parameter 4))
|
||||||
|
(define leg-width (make-parameter 2))
|
||||||
|
(define leg-spot-width (make-parameter 4))
|
||||||
|
|
||||||
|
(define (default-leg-height)
|
||||||
|
(/ (network-height) 2))
|
||||||
|
|
||||||
|
(define (meta-leg-height)
|
||||||
|
(+ (default-leg-height) (vm-height) (network-height)))
|
||||||
|
|
||||||
|
(define network-height (make-parameter 12))
|
||||||
|
(define vm-height (make-parameter 27))
|
||||||
|
(define process-label-size (make-parameter 12))
|
||||||
|
(define network-label-size (make-parameter 9))
|
||||||
|
(define vm-label-size (make-parameter 12))
|
||||||
|
(define ellipsis-size (make-parameter 24))
|
||||||
|
|
||||||
|
(define (process label)
|
||||||
|
(cb-superimpose
|
||||||
|
(colorize (filled-rounded-rectangle (process-width) (process-height) (process-corner))
|
||||||
|
(process-fill-color))
|
||||||
|
(rounded-rectangle (process-width) (process-height) (process-corner))
|
||||||
|
(vc-append (text label (default-font) (process-label-size) (d2r (process-angle)))
|
||||||
|
(blank (/ (- (process-width) (process-label-size)) 2)))))
|
||||||
|
|
||||||
|
(define (process-group . ps)
|
||||||
|
(apply hb-append (process-gap) ps))
|
||||||
|
|
||||||
|
(define (process-space [n 1])
|
||||||
|
(blank (+ (* (- n 1) (/ (process-width) 2))
|
||||||
|
(- (/ (process-width) 2) (* 2 (process-gap)))) (process-height)))
|
||||||
|
|
||||||
|
(define (vm-label str)
|
||||||
|
(text str (default-font) (vm-label-size) (d2r 0)))
|
||||||
|
|
||||||
|
(define (network-label str)
|
||||||
|
(text str (default-font) (network-label-size) (d2r 0)))
|
||||||
|
|
||||||
|
(define (vm label net-label . ps)
|
||||||
|
(define ps-pict (apply process-group ps))
|
||||||
|
(define label-width (max (pict-width label) (pict-width net-label)))
|
||||||
|
(define width (max (+ label-width (* 2 (max (vm-label-size) (network-label-size))))
|
||||||
|
(pict-width ps-pict)))
|
||||||
|
(vl-append ps-pict
|
||||||
|
(cb-superimpose (colorize (filled-rectangle width (network-height))
|
||||||
|
(process-fill-color))
|
||||||
|
(rectangle width (network-height))
|
||||||
|
net-label)
|
||||||
|
(cc-superimpose (colorize (filled-rectangle width (vm-height))
|
||||||
|
(process-fill-color))
|
||||||
|
(rectangle width (vm-height))
|
||||||
|
label)))
|
||||||
|
|
||||||
|
(define (process-ellipsis)
|
||||||
|
(cc-superimpose (text ". . ." (default-font) (ellipsis-size) 0)
|
||||||
|
(blank 0 (process-height))))
|
||||||
|
|
||||||
|
(define (d2r d)
|
||||||
|
(* pi (/ d 180.0)))
|
||||||
|
|
||||||
|
(define (leg p offset height)
|
||||||
|
(define x (+ (/ (pict-width p) 2) (* offset (leg-offset))))
|
||||||
|
(define y (pict-height p))
|
||||||
|
(define leg-pict (vc-append (vline (leg-width) (- height (/ (leg-spot-width) 2)))
|
||||||
|
(disk (leg-spot-width) #:draw-border? #f)))
|
||||||
|
(pin-over p (- x (/ (pict-width leg-pict) 2)) y leg-pict))
|
||||||
|
|
||||||
|
(define (relay-legs p)
|
||||||
|
(leg (leg p 1 (default-leg-height)) -1 (meta-leg-height)))
|
||||||
|
|
||||||
|
(define (local-leg p)
|
||||||
|
(leg p 0 (default-leg-height)))
|
||||||
|
|
||||||
|
(define (render p #:target [target (string->symbol (or (getenv "VM_PICTURES_TARGET") "eps"))])
|
||||||
|
(define final-pict (cc-superimpose (blank (+ (pict-width p) (* 2 (final-border)))
|
||||||
|
(+ (pict-height p) (* 2 (final-border))))
|
||||||
|
(panorama p)))
|
||||||
|
(case target
|
||||||
|
[(pict)
|
||||||
|
final-pict]
|
||||||
|
[(screen)
|
||||||
|
;; FFS. This connects to the display even if you don't use it.
|
||||||
|
;; (local-require racket/gui/base)
|
||||||
|
;; (show-pict final-pict 800 600)
|
||||||
|
(log-error "You need to uncomment a couple of lines in vm-pictures.rkt")
|
||||||
|
(void)]
|
||||||
|
[(png)
|
||||||
|
(display (convert final-pict 'png-bytes))]
|
||||||
|
[(eps)
|
||||||
|
(display (convert final-pict 'eps-bytes))]))
|
Loading…
Reference in New Issue