A programming enthusiast who began writing Python code during high school, recent computer engineering graduate YiFei Zhu (BS CE ’21) has parlayed his knowledge and skills into impactful contributions to Linux, arguably the most widely used system software in the world.
The Linux operating system runs on millions of hardware devices. Ninety percent of all cloud infrastructure is powered by Linux, including supercomputers and cloud providers, 74% of smartphones globally are Linux-based, and even NASA’s Mars helicopter runs Linux. The Linux kernel, as the core of the operating system, manages the hardware resources like CPU, memory, and peripheral devices and provides programming interfaces to user applications.
“Contributing to the Linux kernel with so many adoptions is a tremendous achievement, given its broader impacts and the technical challenges involved,” said Illinois CS assistant professor Tianyin Xu. Xu taught Zhu in one of his classes and later mentored him as a member of his research group during the 2020-21 school year. “YiFei has contributed 25 code commits merged to the Linux kernel during his summer internship at Google, his undergraduate research with my group, and on his own as a hobby.”
During the summer of 2020, Zhu interned remotely at Google’s Network Infrastructure team, improving the eBPF subsystem’s storage features in the Linux kernel. eBPF is a trending technology that allows running sandboxed programs in the Linux kernel without changing kernel source code or loading kernel modules.
Google uses eBPF for critical network operations, such as network configuration and traffic control. Zhu’s work improves the shareability and flexibility of eBPF storage, enabling many new use cases. The Linux kernel adopted his work and is also used by Google’s large-scale production network infrastructures.
“YiFei did an impressive job during his internship,” said Stanislav Fomichev, YiFei’s intern manager at Google. “The features he developed are very important building blocks of our new network operations. We really hoped to work with him again after his graduation, so we offered him a full-time position. We are so happy that he accepted it.”
Another one of Zhu’s Linux kernel contributions occurred as a member of Xu’s research group and focused on OS security through a collaborative project with researchers from the University of Illinois and IBM.
The main programming interface provided by an OS is the system-call interface — user applications invoke system calls to interact with the OS kernel to request OS services and ask for hardware resources. Therefore, system-call security is a foundation of OS security because malicious applications can attack the shared OS through attack vectors that exploit system calls.
Recently, system call security has attracted significant attention, with the increased use of sharing and lightweight virtualization technologies such as containers. Given that a computing server can host tens or hundreds of containers on a shared OS kernel, researchers must develop efficient ways to enforce system-call security to protect the shared OS against malicious or buggy containers.
In his undergraduate research, Zhu developed a new feature, now known as constant action bitmaps, which can effectively speed up the system-call security checks by eliminating redundant check execution. The idea was first proposed in a research paper published at the 53rd IEEE/ACM International Symposium on Microarchitecture, co-authored by Xu and CS and ECE Professor Josep Torrellas and their graduate students.
However, as noted by their collaborator at IBM, Dr. Hubertus Franke, many new technical challenges must be solved to turn a research idea into a practical solution that the Linux kernel can adopt. Nevertheless, Zhu overcame all the challenges along the way and successfully upstreamed his work to the Linux kernel.
As a hobbyist, Zhu has also contributed code to support other software platforms. For example, he provided patches to render YouTube 3D videos in third-party players.
Within ECE, Zhu also worked with associate professor Kirill Levchenko on a research project that enables embedded system firmware to run outside its native environment, known as firmware rehosting. Their research paper was published at the 30th USENIX Security Symposium, with Zhu as the third author.
Zhu’s interest in operating systems began while taking ECE 220, Computer Systems and Programming, in his freshman year.
“I was intrigued by the operating systems, which to me are the foundational computing infrastructures that empower all the user applications,” said Zhu. “I’d read how the OS kernel works and sometimes worked all night, learning more and more.”
From there, he took ECE 391, Computer Systems Engineering, where he turned interests into passions and exceeded the course requirement to write a simple OS, generating more than 10,000 lines of code.
“My friends sometimes ask me how I know all the OS stuff, and I tell them to find projects they like and just write their code to make things work,” he said. “School teaches us the basics, which is the tip of the iceberg. There is a lot more to learn underneath that, which you need to find on your own.”
Later this summer, Zhu will return to Google’s Network Infrastructure team as a full-time kernel engineer.
Xu notes that the interdisciplinary and collaborative culture of Illinois engineering played an essential role in his mentoring such an outstanding student.
“I got to know YiFei when he took my course, CS 423, Operating System Design, from the CS curriculum. He was the best student in the class. YiFei’s work is supported by the C3SR center at the Coordinated Science Lab (CSL), together with NSF and the Illinois Office of Undergraduate Research. None of this could happen if CS, ECE, and CSL are not closely connected.”
Added Xu: “YiFei is among the best undergraduate students I have worked with. His technical ability, the courage of taking challenges, and problem-solving are truly exceptional.”
See the original Illinois ECE story.