MicrokernelsMicrokernel Failures Windows NT family Original Windows NT had microkernel design By...
Transcript of MicrokernelsMicrokernel Failures Windows NT family Original Windows NT had microkernel design By...
![Page 1: MicrokernelsMicrokernel Failures Windows NT family Original Windows NT had microkernel design By Windows 2000, functionality moved into kernel Mac OS X Based on NextStep which is based](https://reader034.fdocuments.net/reader034/viewer/2022052002/601515be7493de6e4b587829/html5/thumbnails/1.jpg)
CSC 256/456: Operating Systems
Microkernels John CriswellUniversity of Rochester
1
![Page 2: MicrokernelsMicrokernel Failures Windows NT family Original Windows NT had microkernel design By Windows 2000, functionality moved into kernel Mac OS X Based on NextStep which is based](https://reader034.fdocuments.net/reader034/viewer/2022052002/601515be7493de6e4b587829/html5/thumbnails/2.jpg)
Onwards to user-space!
2
![Page 3: MicrokernelsMicrokernel Failures Windows NT family Original Windows NT had microkernel design By Windows 2000, functionality moved into kernel Mac OS X Based on NextStep which is based](https://reader034.fdocuments.net/reader034/viewer/2022052002/601515be7493de6e4b587829/html5/thumbnails/3.jpg)
Microkernels
3
![Page 4: MicrokernelsMicrokernel Failures Windows NT family Original Windows NT had microkernel design By Windows 2000, functionality moved into kernel Mac OS X Based on NextStep which is based](https://reader034.fdocuments.net/reader034/viewer/2022052002/601515be7493de6e4b587829/html5/thumbnails/4.jpg)
Monolithic Kernel (aka Everything and the Kitchen Sink)
Application ProgramsLibraries Commands
Device Driver
Application Programs
OS System Call Interface
Device Driver
Device DriverD
river
Inte
rfac
e
…
Monolithic Kernel Module •Process Management •Memory Management •File Management •Device Mgmt Infrastructure
…
4
![Page 5: MicrokernelsMicrokernel Failures Windows NT family Original Windows NT had microkernel design By Windows 2000, functionality moved into kernel Mac OS X Based on NextStep which is based](https://reader034.fdocuments.net/reader034/viewer/2022052002/601515be7493de6e4b587829/html5/thumbnails/5.jpg)
Monolithic Kernel Limitations❖ Poor security
❖ Buffer overflow gains access to everything!
❖ Poor reliability
❖ Bug in kernel can affect unrelated subsystems
❖ Difficult to restart faulty subsystem
5
![Page 6: MicrokernelsMicrokernel Failures Windows NT family Original Windows NT had microkernel design By Windows 2000, functionality moved into kernel Mac OS X Based on NextStep which is based](https://reader034.fdocuments.net/reader034/viewer/2022052002/601515be7493de6e4b587829/html5/thumbnails/6.jpg)
Processes Don’t Have This Problem❖ Isolated memory❖ Communication via
❖ Pipes❖ Explicitly shared memory
❖ Self-contained programs❖ No access to irrelevant data
structures
Web Server
Email Client
MP3 Player
6
![Page 7: MicrokernelsMicrokernel Failures Windows NT family Original Windows NT had microkernel design By Windows 2000, functionality moved into kernel Mac OS X Based on NextStep which is based](https://reader034.fdocuments.net/reader034/viewer/2022052002/601515be7493de6e4b587829/html5/thumbnails/7.jpg)
Could kernel components be processes?
7
![Page 8: MicrokernelsMicrokernel Failures Windows NT family Original Windows NT had microkernel design By Windows 2000, functionality moved into kernel Mac OS X Based on NextStep which is based](https://reader034.fdocuments.net/reader034/viewer/2022052002/601515be7493de6e4b587829/html5/thumbnails/8.jpg)
Microkernel❖ Move kernel functionality into user-space processes
❖ File systems
❖ Networking subsystem
❖ Drivers
❖ Kernel provides
❖ Protection
❖ Communication mechanisms
8
![Page 9: MicrokernelsMicrokernel Failures Windows NT family Original Windows NT had microkernel design By Windows 2000, functionality moved into kernel Mac OS X Based on NextStep which is based](https://reader034.fdocuments.net/reader034/viewer/2022052002/601515be7493de6e4b587829/html5/thumbnails/9.jpg)
Microkernel
9
File System TCP/IP
Ethernet DriverDisk Driver
Process Credentials
Address Space IPC
Terminal Driver
Web Server
Email Client
MP3 Player
Page Replacement
Video Game
Interrupt Handler
User Mode
Kernel Mode
![Page 10: MicrokernelsMicrokernel Failures Windows NT family Original Windows NT had microkernel design By Windows 2000, functionality moved into kernel Mac OS X Based on NextStep which is based](https://reader034.fdocuments.net/reader034/viewer/2022052002/601515be7493de6e4b587829/html5/thumbnails/10.jpg)
Advantages of Microkernels❖ Faults are localized
❖ Bug in network code doesn’t corrupt disk data
❖ Easier to improve reliability
❖ Can monitor and restart processes (e.g., filesystem)
❖ Easier to apply security techniques
❖ Randomization and re-randomization (Guiffruida)
❖ Apply memory safety or type-safe language to critical processes
10
![Page 11: MicrokernelsMicrokernel Failures Windows NT family Original Windows NT had microkernel design By Windows 2000, functionality moved into kernel Mac OS X Based on NextStep which is based](https://reader034.fdocuments.net/reader034/viewer/2022052002/601515be7493de6e4b587829/html5/thumbnails/11.jpg)
Disadvantages of Microkernels❖ Communication overhead
❖ Semantics of message passing affects performance
❖ What is placed in user-space affects performance
❖ User/Kernel boundary crossing overhead
❖ Context switching overhead
❖ Monolithic libraries are always available
❖ User-space service may not have CPU when needed
❖ TLB Flush when switching page table pages
11
![Page 12: MicrokernelsMicrokernel Failures Windows NT family Original Windows NT had microkernel design By Windows 2000, functionality moved into kernel Mac OS X Based on NextStep which is based](https://reader034.fdocuments.net/reader034/viewer/2022052002/601515be7493de6e4b587829/html5/thumbnails/12.jpg)
Microkernel Advantages are Not Magic❖ Reliability must be designed and built
❖ File system process crash still catastrophic
❖ Restart of critical processes must be designed and built
❖ Security is still an issue
❖ Exploited file system process can access any file
❖ Exploited network process can read all packets
12
![Page 13: MicrokernelsMicrokernel Failures Windows NT family Original Windows NT had microkernel design By Windows 2000, functionality moved into kernel Mac OS X Based on NextStep which is based](https://reader034.fdocuments.net/reader034/viewer/2022052002/601515be7493de6e4b587829/html5/thumbnails/13.jpg)
Mach❖ Developed at Carnegie Mellon University in the 80’s
❖ Memory management design influenced modern OS design
❖ Goal: separate policy from mechanism
13
![Page 14: MicrokernelsMicrokernel Failures Windows NT family Original Windows NT had microkernel design By Windows 2000, functionality moved into kernel Mac OS X Based on NextStep which is based](https://reader034.fdocuments.net/reader034/viewer/2022052002/601515be7493de6e4b587829/html5/thumbnails/14.jpg)
Example: Mach❖ User-level memory management
❖ trusted/protected by the kernel
❖ kernel provides the basic protection mechanism
❖ user-level memory manager handles page loading; decides replacement policy
14
![Page 15: MicrokernelsMicrokernel Failures Windows NT family Original Windows NT had microkernel design By Windows 2000, functionality moved into kernel Mac OS X Based on NextStep which is based](https://reader034.fdocuments.net/reader034/viewer/2022052002/601515be7493de6e4b587829/html5/thumbnails/15.jpg)
Microkernel Failures❖ Windows NT family
❖ Original Windows NT had microkernel design
❖ By Windows 2000, functionality moved into kernel
❖ Mac OS X
❖ Based on NextStep which is based on Mach + 4.4BSD
❖ BSD sub-systems moved into kernel; live alongside Mach
❖ Essentially two kernels living in the same space
15
![Page 16: MicrokernelsMicrokernel Failures Windows NT family Original Windows NT had microkernel design By Windows 2000, functionality moved into kernel Mac OS X Based on NextStep which is based](https://reader034.fdocuments.net/reader034/viewer/2022052002/601515be7493de6e4b587829/html5/thumbnails/16.jpg)
Microkernel Successes❖ QNX (real-time operating system kernel)
❖ Symbian (mobile operating system)
❖ L4
❖ Major work to reduce microkernel overheads
❖ Can run Linux with L4Linux
❖ seL4: Fully verified variant
16
![Page 17: MicrokernelsMicrokernel Failures Windows NT family Original Windows NT had microkernel design By Windows 2000, functionality moved into kernel Mac OS X Based on NextStep which is based](https://reader034.fdocuments.net/reader034/viewer/2022052002/601515be7493de6e4b587829/html5/thumbnails/17.jpg)
Hypervisors and Virtual Machines
17
![Page 18: MicrokernelsMicrokernel Failures Windows NT family Original Windows NT had microkernel design By Windows 2000, functionality moved into kernel Mac OS X Based on NextStep which is based](https://reader034.fdocuments.net/reader034/viewer/2022052002/601515be7493de6e4b587829/html5/thumbnails/18.jpg)
Virtual Machines❖ Run multiple OS instances
❖ Migrate OS instances from one machine to another
❖ Software compatibility when hardware changes
18
Windows Mac OS X Linux
???
Hardware
![Page 19: MicrokernelsMicrokernel Failures Windows NT family Original Windows NT had microkernel design By Windows 2000, functionality moved into kernel Mac OS X Based on NextStep which is based](https://reader034.fdocuments.net/reader034/viewer/2022052002/601515be7493de6e4b587829/html5/thumbnails/19.jpg)
Compiler Translation❖ Translate binary code (Original VMWare)
❖ Translate virtual code (JVM, OS/360)
19
Windows Mac OS X Linux
Original VMWare
Hardware
![Page 20: MicrokernelsMicrokernel Failures Windows NT family Original Windows NT had microkernel design By Windows 2000, functionality moved into kernel Mac OS X Based on NextStep which is based](https://reader034.fdocuments.net/reader034/viewer/2022052002/601515be7493de6e4b587829/html5/thumbnails/20.jpg)
Para-Virtualizaiton❖ Modify OS to interface with lower-level hypervisor
❖ Efficient but requires OS changes
20
Windows Mac OS X Linux
Original Xen
Hardware
![Page 21: MicrokernelsMicrokernel Failures Windows NT family Original Windows NT had microkernel design By Windows 2000, functionality moved into kernel Mac OS X Based on NextStep which is based](https://reader034.fdocuments.net/reader034/viewer/2022052002/601515be7493de6e4b587829/html5/thumbnails/21.jpg)
Hardware Virtualization❖ Hardware provide new privilege layer under OS
❖ Efficient
❖ Compatible
❖ Requires new hardware
21
Windows Mac OS X Linux
Xen, Hyper-V
Hardware
![Page 22: MicrokernelsMicrokernel Failures Windows NT family Original Windows NT had microkernel design By Windows 2000, functionality moved into kernel Mac OS X Based on NextStep which is based](https://reader034.fdocuments.net/reader034/viewer/2022052002/601515be7493de6e4b587829/html5/thumbnails/22.jpg)
Credits❖ Some slides based on slides from previous year
❖ Slides only to be used for instruction at the University of Rochester
22