YiFei Zhu (BS CE ’21), a programming enthusiast who started writing Python code in high school, has used his knowledge and skills to make powerful contributions to Linux, arguably the most widely used system software in the world.
The Linux operating system runs on millions of hardware devices. Ninety percent of all cloud infrastructure is powered by Linux, including supercomputers and cloud providers, 74% of smartphones worldwide are Linux-based, and even NASA’s Mars helicopter runs Linux. The Linux kernel as the core of the operating system manages the hardware resources such as CPU, memory and peripheral devices and offers programming interfaces for user applications.
“Contributing to the Linux kernel with so many adaptations is a tremendous accomplishment given its broader implications and the technical challenges that come with it,” said Tianyin Xu, assistant professor at Illinois CS. Xu taught Zhu in one of his classes and later supervised him as a member of his research group in the 2020/21 school year. “YiFei contributed 25 code commits during his summer internship at Google, his student work in my group, and as a hobby, which were merged with the Linux kernel.”
In the summer of 2020, Zhu worked remotely on Google’s Network Infrastructure team to improve the storage capabilities of the eBPF subsystem in the Linux kernel. eBPF is a trending technology that makes it possible to run sandbox programs in the Linux kernel without changing the kernel source code or loading kernel modules.
Google uses eBPF for critical network operations like network configuration and traffic control. Zhu’s work improves the sharing and flexibility of eBPF storage and enables many new use cases. The Linux kernel has done its job and is also used by Google’s large production network infrastructures.
“YiFei did an impressive job during his internship,” said Stanislav Fomichev, YiFei’s internal manager at Google. “The features he developed are very important components of our new network operation. We were very much hoping to work with him again after he graduated, so we offered him a full-time position. We are very happy that he accepted it. “
Zhu made another contribution to the Linux kernel as a member of Xu’s research group and focused on operating system security in a joint project with researchers from the University of Illinois and IBM.
The main programming interface provided by an operating system is the System call interface – User applications make system calls to interact with the OS kernel, to request OS services and to inquire about hardware resources. Therefore, system call security is a foundation of operating system security as malicious applications can attack the shared operating system through attack vectors that exploit system calls.
Recently, the security of system calls has received significant attention with the increasing use of sharing and lightweight virtualization technologies such as containers. Given that a computer server can host dozens or hundreds of containers on a shared operating system kernel, researchers need to develop efficient methods to enforce system call security in order to protect the shared operating system from malicious or buggy containers.
As part of his undergraduate research, Zhu developed a new feature now known as Constant Action Bitmaps that can effectively speed up the security checks of system calls by eliminating redundant check executions. The idea was first proposed in a research paper published at the 53rd IEEE / ACM International Symposium on Microarchitecture and co-authored by Xu and CS and ECE professor Josep Torrellas and their PhD students.
As your colleague at IBM, Dr. Hubertus Franke, stated, however, that many new technical challenges have to be solved in order to turn a research idea into a practical solution that the Linux kernel can adopt. Nevertheless, Zhu overcame all challenges and successfully transferred his work to the Linux kernel.
As a hobbyist, Zhu has also contributed code to support other software platforms. For example, he provided patches to render YouTube 3D videos in third-party players.
Within ECE, Zhu also worked with associate professor Kirill Levchenko on a research project that enables embedded system firmware to run outside of its native environment, known as firmware rehosting. Your research paper was published at the 30th USENIX Security Symposium with Zhu as the third author.
Zhu’s interest in operating systems began during his first year at ECE 220, computer systems and programming.
“I was fascinated by the operating systems, which for me are the basic computer infrastructures that support all user applications,” said Zhu. “I’ve read how the operating system kernel works and sometimes I’ve worked all night and learned more and more.”
From there he took ECE 391, Computer Systems Engineering, where he turned his interests into passions and exceeded course requirements to write a simple operating system by generating more than 10,000 lines of code.
“My friends sometimes ask me how I know all the OS stuff and I tell them to find projects they like and just write their code to make things work,” he said. “School teaches us the basics, that’s the tip of the iceberg. There is a lot more to learn below that you have to find yourself.”
Later this summer, Zhu will return to Google’s network infrastructure team as a full-time kernel engineer.
Xu notes that the interdisciplinary and collaborative culture of engineering in Illinois has played an essential role in mentoring such an outstanding student.
“I met YiFei when he was taking my course CS 423, Operating System Design, from the CS curriculum. He was the best student in the class. YiFei’s work is supported by the C3SR center at the Coordinated Science Lab (CSL). Together with NSF and the Illinois Office of Undergraduate Research. None of this could happen if CS, ECE and CSL are not closely related. “
Xu added, “YiFei is one of the best students I have ever worked with. His technical skills, courage to take on challenges, and problem-solving are truly exceptional.”
See the original ECE history from Illinois.