![Page 1: Microkernel-based Operating Systems - Introduction · Faculty of Computer Science Institute for System Architecture, Operating Systems Group Microkernel-based Operating Systems -](https://reader034.vdocuments.mx/reader034/viewer/2022050718/5e1698498b4efd5b24611fea/html5/thumbnails/1.jpg)
Faculty of Computer Science Institute for System Architecture, Operating Systems Group
Microkernel-based Operating Systems - Introduction
Dresden, Oct 10 2017
Carsten Weinhold
![Page 2: Microkernel-based Operating Systems - Introduction · Faculty of Computer Science Institute for System Architecture, Operating Systems Group Microkernel-based Operating Systems -](https://reader034.vdocuments.mx/reader034/viewer/2022050718/5e1698498b4efd5b24611fea/html5/thumbnails/2.jpg)
TU Dresden, 2017-10-10 MOS - Introduction Slide 2 von 47
Lecture Goals
• Provide deeper understanding of OS mechanisms
• Illustrate alternative OS design concepts
• Promote OS research at TU Dresden
• Make you all enthusiastic about OS development in general and microkernels in particular
![Page 3: Microkernel-based Operating Systems - Introduction · Faculty of Computer Science Institute for System Architecture, Operating Systems Group Microkernel-based Operating Systems -](https://reader034.vdocuments.mx/reader034/viewer/2022050718/5e1698498b4efd5b24611fea/html5/thumbnails/3.jpg)
TU Dresden, 2017-10-10 MOS - Introduction Slide 3 von 47
Organization: Lecture
• Lecture every Tuesday, 4:40 PM, INF/E01
• Slides: http://www.tudos.org -> Teaching -> Microkernel-based Operating Systems
• Subscribe to our mailing list: https://os.inf.tu-dresden.de/mailman/listinfo/mos2017
• This lecture is not: Microkernel construction (in summer term)
![Page 4: Microkernel-based Operating Systems - Introduction · Faculty of Computer Science Institute for System Architecture, Operating Systems Group Microkernel-based Operating Systems -](https://reader034.vdocuments.mx/reader034/viewer/2022050718/5e1698498b4efd5b24611fea/html5/thumbnails/4.jpg)
TU Dresden, 2017-10-10 MOS - Introduction Slide 4 von 47
Organization: Exercises
• Exercises (roughly) bi-weeklyTuesday, 2:50 PM, INF/E08
• Practical exercises in the computer lab• Paper reading exercises
– Read a paper beforehand.– Sum it up and prepare 3 questions.– We expect you to actively participate in
discussion.• First exercise: next week
– Practical Exercise: Booting– Room: to be announced
![Page 5: Microkernel-based Operating Systems - Introduction · Faculty of Computer Science Institute for System Architecture, Operating Systems Group Microkernel-based Operating Systems -](https://reader034.vdocuments.mx/reader034/viewer/2022050718/5e1698498b4efd5b24611fea/html5/thumbnails/5.jpg)
TU Dresden, 2017-10-10 MOS - Introduction Slide 5 von 47
More Practical Stuff: Complex lab
• Complex lab in parallel to lecture• Build several components of an OS• “Komplexpraktikum” for (Media) Computer
Science students• Starts in 2 weeks, 2:50 PM, INF/E08
![Page 6: Microkernel-based Operating Systems - Introduction · Faculty of Computer Science Institute for System Architecture, Operating Systems Group Microkernel-based Operating Systems -](https://reader034.vdocuments.mx/reader034/viewer/2022050718/5e1698498b4efd5b24611fea/html5/thumbnails/6.jpg)
TU Dresden, 2017-10-10 MOS - Introduction Slide 6 von 47
Schedule
Date Lecture
Oct 10 Intro
Oct 17 IPC
Oct 24 Threads & Synchronization
Nov 7 Memory Management
Nov 14 Real-Time
Nov 21 Device Drivers
Nov 28 Resource Management
Dec 5 Heterogeneous Systems
Dec 12 Legacy Reuse
Dec 19 Virtualization
Jan 9 Secure Systems
Jan 16 Trusted Computing
Jan 23 Faults, Failures & Resilience
Jan 30 Spare slot
![Page 7: Microkernel-based Operating Systems - Introduction · Faculty of Computer Science Institute for System Architecture, Operating Systems Group Microkernel-based Operating Systems -](https://reader034.vdocuments.mx/reader034/viewer/2022050718/5e1698498b4efd5b24611fea/html5/thumbnails/7.jpg)
TU Dresden, 2017-10-10 Microkernels - Intro
Purpose of Operating Systems
• Manage the available resources– Hardware (CPU, memory, ...)– Software (file systems, networking stack, ...)
• Provide easier-to-use interface to access resources– Unix: read/write data from/to sockets instead of fiddling
with TCP/IP packets on your own
• Perform privileged / HW-specific operations– x86: ring 0 vs. ring 3– Device drivers
• Provide separation and collaboration– Isolate users / processes from each other– Allow cooperation if needed (e.g., sending
messages between processes)
![Page 8: Microkernel-based Operating Systems - Introduction · Faculty of Computer Science Institute for System Architecture, Operating Systems Group Microkernel-based Operating Systems -](https://reader034.vdocuments.mx/reader034/viewer/2022050718/5e1698498b4efd5b24611fea/html5/thumbnails/8.jpg)
TU Dresden, 2017-10-10 MOS - Introduction Slide 8 von 47
Monolithic kernels: Linux
LinuxKernel
Processes Scheduling
IPC
MemoryManagement
Page allocation Address spaces
Swapping
File Systems VFS
File System Impl.
Networking Sockets
Protocols
Device Drivers
System-Call Interface
Hardware Access
Application Application Application ApplicationUser mode
Kernelmode
HardwareCPU, Memory, PCI, Devices
![Page 9: Microkernel-based Operating Systems - Introduction · Faculty of Computer Science Institute for System Architecture, Operating Systems Group Microkernel-based Operating Systems -](https://reader034.vdocuments.mx/reader034/viewer/2022050718/5e1698498b4efd5b24611fea/html5/thumbnails/9.jpg)
TU Dresden, 2017-10-10 Microkernels - Intro
What's the problem?
• Security issues– All components run in privileged mode.– Direct access to all kernel-level data.– Module loading → easy living for rootkits.
• Resilience issues– Faulty drivers can crash the whole system.– 75% of today's OS kernels are drivers.
• Software-level issues– Complexity is hard to manage.– Custom OS for hardware with scarce resources?
![Page 10: Microkernel-based Operating Systems - Introduction · Faculty of Computer Science Institute for System Architecture, Operating Systems Group Microkernel-based Operating Systems -](https://reader034.vdocuments.mx/reader034/viewer/2022050718/5e1698498b4efd5b24611fea/html5/thumbnails/10.jpg)
TU Dresden, 2017-10-10 Microkernels - Intro
The microkernel vision
• Minimal OS kernel– less error prone– small Trusted Computing Base– suitable for verification
• System services in user-level servers– flexible and extensible
• Protection between individual components– More resilient – crashing component does not
(necessarily...) crash the whole system– More secure – inter-component protection
![Page 11: Microkernel-based Operating Systems - Introduction · Faculty of Computer Science Institute for System Architecture, Operating Systems Group Microkernel-based Operating Systems -](https://reader034.vdocuments.mx/reader034/viewer/2022050718/5e1698498b4efd5b24611fea/html5/thumbnails/11.jpg)
TU Dresden, 2017-10-10 MOS - Introduction Slide 11 von 47
The microkernel vision
MemoryManagement
Page allocation Swapping
File Systems VFS
File System Impl.
Networking Sockets
Protocols
Device Drivers
Application Application Application Application
HardwareCPU, Memory, PCI, Devices
Address Spaces Threads
Scheduling IPC
System-Call Interface
Hardware Access
Microkernel
User mode
Kernelmode
![Page 12: Microkernel-based Operating Systems - Introduction · Faculty of Computer Science Institute for System Architecture, Operating Systems Group Microkernel-based Operating Systems -](https://reader034.vdocuments.mx/reader034/viewer/2022050718/5e1698498b4efd5b24611fea/html5/thumbnails/12.jpg)
TU Dresden, 2017-10-10 MOS - Introduction Slide 12 von 47
What microkernels can give us ...
• OS personalities
• Customizability– Servers may be configured to suit the target
system (small embedded systems, desktop PCs, SMP systems, …)
– Remove unneeded servers
• Enforce reasonable system design– Well-defined interfaces between components– No access to components besides these
interfaces– Improved maintainability
![Page 13: Microkernel-based Operating Systems - Introduction · Faculty of Computer Science Institute for System Architecture, Operating Systems Group Microkernel-based Operating Systems -](https://reader034.vdocuments.mx/reader034/viewer/2022050718/5e1698498b4efd5b24611fea/html5/thumbnails/13.jpg)
TU Dresden, 2017-10-10 MOS - Introduction Slide 13 von 47
The mother of all microkernels
• Mach – developed at CMU, 1985 - 1994– Rick Rashid (today head of MS Research)– Avie Tevanian (former Apple CTO)– Brian Bershad (professor @ U. of Washington)– …
• Foundation for several real systems– Single Server Unix (BSD4.3 on Mach)– MkLinux (OSF)– IBM Workplace OS– NeXT OS → Mac OS X
![Page 14: Microkernel-based Operating Systems - Introduction · Faculty of Computer Science Institute for System Architecture, Operating Systems Group Microkernel-based Operating Systems -](https://reader034.vdocuments.mx/reader034/viewer/2022050718/5e1698498b4efd5b24611fea/html5/thumbnails/14.jpg)
TU Dresden, 2017-10-10 MOS - Introduction Slide 14 von 47
Mach: Technical details
• Simple, extensible communication kernel– “Everything is a pipe.” – ports as secure
communication channels• Multiprocessor support• Message passing by mapping• Multi-server OS personality• POSIX-compatibility• Shortcomings
– performance– drivers still in the kernel
![Page 15: Microkernel-based Operating Systems - Introduction · Faculty of Computer Science Institute for System Architecture, Operating Systems Group Microkernel-based Operating Systems -](https://reader034.vdocuments.mx/reader034/viewer/2022050718/5e1698498b4efd5b24611fea/html5/thumbnails/15.jpg)
TU Dresden, 2017-10-10 MOS - Introduction Slide 15 von 47
Case study: IBM Workplace OS
• Main goals:– multiple OS personalities– run on multiple HW architectures
ARM PPC x86 MIPS Alpha
Mach microkernel
OS base servicesFiles
Network Processes Power ...
WindowsPersonality
UnixPersonality
OS/2Personality
Win Apps Unix Apps OS/2 Apps
![Page 16: Microkernel-based Operating Systems - Introduction · Faculty of Computer Science Institute for System Architecture, Operating Systems Group Microkernel-based Operating Systems -](https://reader034.vdocuments.mx/reader034/viewer/2022050718/5e1698498b4efd5b24611fea/html5/thumbnails/16.jpg)
TU Dresden, 2017-10-10 MOS - Introduction Slide 16 von 47
IBM Workplace OS: Why did it fail?
• Never finished (but spent 1 billion $)• Failure causes:
– Underestimated difficulties in creating OS personalities
– Management errors, forced divisions to adopt new system without having a system
– “Second System Effect”: too many fancy features
– Too slow• Conclusion: Microkernel worked, but system
atop the microkernel did not
![Page 17: Microkernel-based Operating Systems - Introduction · Faculty of Computer Science Institute for System Architecture, Operating Systems Group Microkernel-based Operating Systems -](https://reader034.vdocuments.mx/reader034/viewer/2022050718/5e1698498b4efd5b24611fea/html5/thumbnails/17.jpg)
TU Dresden, 2017-10-10 MOS - Introduction Slide 17 von 47
IBM Workplace OS: Lessons learned
• OS personalities did not work• Flexibility – but monolithic kernels became
flexible, too (Linux kernel modules)• Better design – but monolithic kernels also
improved (restricted symbol access, layered architectures)
• Maintainability – still very complex• Performance matters a lot
![Page 18: Microkernel-based Operating Systems - Introduction · Faculty of Computer Science Institute for System Architecture, Operating Systems Group Microkernel-based Operating Systems -](https://reader034.vdocuments.mx/reader034/viewer/2022050718/5e1698498b4efd5b24611fea/html5/thumbnails/18.jpg)
TU Dresden, 2017-10-10 MOS - Introduction Slide 18 von 47
Microkernels: Proven advantages
• Subsystem protection / isolation• Code size
– Microkernel-based OS• Fiasco kernel: ~ 34,000 LoC• “HelloWorld” (+boot loader +root task): ~ 10,000 LoC
– Linux kernel (3.0.4., x86 architecture):• Kernel: ~ 2.5 million LoC• +drivers: ~ 5.4 million LoC
– (generated using David A. Wheeler's 'SLOCCount')
• Customizability– Tailored memory management / scheduling / …
algorithms– Adaptable to embedded / real-time / secure / …
systems
![Page 19: Microkernel-based Operating Systems - Introduction · Faculty of Computer Science Institute for System Architecture, Operating Systems Group Microkernel-based Operating Systems -](https://reader034.vdocuments.mx/reader034/viewer/2022050718/5e1698498b4efd5b24611fea/html5/thumbnails/19.jpg)
TU Dresden, 2017-10-10 MOS - Introduction Slide 19 von 47
Challenges
• We need fast and efficient kernels– covered in the “Microkernel construction”
lecture in the summer term• We need fast and efficient OS services
– Memory and resource management– Synchronization– Device Drivers– File systems– Communication interfaces– Subject of this lecture
![Page 20: Microkernel-based Operating Systems - Introduction · Faculty of Computer Science Institute for System Architecture, Operating Systems Group Microkernel-based Operating Systems -](https://reader034.vdocuments.mx/reader034/viewer/2022050718/5e1698498b4efd5b24611fea/html5/thumbnails/20.jpg)
TU Dresden, 2017-10-10 MOS - Introduction Slide 20 von 47
Who is (or was) out there?
• Minix @ FU Amsterdam (Andrew Tanenbaum)
• Singularity @ MS Research
• EROS/CoyotOS @ Johns Hopkins University
• The L4 Microkernel Family– Originally developed by Jochen Liedtke at IBM
and GMD– 2nd generation microkernel– Several kernel ABI versions
![Page 21: Microkernel-based Operating Systems - Introduction · Faculty of Computer Science Institute for System Architecture, Operating Systems Group Microkernel-based Operating Systems -](https://reader034.vdocuments.mx/reader034/viewer/2022050718/5e1698498b4efd5b24611fea/html5/thumbnails/21.jpg)
TU Dresden, 2017-10-10 MOS - Introduction Slide 21 von 47
The L4 family – a timeline (or tree ...)
v2 x0 x2/v4
N1 N2
Fiasco
L4/x86
L4Ka::Hazelnut
Fiasco/L4v2
L4Ka::Pistachio
NICTA::Pistachio-embedded OKL4
Fiasco/L4.Fiasco
OKL4v2
Fiasco.OCL4.Sec
University ofKarlsruhe
University of New SouthWales / NICTA / OpenKernel Labs
TUDresden
SeL4
ABI Specification
Implementation
L2, L3
OC
Nova
Nova
SeL4
![Page 22: Microkernel-based Operating Systems - Introduction · Faculty of Computer Science Institute for System Architecture, Operating Systems Group Microkernel-based Operating Systems -](https://reader034.vdocuments.mx/reader034/viewer/2022050718/5e1698498b4efd5b24611fea/html5/thumbnails/22.jpg)
TU Dresden, 2017-10-10 Microkernels - Intro
L4 concepts
• Jochen Liedtke: “A microkernel does no real work.”– Kernel only provides inevitable mechanisms.– Kernel does not enforce policies.
• But what is inevitable?– Abstractions
• Threads• Address spaces (tasks)
– Mechanisms• Communication• Resource mapping• (Scheduling)
![Page 23: Microkernel-based Operating Systems - Introduction · Faculty of Computer Science Institute for System Architecture, Operating Systems Group Microkernel-based Operating Systems -](https://reader034.vdocuments.mx/reader034/viewer/2022050718/5e1698498b4efd5b24611fea/html5/thumbnails/23.jpg)
TU Dresden, 2017-10-10 MOS - Introduction Slide 23 von 47
Taking a closer look at L4
Case study: L4/Fiasco.OC
![Page 24: Microkernel-based Operating Systems - Introduction · Faculty of Computer Science Institute for System Architecture, Operating Systems Group Microkernel-based Operating Systems -](https://reader034.vdocuments.mx/reader034/viewer/2022050718/5e1698498b4efd5b24611fea/html5/thumbnails/24.jpg)
TU Dresden, 2017-10-10 MOS - Introduction Slide 24 von 47
Case study: L4/Fiasco.OC
• “Everything is an object”
– Task Address spaces– Thread Activities, scheduling– IPC Gate Communication, resource mapping– IRQ Communication
– Factory Create other objects, enforce resource quotas
• One system call: invoke_object()– Parameters passed in UTCB– Types of parameters depend on type of object
![Page 25: Microkernel-based Operating Systems - Introduction · Faculty of Computer Science Institute for System Architecture, Operating Systems Group Microkernel-based Operating Systems -](https://reader034.vdocuments.mx/reader034/viewer/2022050718/5e1698498b4efd5b24611fea/html5/thumbnails/25.jpg)
TU Dresden, 2017-10-10 Microkernels - Intro
L4/Fiasco.OC: Types of Objects
• Kernel-provided objects– Threads– Tasks– IRQs– …
• Generic communication object: IPC gate– Send message from sender to receiver– Used to implement new objects in user-level
applications
![Page 26: Microkernel-based Operating Systems - Introduction · Faculty of Computer Science Institute for System Architecture, Operating Systems Group Microkernel-based Operating Systems -](https://reader034.vdocuments.mx/reader034/viewer/2022050718/5e1698498b4efd5b24611fea/html5/thumbnails/26.jpg)
TU Dresden, 2017-10-10 Microkernels - Intro
L4/Fiasco.OC: User-level objects
• Everything above kernel built using user-level objects that provide a service– Networking stack– File system– ...
• Kernel provides– Object creation/management– Object interaction: Inter-Process
Communication (IPC)
Client Service 1
Service 2
call()
call() call()
![Page 27: Microkernel-based Operating Systems - Introduction · Faculty of Computer Science Institute for System Architecture, Operating Systems Group Microkernel-based Operating Systems -](https://reader034.vdocuments.mx/reader034/viewer/2022050718/5e1698498b4efd5b24611fea/html5/thumbnails/27.jpg)
TU Dresden, 2017-10-10 Microkernels - Intro
L4/Fiasco.OC: How to call objects?
• To call an object, we need an address:– Telephone number– Postal address– IP address– ...
• Simple idea, right?• ID is wrong? Kernel returns ENOTEXIST• But not so fast! This scheme is insecure:
– Client could simply “guess” IDs brute-force.– Existence/non-existence can be used as a covert
channel
Client Service 1
Kernel
call(service1.ID)
![Page 28: Microkernel-based Operating Systems - Introduction · Faculty of Computer Science Institute for System Architecture, Operating Systems Group Microkernel-based Operating Systems -](https://reader034.vdocuments.mx/reader034/viewer/2022050718/5e1698498b4efd5b24611fea/html5/thumbnails/28.jpg)
TU Dresden, 2017-10-10 MOS - Introduction Slide 28 von 47
L4/Fiasco.OC: Local names for objects
• Global object IDs are– insecure (forgery, covert channels).– inconvenient (programmer needs to know
about partitioning in advance)
• Solution in Fiasco.OC– Task-local capability space as an indirection– Object capability required to invoke object
• Per-task name space– Maps names to object capabilities.– Configured by task's creator
![Page 29: Microkernel-based Operating Systems - Introduction · Faculty of Computer Science Institute for System Architecture, Operating Systems Group Microkernel-based Operating Systems -](https://reader034.vdocuments.mx/reader034/viewer/2022050718/5e1698498b4efd5b24611fea/html5/thumbnails/29.jpg)
TU Dresden, 2017-10-10 Fiasco/OC & L4Re Slide 29 von 47
Capabilities / Local Names
Indirection allows for security and flexibility.
AddressSpace
AddressSpace
AddressSpace
1
34
1
4
1 2 3 4
![Page 30: Microkernel-based Operating Systems - Introduction · Faculty of Computer Science Institute for System Architecture, Operating Systems Group Microkernel-based Operating Systems -](https://reader034.vdocuments.mx/reader034/viewer/2022050718/5e1698498b4efd5b24611fea/html5/thumbnails/30.jpg)
TU Dresden, 2017-10-10 Microkernels - Intro
L4/Fiasco.OC: Object capabilities
• Capability:– Reference to an object– Protected by the Fiasco.OC kernel
• Kernel knows all capability-object mappings.• Managed as a per-process capability table.• User processes only use indexes into this table.
Client Service 1
Kernel
1
2
3
4
IPC Gate: communicationchannel for “Service 1”
invoke(capability(3))
![Page 31: Microkernel-based Operating Systems - Introduction · Faculty of Computer Science Institute for System Architecture, Operating Systems Group Microkernel-based Operating Systems -](https://reader034.vdocuments.mx/reader034/viewer/2022050718/5e1698498b4efd5b24611fea/html5/thumbnails/31.jpg)
TU Dresden, 2017-10-10 MOS - Introduction Slide 31 von 47
L4/Fiasco.OC: Communication
• Kernel object for communication: IPC gate
• Inter-process communication (IPC)– Between threads– Synchronous
• Communication using IPC gate:– Sender thread puts message into its UTCB– Sender invokes IPC gate, blocks sender until
receiver ready (i.e., waits for message)– Kernel copies message to receiver thread's UTCB– Both continue, knowing that message has been
transferred/received
![Page 32: Microkernel-based Operating Systems - Introduction · Faculty of Computer Science Institute for System Architecture, Operating Systems Group Microkernel-based Operating Systems -](https://reader034.vdocuments.mx/reader034/viewer/2022050718/5e1698498b4efd5b24611fea/html5/thumbnails/32.jpg)
TU Dresden, 2017-10-10 MOS - Introduction Slide 32 von 47
More L4 concepts
![Page 33: Microkernel-based Operating Systems - Introduction · Faculty of Computer Science Institute for System Architecture, Operating Systems Group Microkernel-based Operating Systems -](https://reader034.vdocuments.mx/reader034/viewer/2022050718/5e1698498b4efd5b24611fea/html5/thumbnails/33.jpg)
TU Dresden, 2017-10-10 MOS - Introduction Slide 33 von 47
L4/Fiasco.OC: Threads
• Thread– Unit of Execution– Implemented as kernel object
• Properties managed by the kernel:– Instruction Pointer (EIP)– Stack (ESP)– Registers– User-level TCB
• User-level applications need to– allocate stack memory– provide memory for application binary– find entry point– ...
Code
Data
Stack
Stack
Threads
Address Space
UTCBs
![Page 34: Microkernel-based Operating Systems - Introduction · Faculty of Computer Science Institute for System Architecture, Operating Systems Group Microkernel-based Operating Systems -](https://reader034.vdocuments.mx/reader034/viewer/2022050718/5e1698498b4efd5b24611fea/html5/thumbnails/34.jpg)
TU Dresden, 2017-10-10 MOS - Introduction Slide 34 von 47
L4/Fiasco.OC: Interrupts
• Kernel object: IRQ• Used for hardware and software interrupts• Provides asynchronous signaling
– invoke_object(irq_cap, WAIT)– invoke_object(irq_cap, TRIGGER)
KernelUser-space
devicedriver
IRQinvoke_object(irq_cap, ...)
Image source: https://commons.wikimedia.org/File:Ethernet_pci_card.jpg
![Page 35: Microkernel-based Operating Systems - Introduction · Faculty of Computer Science Institute for System Architecture, Operating Systems Group Microkernel-based Operating Systems -](https://reader034.vdocuments.mx/reader034/viewer/2022050718/5e1698498b4efd5b24611fea/html5/thumbnails/35.jpg)
TU Dresden, 2017-10-10 MOS - Introduction Slide 35 von 47
Problem: Memory partitioning
Physical Memory
App2
0
4 GB
App1App3
![Page 36: Microkernel-based Operating Systems - Introduction · Faculty of Computer Science Institute for System Architecture, Operating Systems Group Microkernel-based Operating Systems -](https://reader034.vdocuments.mx/reader034/viewer/2022050718/5e1698498b4efd5b24611fea/html5/thumbnails/36.jpg)
TU Dresden, 2017-10-10 MOS - Introduction Slide 36 von 47
Solution: Virtual Memory
Physical Memory
App2
0
4 GB
App1App3
![Page 37: Microkernel-based Operating Systems - Introduction · Faculty of Computer Science Institute for System Architecture, Operating Systems Group Microkernel-based Operating Systems -](https://reader034.vdocuments.mx/reader034/viewer/2022050718/5e1698498b4efd5b24611fea/html5/thumbnails/37.jpg)
TU Dresden, 2017-10-10 MOS - Introduction Slide 37 von 47
L4: Recursive address spaces
Physical Address SpaceRAM Device Memory
![Page 38: Microkernel-based Operating Systems - Introduction · Faculty of Computer Science Institute for System Architecture, Operating Systems Group Microkernel-based Operating Systems -](https://reader034.vdocuments.mx/reader034/viewer/2022050718/5e1698498b4efd5b24611fea/html5/thumbnails/38.jpg)
TU Dresden, 2017-10-10 MOS - Introduction Slide 38 von 47
L4: Resource Mappings
• If a thread has access to a capability, it can map this capability to another thread
• Mapping / not mapping of capabilities used for implementing access control
• Abstraction for mapping: flexpage
• Flexpages describe mapping– location and size of resource– receiver's rights (read-only, mappable)– type (memory, I/O, communication capability)
![Page 39: Microkernel-based Operating Systems - Introduction · Faculty of Computer Science Institute for System Architecture, Operating Systems Group Microkernel-based Operating Systems -](https://reader034.vdocuments.mx/reader034/viewer/2022050718/5e1698498b4efd5b24611fea/html5/thumbnails/39.jpg)
TU Dresden, 2017-10-10 MOS - Introduction Slide 39 von 47
L4/Fiasco.OC: Object types
• Summary of object types– Task– Thread– IPC Gate– IRQ– Factory
• Each task gets initial set of capabilities for some of these objects at startup
![Page 40: Microkernel-based Operating Systems - Introduction · Faculty of Computer Science Institute for System Architecture, Operating Systems Group Microkernel-based Operating Systems -](https://reader034.vdocuments.mx/reader034/viewer/2022050718/5e1698498b4efd5b24611fea/html5/thumbnails/40.jpg)
TU Dresden, 2017-10-10 MOS - Introduction Slide 40 von 47
Building microkernel-based systems
What can we build with all this?
![Page 41: Microkernel-based Operating Systems - Introduction · Faculty of Computer Science Institute for System Architecture, Operating Systems Group Microkernel-based Operating Systems -](https://reader034.vdocuments.mx/reader034/viewer/2022050718/5e1698498b4efd5b24611fea/html5/thumbnails/41.jpg)
TU Dresden, 2017-10-10 MOS - Introduction Slide 41 von 47
Kernel vs. Operating System
• Fiasco.OC is not a full operating system!– No device drivers
(except UART + timer)– No file system / network
stack / …
• A microkernel-based OS needs to add these services as user-level components
L4Re – L4 Runtime Environment
Fiasco.OC
Basic Resource Manager(s)
Sigma0
Moe
Init-style task loader
Ned
User-level libraries
uClibC libstdc++
IPC Client/Server Framework
...
L4R
eKernelmode
Usermode
![Page 42: Microkernel-based Operating Systems - Introduction · Faculty of Computer Science Institute for System Architecture, Operating Systems Group Microkernel-based Operating Systems -](https://reader034.vdocuments.mx/reader034/viewer/2022050718/5e1698498b4efd5b24611fea/html5/thumbnails/42.jpg)
TU Dresden, 2017-10-10 MOS - Introduction Slide 42 von 47
Linux on L4
L4 Task
LinuxKernel
Processes Scheduling
IPC
MemoryManagement
Page allocation Address spaces
Swapping
File Systems VFS
File System Impl.
Networking Sockets
Protocols
Device Drivers
System-Call Interface
Hardware Access
User mode
Kernelmode
Hardware
arch-dep
arch-dep
Arch-indep.
Fiasco.OC
L4 Task
Application
L4 Task
Application
L4 Task
Application
L4 Task
Application
Runtime Environment (L4Re)
![Page 43: Microkernel-based Operating Systems - Introduction · Faculty of Computer Science Institute for System Architecture, Operating Systems Group Microkernel-based Operating Systems -](https://reader034.vdocuments.mx/reader034/viewer/2022050718/5e1698498b4efd5b24611fea/html5/thumbnails/43.jpg)
TU Dresden, 2017-10-10 MOS - Introduction Slide 43 von 47
The Dresden Real-Time Operating System
PrivilegedMode
UserMode
Fiasco.OC microkernel
Resource Management Layer (L4Re)
L4Linux
Apps
SCSIdriver
Network driver
Displaydriver
RT AppsTimeservice
Non-RT World RT World
![Page 44: Microkernel-based Operating Systems - Introduction · Faculty of Computer Science Institute for System Architecture, Operating Systems Group Microkernel-based Operating Systems -](https://reader034.vdocuments.mx/reader034/viewer/2022050718/5e1698498b4efd5b24611fea/html5/thumbnails/44.jpg)
TU Dresden, 2017-10-10 MOS - Introduction Slide 44 von 47
Virtual machines
• Isolate not only processes, but also complete Operating Systems (compartments)
• “Server consolidation”
PrivilegedMode
UserMode
Fiasco.OC microkernel
Virtualization Layer (L4Re)
L4Linux L4Linux
NativeLinux
Apps Apps Apps
VMM
![Page 45: Microkernel-based Operating Systems - Introduction · Faculty of Computer Science Institute for System Architecture, Operating Systems Group Microkernel-based Operating Systems -](https://reader034.vdocuments.mx/reader034/viewer/2022050718/5e1698498b4efd5b24611fea/html5/thumbnails/45.jpg)
TU Dresden, 2017-10-10 MOS - Introduction Slide 45 von 47
Genode
• Genode := C++-based OS framework developed here in Dresden
• Aim: hierarchical system in order to– Support resource partitioning– Layer security policies on top of each other
Genode::Core
Parent 1 Parent 2
Child Child Child
Child Child
![Page 46: Microkernel-based Operating Systems - Introduction · Faculty of Computer Science Institute for System Architecture, Operating Systems Group Microkernel-based Operating Systems -](https://reader034.vdocuments.mx/reader034/viewer/2022050718/5e1698498b4efd5b24611fea/html5/thumbnails/46.jpg)
TU Dresden, 2017-10-10 MOS - Introduction Slide 46 von 47
Lecture outline
• Basic mechanisms and concepts– Memory management– Tasks, Threads, Synchronization– Communication
• Building real systems– What are resources and how to manage them?– How to build a secure system?– How to build a real-time system?– How to reuse existing code (Linux, standard
system libraries, device drivers)?– How to improve robustness and safety?
![Page 47: Microkernel-based Operating Systems - Introduction · Faculty of Computer Science Institute for System Architecture, Operating Systems Group Microkernel-based Operating Systems -](https://reader034.vdocuments.mx/reader034/viewer/2022050718/5e1698498b4efd5b24611fea/html5/thumbnails/47.jpg)
TU Dresden, 2017-10-10 MOS - Introduction Slide 47 von 47
Outlook
• Next lecture:– “Inter-Process Communication” – Next week (Oct 17, 4:40 PM)
• First exercise:– Practical Exercise: Booting– Room will be announced on mailing list