Operating system organizaton

Required reading: Exokernel paper.

Intro

  • Draw picture with multiple applications, OS, and hardware. OS provides a virtual computer to each application. The virtual computer's interface is the processor's instruction set and the OS interface. The OS interface is the API for system services (e.g., fork, exec, pipe, signal, open, read, etc.).
  • A goal of OS: enforce boundaries between applications in picture

    Method: give each applications its own virtual processor using threads (see lec 9) and separate their memories.

    Separating memories

    Approach to separating memories:

    The approaches can be combined.

    Lets assume unlimited physical memory for a little while. We can enforce separation as follows:

    Why does this work? load/stores/jmps cannot touch/enter other application's domains.

    To allow for controled sharing and separation with an application, extend domain registers with protectioin bits: read (R), write (W), execute-only (X).

    Who to protect the domain registers? Extend the protection bits with a kernel-only one. When in kernel-mode, processor can change domain registers. x86 stores the U/K information in CPL (current privilege level) in CS and SS segment registers.

    To change from user to kernel, extend the hardware with special instructions for entering a "supervisor" or "system" call, and returning from it. On x86, int and reti.

    Memory management

    We assumed unlimited physical memory and big addresses. In practice, operating system must support creating, shrinking, and growing of domains, while still allowing the addresses of an application to be contiguous (for programming convenience). What if we want to grow the domain of application 1 but the memory right below and above it is in use by application 2?

    How? Virtual addresses and spaces. Virtualize addresses and let the kernel control the mapping from virtual to physical.

    Address spaces provide each application with the ideas that it has a complete memory for itself. All the addresses it issues are its addresses (e.g., each application has an address 0).

  • How do you give each application its own address space?
  • What if two applications want to share real memory? Map the pages into multiple address spaces and have protection bits per page.
  • How do you give an application access to a memory-mapped-IO device? Map the physical address for the device into the applications address space.
  • How do you get off the ground?

    Operating system organizations

    A central theme in operating system design is how to organize the operating system. It is helpful to define a couple of terms:

    Example: trace a call to printf made by an application

    There are roughly 4 operating system designs:

    Although monolithic operating systems are the dominant operating system architecture for desktop and server machines, it is worthwhile to consider alternative architectures, even it is just to understand operating systems better. This lecture looks at exokernels, because that is what you will building in the lab. Later in the term we look at monolithic kernels, microkernels, and virtual machines.

    Exokernels

    The exokernel architecture takes an end-to-end approach to operating system design. In this design, the kernel just securely multiplexes physical resources; any programmer can decide what the operating system interface and its implementation are for his application. One would expect a couple of popular APIs (e.g., UNIX) that most applications will link against, but a programmer is always free to replace that API, partially or completely. (Draw picture of JOS.)

    Compare UNIX interface (v6 or OSX) with the JOS exokernel-like interface:

    enum
    {
    	SYS_cputs = 0,
    	SYS_cgetc,
    	SYS_getenvid,
    	SYS_env_destroy,
    	SYS_page_alloc,
    	SYS_page_map,
    	SYS_page_unmap,
    	SYS_exofork,
    	SYS_env_set_status,
    	SYS_env_set_trapframe,
    	SYS_env_set_pgfault_upcall,
    	SYS_yield,
    	SYS_ipc_try_send,
    	SYS_ipc_recv,
    	NSYSCALLS
    };
    

    To illustrate the differences between these interfaces in more detail consider implementing the following:

    How well can each kernel interface implement the above examples? (Start with UNIX interface and see where you run into problems.) (The JOS kernel interface is not flexible enough: for example, ipc_receive is blocking.)

    Exokernel paper discussion

    The central challenge in an exokernel design it to provide flexibility, but provide fault isolation. This challenge breaks down into three problems: