https://homeostasis.scs.carleton.ca/wiki/api.php?action=feedcontributions&feedformat=atom&user=AsoknackSoma-notes - User contributions [en]2026-04-22T11:21:17ZUser contributionsMediaWiki 1.42.1https://homeostasis.scs.carleton.ca/wiki/index.php?title=MashupOS&diff=17393MashupOS2012-10-04T12:28:54Z<p>Asoknack: </p>
<hr />
<div>Protection and communication abstractions for web browsers in MashupOS<br />
* Where was it written - for OS people<br />
** Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles<br />
Pages 1-16 <br />
** Not security and not web people<br />
* What the purposed<br />
** Written by the same people as subspace paper<br />
*** Which came first ?<br />
** Sandbox EVERYTHING <-- solution to everything<br />
* What the implemented<br />
** Sandbox<br />
*** private that is hosted at and belongs to the integrator ??<br />
** Opensandbox<br />
*** Ment for any scripted hosted on any domain<br />
** Service Instance<br />
*** think starting a new process in linux - each alocated it's own resources<br />
*** each service request <br />
** Commservice request - aka "Ports"<br />
*** Allows separate components to talk to each other threw the parent , but never directly child to child<br />
** friv<br />
*** the display driver each service instances needs it own display aka friv<br />
** vop <-- Do we want to talk about<br />
** sop <-- Do we want to talk about<br />
* What was implemented<br />
** Proxy server and MME filter<br />
**<br />
* What the testing was<br />
** Running speed tests not security test , Anil said WHY ? mabey because OS conference cares about speed<br />
** Open sandbox was not implemented<br />
** only one service instance per friv<br />
* Conclusions<br />
** Mostly a theoretical paper<br />
*** But interesting<br />
** Notes<br />
*** Do we want to show figure 2 <---- for what they did<br />
*** Do we want to show figure 3 <--- for what they did and how it works</div>Asoknackhttps://homeostasis.scs.carleton.ca/wiki/index.php?title=MashupOS&diff=17392MashupOS2012-10-04T12:26:30Z<p>Asoknack: </p>
<hr />
<div>Protection and communication abstractions for web browsers in MashupOS<br />
* Where was it written - for OS people<br />
** Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles<br />
Pages 1-16 <br />
** Not security and not web people<br />
* What the purposed<br />
** Written by the same people as subspace paper<br />
*** Which came first ?<br />
** Sandbox EVERYTHING <-- solution to everything<br />
* What the implemented<br />
** Sandbox<br />
*** private that is hosted at and belongs to the integrator ??<br />
** Opensandbox<br />
*** Ment for any scripted hosted on any domain<br />
** Service Instance<br />
*** think starting a new process in linux - each alocated it's own resources<br />
*** each service request <br />
** Commservice request - aka "Ports"<br />
*** Allows separate components to talk to each other threw the parent , but never directly child to child<br />
** friv<br />
*** the display driver each service instances needs it own display aka friv<br />
** vop <-- Do we want to talk about<br />
** sop <-- Do we want to talk about<br />
* What was implemented MME filter<br />
** Proxy server and <br />
**<br />
* What the testing was<br />
** Running speed tests not security test , Anil said WHY ? mabey because OS conference cares about speed<br />
** Open sandbox was not implemented<br />
** only one service instance per fric<br />
* Conclusions<br />
** Mostly a theoretical paper<br />
*** But interesting<br />
** Notes<br />
*** Do we want to show figure 2 <---- for what they did<br />
*** Do we want to show figure 3 <--- for what they did and how it works</div>Asoknackhttps://homeostasis.scs.carleton.ca/wiki/index.php?title=MashupOS&diff=17389MashupOS2012-10-03T15:09:00Z<p>Asoknack: </p>
<hr />
<div>Protection and communication abstractions for web browsers in MashupOS<br />
* Where was it written - for OS people<br />
** Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles<br />
Pages 1-16 <br />
** Not security and not web people<br />
* What the purposed<br />
** Written by the same people as subspace paper<br />
*** Which came first ?<br />
** Sandbox EVERYTHING <-- solution to everything<br />
* What the implemented<br />
** friv<br />
** Sandbox<br />
** Opensandbox<br />
** Service Instance<br />
** "Ports"<br />
** vop <-- Do we want to talk about<br />
** sop <-- Do we want to talk about<br />
* What the testing was<br />
** Running speed tests not security test , Anil said WHY ? mabey because OS conference cares about speed<br />
** <br />
* Conclusions<br />
** Mostly a theoretical paper<br />
<br />
** Notes<br />
*** Do we want to show figure 2 <---- for what they did<br />
*** Do we want to show figure 3 <--- for what they did and how it works</div>Asoknackhttps://homeostasis.scs.carleton.ca/wiki/index.php?title=MashupOS&diff=17388MashupOS2012-10-03T14:37:06Z<p>Asoknack: Added Basic framework</p>
<hr />
<div>Protection and communication abstractions for web browsers in MashupOS<br />
* Where was it written - for OS people<br />
** Proceedings of twenty-first ACM SIGOPS symposium on Operating systems principles<br />
Pages 1-16 <br />
** Not security and not web people<br />
* What the purposed<br />
** Written by the same people as subspace paper<br />
*** Which came first ?<br />
** Sandbox EVERYTHING <-- solution to everything<br />
* What the implemented<br />
** friv<br />
** Sandbox<br />
** Opensandbox<br />
** Service Instance<br />
** "Ports"<br />
* What the testing was<br />
** Running speed tests not security test , Anil said WHY ? mabey because OS conference cares about speed<br />
** <br />
* Conclusions<br />
<br />
<br />
** Notes<br />
*** Do we want to show figure 2 <---- for what they did<br />
*** Do we want to show figure 3 <--- for what they did and how it works</div>Asoknackhttps://homeostasis.scs.carleton.ca/wiki/index.php?title=OSWebSec:_Web_Mashups&diff=17387OSWebSec: Web Mashups2012-10-03T14:19:54Z<p>Asoknack: </p>
<hr />
<div>[[MashupOS]]</div>Asoknackhttps://homeostasis.scs.carleton.ca/wiki/index.php?title=OSWebSec:_Web_Mashups&diff=17386OSWebSec: Web Mashups2012-10-03T14:18:29Z<p>Asoknack: </p>
<hr />
<div>[[WebOS]]</div>Asoknackhttps://homeostasis.scs.carleton.ca/wiki/index.php?title=OSWebSec:_Web_Mashups&diff=17385OSWebSec: Web Mashups2012-10-03T14:18:08Z<p>Asoknack: Created page with "wikipedia:WebOS"</p>
<hr />
<div>[[wikipedia:WebOS]]</div>Asoknackhttps://homeostasis.scs.carleton.ca/wiki/index.php?title=COMP_3000_Essay_2_2010_Question_7&diff=5580COMP 3000 Essay 2 2010 Question 72010-11-25T21:19:36Z<p>Asoknack: /* References */</p>
<hr />
<div>==Paper==<br />
===Ad Hoc Synchronization Considered Harmful===<br />
Weiwei Xiong<br />
University of California, San Diego<br />
<br />
Soyeon Park, Jiaqi Zhang, Yuanyuan Zhou<br />
University of Illinois at Urbana-Champaign<br />
<br />
Zhiqiang Ma<br />
Intel<br />
==Research Problem==<br />
As the computer industry continues to shift towards multicore processors, concurrent programming and the use of multithreaded designs has increased to keep up with this growing trend. Multithreaded applications can be found in a variety of popular applications today as they take advantage of the multithreaded approach. However, the concepts behind concurrent programming bring with them a host of potential dangers in the form of race conditions and deadlocks resulting from bad programming design and threads accessing shared memory. Fortunately, there are well known and standard methods for dealing with these problems, i.e synchronization primitives. But in real world situations, due to a variety of reasons, as we shall see, programmers often implement their own "ad hoc" synchronizations that eschew common design standards. Ad hoc synchronizations are not well documented and are not discovered by traditional tools for race conditions that look for standard synchronization primitives.<br />
<br />
This paper addresses these concerns in two regards, first it details a thorough study of ad hoc synchronizations. It details their nature, dangers, impact on bug detection tools and prevalence in several major open-source applications. Secondly, it introduces SyncFinder, a program that detects all ad hoc synchronizations and automatically annotates the source code where ad hoc sychnronizations are found. This can see use in conjunction with other data race checkers to improve accuracy and to build custom tools for finding deadlocks and bad programming practices. <br />
<br />
With detailed analysis of ad hoc synchronization and study of their occurrences in several applications, the research ultimately concludes that they are harmful and should be removed. At the same time, SyncFinder detects and documents ad hoc synchronizations in the source code enabling programmers for the first time to easily track and remove them.<br />
<br />
==Background Concepts==<br />
===Race conditions, deadlocks===<br />
Race conditions are an unintended side-effects of programming in concurrent systems, they occur when two or more processes have access to a shared resource and at least one of them have write privilege. This leads to processes modifying the data that all processes share as other may be reading them and results in the reading of stale/incorrect data. They will occur during the execution of the program and often times very difficult to detect or manipulate data in subtle ways. <br />
<br />
Deadlock is when two or more processes share a resource and each process is waiting on the other processes to unlock the resource. It becomes a circular chain and no process can continue.<br />
<br />
Both these issues occur in concurrent programming and although there are no general solutions for deadlock<sup>[[#Foot9|9]]</sup>, there are suitable methods for dealing with them, and in the case of race conditions, using mutual exclusion locks and synchronization primitives can prevent race conditions. But no programmer is infallible and so there is always the issue of race conditions and deadlocks present in production code.<br />
===Ad Hoc Synchronization===<br />
Ad hoc synchronizations are loops called sync loops that continue until certain conditions are met via outside variables called sync variables. They are designed to control the flow of thread execution much like locking and unlocking of resources. There can be multiple sync variables in a sync loop and they can have multiple exit conditions and dependencies. The diversity of the sync loops, their dependencies and execution paths leads to difficulty in finding them.<br />
===Synchronization primitives===<br />
Synchronization variables act as barriers to memory that prevent threads from accessing the same shared resource concurrently<sup>[[#Foot8|8]]</sup>. They come in many forms such as mutexes and condition variables.<br />
Mutexes are mutual exclusive locks that threads employ to lock a resource that they need. No other threads can access them at that point. Once they are finished, they release the lock and the other threads can then lock and access the resource.<br />
Condition variables are variables that will block the thread until a certain condition is met. This allows the thread to only execute when it is safe to perform its operation.<br />
<br />
==Contribution==<br />
Intro to the study of the major applications and what they found<br />
<br />
===Findings===<br />
1.they are prevalent, all applications had them<br />
<br />
2. hard to find<br />
<br />
3. error prone<br />
<br />
4.effect other bug detection<br />
<br />
5. They are diverse. Different forms, multiple exits and dependencies<br />
<br />
Reasons behind why people use ad hoc synchronization and possible improvements over them ie Synchronization primitives<br />
<br />
===SyncFinder===<br />
Intro to what it is and what it does<br />
====How it works====<br />
1. find loops<br />
<br />
2. identify sync loops<br />
<br />
3. EDV analysis<br />
<br />
4. Pruning<br />
<br />
5. Annotation of found sync<br />
<br />
====Uses====<br />
1. A tool to detect bad practices<br />
<br />
2. Extensions to data race detection<br />
<br />
====Accuracy====<br />
<br />
====Related Work and similar tools====<br />
There has been attempts to remove synchronization issues entirely from concurrent programming, such as transactional memory<sup>[[#Foot1|1]]</sup>, a lock-free synchronization that does not require mutexes, and avoids having to use lock, unlock operations. Other attempts have been made to remove bugs that would otherwise be safe from data races but are are still at risk of unintended effects from thread interactions, such as Atomizer<sup>[[#Foot2|2]]</sup>, a dynamic atomicity checker.<br />
<br />
There are tools that detect data races such as CHESS<sup>[[#Foot3|3]]</sup>, a dynamic data race checker that runs through all possible thread execution paths and CTrigger<sup>[[#Foot4|4]]</sup>, a tool that checks for atomicity violations. The problem with these programs is that they only look for standard synchronization methods and structures, such as lock() and cond_wait(). They are not looking for ad hoc synchronizations.<br />
<br />
A similar tool to SyncFinder exists that can detect simple spinning, also an ad hoc synchronization<sup>[[#Foot5|5]]</sup>, but it only detects simple spinning and not the more complicated ad hoc variations.<br />
<br />
Several studies on bug characteristics<sup>[[#Foot6|6]]</sup> and concurrency bugs<sup>[[#Foot7|7]]</sup> have been composed. This paper complements these studies to better understand the nature of ad hoc synchronizations and their occurrence in concurrent programs.<br />
<br />
==Critique==<br />
1. Uses static approach, dynamic would be better<br />
* As stated in the paper, dynamic introduces run-time overhead and is not guaranteed to find if not executed in the test cases<br />
<br />
2. not entirely accurate, some false positives.<br />
<br />
3. In terms of style, lots of unnecessary repetition<br />
<br />
==References==<br />
<span id="Foot1"><sup>1</sup> M Herlihy and J.E.B. Moss, 2NA0. Transactional Memory:<br />
Architectural Support for Lock-Free Data Structures. [online] Available at: <http://www.cs.brown.edu/~mph/HerlihyM93/herlihy93transactional.pdf> [Accessed 23 November 2010].</span><br />
<br />
<span id="Foot2"><sup>2</sup> C Flanagan and S N Freund, 2NA0. Atomizer: A Dynamic Atomicity Checker For Multithreaded Programs (Summary). [online] Company(optional) Available at: <http://www.cs.williams.edu/~freund/papers/atomizer-padtad.pdf> [Accessed 23 November 2010].</span><br />
<br />
<span id="Foot3"><sup>3</sup> T Ball,M Musuvathi and S Qadeer, 2NA0. CHESS: A Systematic Testing Tool for Concurrent. [online] Company(optional) Available at: <http://research.microsoft.com/pubs/70509/tr-2007-149.pdf> [Accessed 23 November 2010].</span><br />
<br />
<span id="Foot4"><sup>4</sup> Author, 2NA0. Title. [online] Company(optional) Available at: <http://pages.cs.wisc.edu/~shanlu/paper/asplos092-zhou.pdf> [Accessed 23 November 2010].</span><br />
<br />
<span id="Foot5"><sup>5</sup> LI, T., LEBECK, A. R., AND SORIN, D. J. Spin detection hardware for improved management of multithreaded systems. IEEE Transactions on Parallel and Distributed Systems PDS-17, 6 (June 2006), 508–521.</span><br />
<br />
<span id="Foot6"><sup>6</sup> Author, 2NA0. Title. [online] Company(optional) Available at: <http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.121.1203&amp;rep=rep1&amp;type=pdf> [Accessed 23 November 2010].</span><br />
<br />
<span id="Foot7"><sup>7</sup> Author, 2NA0. Title. [online] Company(optional) Available at: <[http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.121.1203&amp;rep=rep1&amp;type=pdf]> [Accessed 23 November 2010].</span><br />
<br />
<span id="Foot8"><sup>8</sup> Author, 2NA0. Title. [online] Company(optional) Available at: <[http://www.usenix.org/events/bsdcon/full_papers/baldwin/baldwin_html/node5.html]> [Accessed 23 November 2010].</span><br />
<br />
<span id="Foot9"><sup>9</sup> Author, 2010. Title. [online] Company(optional) Available at: <http://homeostasis.scs.carleton.ca/wiki/index.php/Basic_Synchronization_Principles> [Accessed 23 November 2010].</span></div>Asoknackhttps://homeostasis.scs.carleton.ca/wiki/index.php?title=COMP_3000_Essay_2_2010_Question_7&diff=5579COMP 3000 Essay 2 2010 Question 72010-11-25T21:01:49Z<p>Asoknack: /* References */</p>
<hr />
<div>==Paper==<br />
===Ad Hoc Synchronization Considered Harmful===<br />
Weiwei Xiong<br />
University of California, San Diego<br />
<br />
Soyeon Park, Jiaqi Zhang, Yuanyuan Zhou<br />
University of Illinois at Urbana-Champaign<br />
<br />
Zhiqiang Ma<br />
Intel<br />
==Research Problem==<br />
As the computer industry continues to shift towards multicore processors, concurrent programming and the use of multithreaded designs has increased to keep up with this growing trend. Multithreaded applications can be found in a variety of popular applications today as they take advantage of the multithreaded approach. However, the concepts behind concurrent programming bring with them a host of potential dangers in the form of race conditions and deadlocks resulting from bad programming design and threads accessing shared memory. Fortunately, there are well known and standard methods for dealing with these problems, i.e synchronization primitives. But in real world situations, due to a variety of reasons, as we shall see, programmers often implement their own "ad hoc" synchronizations that eschew common design standards. Ad hoc synchronizations are not well documented and are not discovered by traditional tools for race conditions that look for standard synchronization primitives.<br />
<br />
This paper addresses these concerns in two regards, first it details a thorough study of ad hoc synchronizations. It details their nature, dangers, impact on bug detection tools and prevalence in several major open-source applications. Secondly, it introduces SyncFinder, a program that detects all ad hoc synchronizations and automatically annotates the source code where ad hoc sychnronizations are found. This can see use in conjunction with other data race checkers to improve accuracy and to build custom tools for finding deadlocks and bad programming practices. <br />
<br />
With detailed analysis of ad hoc synchronization and study of their occurrences in several applications, the research ultimately concludes that they are harmful and should be removed. At the same time, SyncFinder detects and documents ad hoc synchronizations in the source code enabling programmers for the first time to easily track and remove them.<br />
<br />
==Background Concepts==<br />
===Race conditions, deadlocks===<br />
Race conditions are an unintended side-effects of programming in concurrent systems, they occur when two or more processes have access to a shared resource and at least one of them have write privilege. This leads to processes modifying the data that all processes share as other may be reading them and results in the reading of stale/incorrect data. They will occur during the execution of the program and often times very difficult to detect or manipulate data in subtle ways. <br />
<br />
Deadlock is when two or more processes share a resource and each process is waiting on the other processes to unlock the resource. It becomes a circular chain and no process can continue.<br />
<br />
Both these issues occur in concurrent programming and although there are no general solutions for deadlock<sup>[[#Foot9|9]]</sup>, there are suitable methods for dealing with them, and in the case of race conditions, using mutual exclusion locks and synchronization primitives can prevent race conditions. But no programmer is infallible and so there is always the issue of race conditions and deadlocks present in production code.<br />
===Ad Hoc Synchronization===<br />
Ad hoc synchronizations are loops called sync loops that continue until certain conditions are met via outside variables called sync variables. They are designed to control the flow of thread execution much like locking and unlocking of resources. There can be multiple sync variables in a sync loop and they can have multiple exit conditions and dependencies. The diversity of the sync loops, their dependencies and execution paths leads to difficulty in finding them.<br />
===Synchronization primitives===<br />
Synchronization variables act as barriers to memory that prevent threads from accessing the same shared resource concurrently<sup>[[#Foot8|8]]</sup>. They come in many forms such as mutexes and condition variables.<br />
Mutexes are mutual exclusive locks that threads employ to lock a resource that they need. No other threads can access them at that point. Once they are finished, they release the lock and the other threads can then lock and access the resource.<br />
Condition variables are variables that will block the thread until a certain condition is met. This allows the thread to only execute when it is safe to perform its operation.<br />
<br />
==Contribution==<br />
Intro to the study of the major applications and what they found<br />
<br />
===Findings===<br />
1.they are prevalent, all applications had them<br />
<br />
2. hard to find<br />
<br />
3. error prone<br />
<br />
4.effect other bug detection<br />
<br />
5. They are diverse. Different forms, multiple exits and dependencies<br />
<br />
Reasons behind why people use ad hoc synchronization and possible improvements over them ie Synchronization primitives<br />
<br />
===SyncFinder===<br />
Intro to what it is and what it does<br />
====How it works====<br />
1. find loops<br />
<br />
2. identify sync loops<br />
<br />
3. EDV analysis<br />
<br />
4. Pruning<br />
<br />
5. Annotation of found sync<br />
<br />
====Uses====<br />
1. A tool to detect bad practices<br />
<br />
2. Extensions to data race detection<br />
<br />
====Accuracy====<br />
<br />
====Related Work and similar tools====<br />
There has been attempts to remove synchronization issues entirely from concurrent programming, such as transactional memory<sup>[[#Foot1|1]]</sup>, a lock-free synchronization that does not require mutexes, and avoids having to use lock, unlock operations. Other attempts have been made to remove bugs that would otherwise be safe from data races but are are still at risk of unintended effects from thread interactions, such as Atomizer<sup>[[#Foot2|2]]</sup>, a dynamic atomicity checker.<br />
<br />
There are tools that detect data races such as CHESS<sup>[[#Foot3|3]]</sup>, a dynamic data race checker that runs through all possible thread execution paths and CTrigger<sup>[[#Foot4|4]]</sup>, a tool that checks for atomicity violations. The problem with these programs is that they only look for standard synchronization methods and structures, such as lock() and cond_wait(). They are not looking for ad hoc synchronizations.<br />
<br />
A similar tool to SyncFinder exists that can detect simple spinning, also an ad hoc synchronization<sup>[[#Foot5|5]]</sup>, but it only detects simple spinning and not the more complicated ad hoc variations.<br />
<br />
Several studies on bug characteristics<sup>[[#Foot6|6]]</sup> and concurrency bugs<sup>[[#Foot7|7]]</sup> have been composed. This paper complements these studies to better understand the nature of ad hoc synchronizations and their occurrence in concurrent programs.<br />
<br />
==Critique==<br />
1. Uses static approach, dynamic would be better<br />
* As stated in the paper, dynamic introduces run-time overhead and is not guaranteed to find if not executed in the test cases<br />
<br />
2. not entirely accurate, some false positives.<br />
<br />
3. In terms of style, lots of unnecessary repetition<br />
<br />
==References==<br />
<span id="Foot1"><sup>1</sup> M Herlihy and J.E.B. Moss, 2NA0. Transactional Memory:<br />
Architectural Support for Lock-Free Data Structures. [online] Available at: <http://www.cs.brown.edu/~mph/HerlihyM93/herlihy93transactional.pdf> [Accessed 23 November 2010].</span><br />
<br />
<span id="Foot2"><sup>2</sup> C Flanagan and S N Freund, 2NA0. Atomizer: A Dynamic Atomicity Checker For Multithreaded Programs (Summary). [online] Company(optional) Available at: <http://www.cs.williams.edu/~freund/papers/atomizer-padtad.pdf> [Accessed 23 November 2010].</span><br />
<br />
<span id="Foot3"><sup>3</sup> Author, 2NA0. Title. [online] Company(optional) Available at: <http://research.microsoft.com/pubs/70509/tr-2007-149.pdf> [Accessed 23 November 2010].</span><br />
<br />
<span id="Foot4"><sup>4</sup> Author, 2NA0. Title. [online] Company(optional) Available at: <http://pages.cs.wisc.edu/~shanlu/paper/asplos092-zhou.pdf> [Accessed 23 November 2010].</span><br />
<br />
<span id="Foot5"><sup>5</sup> LI, T., LEBECK, A. R., AND SORIN, D. J. Spin detection hardware for improved management of multithreaded systems. IEEE Transactions on Parallel and Distributed Systems PDS-17, 6 (June 2006), 508–521.</span><br />
<br />
<span id="Foot6"><sup>6</sup> Author, 2NA0. Title. [online] Company(optional) Available at: <http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.121.1203&amp;rep=rep1&amp;type=pdf> [Accessed 23 November 2010].</span><br />
<br />
<span id="Foot7"><sup>7</sup> Author, 2NA0. Title. [online] Company(optional) Available at: <[http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.121.1203&amp;rep=rep1&amp;type=pdf]> [Accessed 23 November 2010].</span><br />
<br />
<span id="Foot8"><sup>8</sup> Author, 2NA0. Title. [online] Company(optional) Available at: <[http://www.usenix.org/events/bsdcon/full_papers/baldwin/baldwin_html/node5.html]> [Accessed 23 November 2010].</span><br />
<br />
<span id="Foot9"><sup>9</sup> Author, 2010. Title. [online] Company(optional) Available at: <http://homeostasis.scs.carleton.ca/wiki/index.php/Basic_Synchronization_Principles> [Accessed 23 November 2010].</span></div>Asoknackhttps://homeostasis.scs.carleton.ca/wiki/index.php?title=COMP_3000_Essay_2_2010_Question_7&diff=5578COMP 3000 Essay 2 2010 Question 72010-11-25T20:58:37Z<p>Asoknack: /* References */</p>
<hr />
<div>==Paper==<br />
===Ad Hoc Synchronization Considered Harmful===<br />
Weiwei Xiong<br />
University of California, San Diego<br />
<br />
Soyeon Park, Jiaqi Zhang, Yuanyuan Zhou<br />
University of Illinois at Urbana-Champaign<br />
<br />
Zhiqiang Ma<br />
Intel<br />
==Research Problem==<br />
As the computer industry continues to shift towards multicore processors, concurrent programming and the use of multithreaded designs has increased to keep up with this growing trend. Multithreaded applications can be found in a variety of popular applications today as they take advantage of the multithreaded approach. However, the concepts behind concurrent programming bring with them a host of potential dangers in the form of race conditions and deadlocks resulting from bad programming design and threads accessing shared memory. Fortunately, there are well known and standard methods for dealing with these problems, i.e synchronization primitives. But in real world situations, due to a variety of reasons, as we shall see, programmers often implement their own "ad hoc" synchronizations that eschew common design standards. Ad hoc synchronizations are not well documented and are not discovered by traditional tools for race conditions that look for standard synchronization primitives.<br />
<br />
This paper addresses these concerns in two regards, first it details a thorough study of ad hoc synchronizations. It details their nature, dangers, impact on bug detection tools and prevalence in several major open-source applications. Secondly, it introduces SyncFinder, a program that detects all ad hoc synchronizations and automatically annotates the source code where ad hoc sychnronizations are found. This can see use in conjunction with other data race checkers to improve accuracy and to build custom tools for finding deadlocks and bad programming practices. <br />
<br />
With detailed analysis of ad hoc synchronization and study of their occurrences in several applications, the research ultimately concludes that they are harmful and should be removed. At the same time, SyncFinder detects and documents ad hoc synchronizations in the source code enabling programmers for the first time to easily track and remove them.<br />
<br />
==Background Concepts==<br />
===Race conditions, deadlocks===<br />
Race conditions are an unintended side-effects of programming in concurrent systems, they occur when two or more processes have access to a shared resource and at least one of them have write privilege. This leads to processes modifying the data that all processes share as other may be reading them and results in the reading of stale/incorrect data. They will occur during the execution of the program and often times very difficult to detect or manipulate data in subtle ways. <br />
<br />
Deadlock is when two or more processes share a resource and each process is waiting on the other processes to unlock the resource. It becomes a circular chain and no process can continue.<br />
<br />
Both these issues occur in concurrent programming and although there are no general solutions for deadlock<sup>[[#Foot9|9]]</sup>, there are suitable methods for dealing with them, and in the case of race conditions, using mutual exclusion locks and synchronization primitives can prevent race conditions. But no programmer is infallible and so there is always the issue of race conditions and deadlocks present in production code.<br />
===Ad Hoc Synchronization===<br />
Ad hoc synchronizations are loops called sync loops that continue until certain conditions are met via outside variables called sync variables. They are designed to control the flow of thread execution much like locking and unlocking of resources. There can be multiple sync variables in a sync loop and they can have multiple exit conditions and dependencies. The diversity of the sync loops, their dependencies and execution paths leads to difficulty in finding them.<br />
===Synchronization primitives===<br />
Synchronization variables act as barriers to memory that prevent threads from accessing the same shared resource concurrently<sup>[[#Foot8|8]]</sup>. They come in many forms such as mutexes and condition variables.<br />
Mutexes are mutual exclusive locks that threads employ to lock a resource that they need. No other threads can access them at that point. Once they are finished, they release the lock and the other threads can then lock and access the resource.<br />
Condition variables are variables that will block the thread until a certain condition is met. This allows the thread to only execute when it is safe to perform its operation.<br />
<br />
==Contribution==<br />
Intro to the study of the major applications and what they found<br />
<br />
===Findings===<br />
1.they are prevalent, all applications had them<br />
<br />
2. hard to find<br />
<br />
3. error prone<br />
<br />
4.effect other bug detection<br />
<br />
5. They are diverse. Different forms, multiple exits and dependencies<br />
<br />
Reasons behind why people use ad hoc synchronization and possible improvements over them ie Synchronization primitives<br />
<br />
===SyncFinder===<br />
Intro to what it is and what it does<br />
====How it works====<br />
1. find loops<br />
<br />
2. identify sync loops<br />
<br />
3. EDV analysis<br />
<br />
4. Pruning<br />
<br />
5. Annotation of found sync<br />
<br />
====Uses====<br />
1. A tool to detect bad practices<br />
<br />
2. Extensions to data race detection<br />
<br />
====Accuracy====<br />
<br />
====Related Work and similar tools====<br />
There has been attempts to remove synchronization issues entirely from concurrent programming, such as transactional memory<sup>[[#Foot1|1]]</sup>, a lock-free synchronization that does not require mutexes, and avoids having to use lock, unlock operations. Other attempts have been made to remove bugs that would otherwise be safe from data races but are are still at risk of unintended effects from thread interactions, such as Atomizer<sup>[[#Foot2|2]]</sup>, a dynamic atomicity checker.<br />
<br />
There are tools that detect data races such as CHESS<sup>[[#Foot3|3]]</sup>, a dynamic data race checker that runs through all possible thread execution paths and CTrigger<sup>[[#Foot4|4]]</sup>, a tool that checks for atomicity violations. The problem with these programs is that they only look for standard synchronization methods and structures, such as lock() and cond_wait(). They are not looking for ad hoc synchronizations.<br />
<br />
A similar tool to SyncFinder exists that can detect simple spinning, also an ad hoc synchronization<sup>[[#Foot5|5]]</sup>, but it only detects simple spinning and not the more complicated ad hoc variations.<br />
<br />
Several studies on bug characteristics<sup>[[#Foot6|6]]</sup> and concurrency bugs<sup>[[#Foot7|7]]</sup> have been composed. This paper complements these studies to better understand the nature of ad hoc synchronizations and their occurrence in concurrent programs.<br />
<br />
==Critique==<br />
1. Uses static approach, dynamic would be better<br />
* As stated in the paper, dynamic introduces run-time overhead and is not guaranteed to find if not executed in the test cases<br />
<br />
2. not entirely accurate, some false positives.<br />
<br />
3. In terms of style, lots of unnecessary repetition<br />
<br />
==References==<br />
<span id="Foot1"><sup>1</sup> M Herlihy and J.E.B. Moss, 2NA0. Transactional Memory:<br />
Architectural Support for Lock-Free Data Structures. [online] Available at: <http://www.cs.brown.edu/~mph/HerlihyM93/herlihy93transactional.pdf> [Accessed 23 November 2010].</span><br />
<br />
<span id="Foot2"><sup>2</sup> Author, 2010. Title. [online] Company(optional) Available at: <http://www.cs.williams.edu/~freund/papers/atomizer-padtad.pdf> [Accessed 23 November 2010].</span><br />
<br />
<span id="Foot3"><sup>3</sup> Author, 2010. Title. [online] Company(optional) Available at: <http://research.microsoft.com/pubs/70509/tr-2007-149.pdf> [Accessed 23 November 2010].</span><br />
<br />
<span id="Foot4"><sup>4</sup> Author, 2010. Title. [online] Company(optional) Available at: <http://pages.cs.wisc.edu/~shanlu/paper/asplos092-zhou.pdf> [Accessed 23 November 2010].</span><br />
<br />
<span id="Foot5"><sup>5</sup> LI, T., LEBECK, A. R., AND SORIN, D. J. Spin detection hardware for improved management of multithreaded systems. IEEE Transactions on Parallel and Distributed Systems PDS-17, 6 (June 2006), 508–521.</span><br />
<br />
<span id="Foot6"><sup>6</sup> Author, 2010. Title. [online] Company(optional) Available at: <http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.121.1203&amp;rep=rep1&amp;type=pdf> [Accessed 23 November 2010].</span><br />
<br />
<span id="Foot7"><sup>7</sup> Author, 2010. Title. [online] Company(optional) Available at: <[http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.121.1203&amp;rep=rep1&amp;type=pdf]> [Accessed 23 November 2010].</span><br />
<br />
<span id="Foot8"><sup>8</sup> Author, 2010. Title. [online] Company(optional) Available at: <[http://www.usenix.org/events/bsdcon/full_papers/baldwin/baldwin_html/node5.html]> [Accessed 23 November 2010].</span><br />
<br />
<span id="Foot9"><sup>9</sup> Author, 2010. Title. [online] Company(optional) Available at: <http://homeostasis.scs.carleton.ca/wiki/index.php/Basic_Synchronization_Principles> [Accessed 23 November 2010].</span></div>Asoknackhttps://homeostasis.scs.carleton.ca/wiki/index.php?title=COMP_3000_Essay_2_2010_Question_7&diff=5577COMP 3000 Essay 2 2010 Question 72010-11-25T20:58:15Z<p>Asoknack: /* References */</p>
<hr />
<div>==Paper==<br />
===Ad Hoc Synchronization Considered Harmful===<br />
Weiwei Xiong<br />
University of California, San Diego<br />
<br />
Soyeon Park, Jiaqi Zhang, Yuanyuan Zhou<br />
University of Illinois at Urbana-Champaign<br />
<br />
Zhiqiang Ma<br />
Intel<br />
==Research Problem==<br />
As the computer industry continues to shift towards multicore processors, concurrent programming and the use of multithreaded designs has increased to keep up with this growing trend. Multithreaded applications can be found in a variety of popular applications today as they take advantage of the multithreaded approach. However, the concepts behind concurrent programming bring with them a host of potential dangers in the form of race conditions and deadlocks resulting from bad programming design and threads accessing shared memory. Fortunately, there are well known and standard methods for dealing with these problems, i.e synchronization primitives. But in real world situations, due to a variety of reasons, as we shall see, programmers often implement their own "ad hoc" synchronizations that eschew common design standards. Ad hoc synchronizations are not well documented and are not discovered by traditional tools for race conditions that look for standard synchronization primitives.<br />
<br />
This paper addresses these concerns in two regards, first it details a thorough study of ad hoc synchronizations. It details their nature, dangers, impact on bug detection tools and prevalence in several major open-source applications. Secondly, it introduces SyncFinder, a program that detects all ad hoc synchronizations and automatically annotates the source code where ad hoc sychnronizations are found. This can see use in conjunction with other data race checkers to improve accuracy and to build custom tools for finding deadlocks and bad programming practices. <br />
<br />
With detailed analysis of ad hoc synchronization and study of their occurrences in several applications, the research ultimately concludes that they are harmful and should be removed. At the same time, SyncFinder detects and documents ad hoc synchronizations in the source code enabling programmers for the first time to easily track and remove them.<br />
<br />
==Background Concepts==<br />
===Race conditions, deadlocks===<br />
Race conditions are an unintended side-effects of programming in concurrent systems, they occur when two or more processes have access to a shared resource and at least one of them have write privilege. This leads to processes modifying the data that all processes share as other may be reading them and results in the reading of stale/incorrect data. They will occur during the execution of the program and often times very difficult to detect or manipulate data in subtle ways. <br />
<br />
Deadlock is when two or more processes share a resource and each process is waiting on the other processes to unlock the resource. It becomes a circular chain and no process can continue.<br />
<br />
Both these issues occur in concurrent programming and although there are no general solutions for deadlock<sup>[[#Foot9|9]]</sup>, there are suitable methods for dealing with them, and in the case of race conditions, using mutual exclusion locks and synchronization primitives can prevent race conditions. But no programmer is infallible and so there is always the issue of race conditions and deadlocks present in production code.<br />
===Ad Hoc Synchronization===<br />
Ad hoc synchronizations are loops called sync loops that continue until certain conditions are met via outside variables called sync variables. They are designed to control the flow of thread execution much like locking and unlocking of resources. There can be multiple sync variables in a sync loop and they can have multiple exit conditions and dependencies. The diversity of the sync loops, their dependencies and execution paths leads to difficulty in finding them.<br />
===Synchronization primitives===<br />
Synchronization variables act as barriers to memory that prevent threads from accessing the same shared resource concurrently<sup>[[#Foot8|8]]</sup>. They come in many forms such as mutexes and condition variables.<br />
Mutexes are mutual exclusive locks that threads employ to lock a resource that they need. No other threads can access them at that point. Once they are finished, they release the lock and the other threads can then lock and access the resource.<br />
Condition variables are variables that will block the thread until a certain condition is met. This allows the thread to only execute when it is safe to perform its operation.<br />
<br />
==Contribution==<br />
Intro to the study of the major applications and what they found<br />
<br />
===Findings===<br />
1.they are prevalent, all applications had them<br />
<br />
2. hard to find<br />
<br />
3. error prone<br />
<br />
4.effect other bug detection<br />
<br />
5. They are diverse. Different forms, multiple exits and dependencies<br />
<br />
Reasons behind why people use ad hoc synchronization and possible improvements over them ie Synchronization primitives<br />
<br />
===SyncFinder===<br />
Intro to what it is and what it does<br />
====How it works====<br />
1. find loops<br />
<br />
2. identify sync loops<br />
<br />
3. EDV analysis<br />
<br />
4. Pruning<br />
<br />
5. Annotation of found sync<br />
<br />
====Uses====<br />
1. A tool to detect bad practices<br />
<br />
2. Extensions to data race detection<br />
<br />
====Accuracy====<br />
<br />
====Related Work and similar tools====<br />
There has been attempts to remove synchronization issues entirely from concurrent programming, such as transactional memory<sup>[[#Foot1|1]]</sup>, a lock-free synchronization that does not require mutexes, and avoids having to use lock, unlock operations. Other attempts have been made to remove bugs that would otherwise be safe from data races but are are still at risk of unintended effects from thread interactions, such as Atomizer<sup>[[#Foot2|2]]</sup>, a dynamic atomicity checker.<br />
<br />
There are tools that detect data races such as CHESS<sup>[[#Foot3|3]]</sup>, a dynamic data race checker that runs through all possible thread execution paths and CTrigger<sup>[[#Foot4|4]]</sup>, a tool that checks for atomicity violations. The problem with these programs is that they only look for standard synchronization methods and structures, such as lock() and cond_wait(). They are not looking for ad hoc synchronizations.<br />
<br />
A similar tool to SyncFinder exists that can detect simple spinning, also an ad hoc synchronization<sup>[[#Foot5|5]]</sup>, but it only detects simple spinning and not the more complicated ad hoc variations.<br />
<br />
Several studies on bug characteristics<sup>[[#Foot6|6]]</sup> and concurrency bugs<sup>[[#Foot7|7]]</sup> have been composed. This paper complements these studies to better understand the nature of ad hoc synchronizations and their occurrence in concurrent programs.<br />
<br />
==Critique==<br />
1. Uses static approach, dynamic would be better<br />
* As stated in the paper, dynamic introduces run-time overhead and is not guaranteed to find if not executed in the test cases<br />
<br />
2. not entirely accurate, some false positives.<br />
<br />
3. In terms of style, lots of unnecessary repetition<br />
<br />
==References==<br />
<span id="Foot1"><sup>1</sup> M Herlihy and J.E.B. Moss, 2NA0. Transactional Memory:<br />
Architectural Support for Lock-Free Data Structures. [online] Company(optional) Available at: <http://www.cs.brown.edu/~mph/HerlihyM93/herlihy93transactional.pdf> [Accessed 23 November 2010].</span><br />
<br />
<span id="Foot2"><sup>2</sup> Author, 2010. Title. [online] Company(optional) Available at: <http://www.cs.williams.edu/~freund/papers/atomizer-padtad.pdf> [Accessed 23 November 2010].</span><br />
<br />
<span id="Foot3"><sup>3</sup> Author, 2010. Title. [online] Company(optional) Available at: <http://research.microsoft.com/pubs/70509/tr-2007-149.pdf> [Accessed 23 November 2010].</span><br />
<br />
<span id="Foot4"><sup>4</sup> Author, 2010. Title. [online] Company(optional) Available at: <http://pages.cs.wisc.edu/~shanlu/paper/asplos092-zhou.pdf> [Accessed 23 November 2010].</span><br />
<br />
<span id="Foot5"><sup>5</sup> LI, T., LEBECK, A. R., AND SORIN, D. J. Spin detection hardware for improved management of multithreaded systems. IEEE Transactions on Parallel and Distributed Systems PDS-17, 6 (June 2006), 508–521.</span><br />
<br />
<span id="Foot6"><sup>6</sup> Author, 2010. Title. [online] Company(optional) Available at: <http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.121.1203&amp;rep=rep1&amp;type=pdf> [Accessed 23 November 2010].</span><br />
<br />
<span id="Foot7"><sup>7</sup> Author, 2010. Title. [online] Company(optional) Available at: <[http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.121.1203&amp;rep=rep1&amp;type=pdf]> [Accessed 23 November 2010].</span><br />
<br />
<span id="Foot8"><sup>8</sup> Author, 2010. Title. [online] Company(optional) Available at: <[http://www.usenix.org/events/bsdcon/full_papers/baldwin/baldwin_html/node5.html]> [Accessed 23 November 2010].</span><br />
<br />
<span id="Foot9"><sup>9</sup> Author, 2010. Title. [online] Company(optional) Available at: <http://homeostasis.scs.carleton.ca/wiki/index.php/Basic_Synchronization_Principles> [Accessed 23 November 2010].</span></div>Asoknackhttps://homeostasis.scs.carleton.ca/wiki/index.php?title=Talk:COMP_3000_Essay_2_2010_Question_7&diff=4975Talk:COMP 3000 Essay 2 2010 Question 72010-11-15T16:00:26Z<p>Asoknack: </p>
<hr />
<div>'''Attendence. Please mark your name to say you're here'''<br />
<br />
Stephany Lay<br />
--[[User:Asoknack|Asoknack]] 16:00, 15 November 2010 (UTC)</div>Asoknackhttps://homeostasis.scs.carleton.ca/wiki/index.php?title=Talk:COMP_3000_Essay_1_2010_Question_1&diff=3559Talk:COMP 3000 Essay 1 2010 Question 12010-10-14T02:45:09Z<p>Asoknack: /* The Essay */</p>
<hr />
<div>== Microkernel == <br />
* Moving kernel functionality into processes contained in user space, e.g. file systems, drivers<br />
* Keep basic functionality in kernel to handle sharing of resources<br />
* Separation allows for manageability and security, corruption in one does not necessarily cause failure in system<br />
* Large amount of moving from a process to Kernel to user space and back again, this is a costly operation.<br />
<br />
----<br />
<br />
''' Microkernel '''<br />
* try's to minimize the amount of software that is mandatory or required [7]<br />
advantages of Microkernel<br />
* favors a modular system structure [7]<br />
* one failure of a program does not impact any other programs [7]<br />
* can support more than one api or strategies since all programs are separated [7]<br />
==== Microkernel Concepts ==== <br />
* piece of code is allowed in the kernel only if moving it outside the kernel would adversely affect the system. [7]<br />
* any subsystem program created must be independent of all other subsystem's, any subsystem that is used can guarantee this from all other subsystems [7]<br />
===== Address Space =====<br />
* a mapping that relates the physical page to the virtual page. [7]<br />
* processor specific [7]<br />
* hide's the hardware's concept of address space [7]<br />
* based off the idea of recursion each subsystem has it's own address space [7]<br />
* the micro kernel provides 3 operations [7]<br />
** Grant [7]<br />
*** allows the owner to give a page to a recipient, provided the recipient want's it the page is removed from the owner's address space and but in the recipients. [7]<br />
*** must be available to the owner. [7]<br />
** Map [7]<br />
*** allows the user to share a page with a recipient [7]<br />
*** page is not removed from the owner's address space. [7]<br />
** Flush [7]<br />
*** remove's the page from all recipients address space [7]<br />
*** how does this work with Grant --[[User:Asoknack|Asoknack]] 19:10, 12 October 2010 (UTC)<br />
* allows memory management and paging out side the kernel<br />
* Map and flush is required for memory manger's and pagers [7]<br />
* can be used to implement access right's [7]<br />
* controlling I/O Right's and driver's are not done at kernel level [7]<br />
<br />
===== Thread's IPC =====<br />
* Threads<br />
** in the kernel [7]<br />
** Since a thread has an address space , all changes to the thread need to be done by the kernel [7]<br />
* IPC [7]<br />
** in the kernel IPC<br />
** grant and map also need IPC (So buye the priciple above this has to be in the kernel)[7]<br />
** basic way for sub process to communicate. [7]<br />
* Interrupts<br />
** partially in the kernel [7]<br />
** hard ware is a set of thread's which are empty except for there unique sender id [7]<br />
** transformation of the message to the interrupt is done in the kernel [7]<br />
** the kernel is not involved in device - specific interrupt's and does not understand the interrupt. [7]<br />
*** resting the interrupt is done at user level [7]<br />
** if a privileged command is need it is done implicitly the next time an IPC command is sent from the device [7]<br />
<br />
===== Unique Identifiers =====<br />
<br />
== Virtual Machine ==<br />
* Partitioning or virtualizing resources among OS virtualization running on top of host OS<br />
* Virtualized OS believe running on full machine on its own<br />
<br />
----<br />
System Level Virtualization<br />
<br />
=== VMM ===<br />
* stands for Virtual Machine Monitor, also known as the hyper-visor[4]<br />
* responsible for virtualization of hardware(mapping physical to virtual) and the VM that run on top of the virtuallized hardware [4]<br />
* usually a small os with no drivers , so it is coupled with a linux distro that provides device / hardware access [4]<br />
** the os that the VMM is using for driver's is called the hostOS [6]<br />
*the hostOS provides login and physical access to the hardware as well as management for the VMM [6]<br />
=== VM ===<br />
* the OS that the vm is running is called the guestOS [6]<br />
* the guestOS only sees resources that have been allocated to the VM [6]<br />
==== three approaches ====<br />
*Type I virtualization [5]<br />
** runs off the physical hardware [4]<br />
** Isolation of the guestOs from the hardware is done threw processe level protection meachnism[6]<br />
*** ring 0 = VMM [6]<br />
*** ring 1 = VM [6]<br />
*** this means all instructions from the VM must go threw the VMM [6]<br />
** since there can be multiple VM's on a computer the scheduling is done by the VMM [6]<br />
** on boot the VMM creates a hardware platform for the VM [6]<br />
** load's the VM kernel into virtual memory and then boot's it like a regular computer [6]<br />
** ex. Xen [4]<br />
*Type II virtualization [5]<br />
** run off the host Os [4]<br />
** ex. VMware , QEMU [4]<br />
* Para-virtualization [6]<br />
** Similar to Type but use the HostOs for Device driver access [6]<br />
** Provide a virtualization that is similar to hardware [From the paper posted, no citation yet]<br />
** GuestOS and Hypervisor work together to improve performance<br />
<br />
== Exokernel ==<br />
* Micro-kernel architecture with limited abstractions, ask for resource, get resource not resource abstraction<br />
* Less functionality provided by kernel, security and handling of resource sharing<br />
* Once application receives resource, it can use it as it wishes/in control<br />
* Keep the basic kernel to handle allocating resources and sharing rather than developing straight to the hardware<br />
<br />
----<br />
* multiplex resources securely providing protection to mutual distrustful application threw the use of secure binding's[1]<br />
* Goal of the exokernel is to give LibOS maximum freedom with out allowing them to interfere with each other. to do this the exokernel separates protection from management in doing this it provide 3 important tasks[1]<br />
** tracking ownership of resources [1]<br />
** ensuring protection by guarding all resource usage and binding points (not to shure what binding points are)[1]<br />
** revoking access to the resources [1]<br />
* LibrayOS (LibOs)<br />
** Reduces the number of kernel crossings[1]<br />
** Not trusted by the exokernel so can be trusted by the application , Example given is a bad parameter passed to the LibOs only the application is affected.[1] (So LibOs cant interact with kernel ???)<br />
** Any application running on the Exokernel can change the LibrayOs freely [1]<br />
** Application that use LibOS that implement standard interfaces (POSIX) will be portable on any system with the same interface [1]<br />
** LibOs can be made portable if it is designed to interact with a low-level machine independent level to hide hardware details [1]<br />
<br />
=== Exokernel Design ===<br />
==== Design Principles ====<br />
*Securely Expose Hardware [1]<br />
** an Exokernel tries to create low level primitives that the hardware resources can be accessed from, this also includes interrupts,exceptions [1]<br />
** the exokernel also export privileged instructions to the LibOS so that traditional OS abstractions can be implemented (eg Process , address pace)[1]<br />
** Exokernels should avoid resource management except when required protection ( allocation , revocation , ownership)[1]<br />
** application based resource management is the best way to build flexible efficient flexible systems [1]<br />
*Expose allocation[1]<br />
** allow LibOs to request physical resources [1]<br />
** resource allocation should not be automatic, the LibOS should participate in every single allocation decision [1]<br />
*Expose Names[1]<br />
** Use physical name's when ever possible[3] (not to sure what physical names are, I think it is as simple as what the hardware is called)--[[User:Asoknack|Asoknack]] 20:27, 9 October 2010 (UTC)<br />
** Physical names capture useful information [3]<br />
*** safer than and less resource intensive than virtual names as no translations are needed[3]<br />
*Expose Revocation [1]<br />
** use visible revocation protocol [1]<br />
** allows well behaved LibOS to preform application level resource management [1]<br />
** Visible revocation allows the LibOS to choose what instance of the resource to release[1](Visible means that when revocation happens the exokernel tell the LibOS that resource is being revoked)<br />
''' Policy '''<br />
* LibOS handle resource policy decisions<br />
* Exokernels have a policy to decided between competing LibOS (Priority , share of resources)<br />
** it enforces this threw allocation and deallocation (every thing can achieved threw this even what block to write and such)<br />
<br />
==== Secure Bindings ====<br />
* Used by the exokernel to allow the LibOS to bind to resources [1]<br />
* Allows the separation of protection and resource use [1]<br />
* only checks authorization during bind time [1]<br />
** Application's with complex needs for resources only authorized during bind.[1]<br />
* access checking is done during access time and there is no need to understand complex resources needs during access[1]<br />
** (this means that the exokernel checks once to make sure an application has authorization once approved, when the application tries to use the resource the exokernel is only concerned about policy conflict's)--[[User:Asoknack|Asoknack]] 18:20, 9 October 2010 (UTC)<br />
** allows the kernel to protect the resources with out understanding what the resource is [1]<br />
*three way's to implement<br />
* Hardware Mechanisms [1]<br />
* Software caching [1]<br />
* Downloading application code [1]<br />
''' Downloading Code to the Kernel '''<br />
* used to implement secure bindings , and improve performance[1]<br />
** eliminate the number of kernel crossings [1]<br />
** downloaded code can be run with out the application to be scheduled [2]<br />
==== Visible Resource Revocation ====<br />
* Used for most resources [1]<br />
** allows for LibOS to help with deallocation [1]<br />
** LibOS are able to garner what resources are scare [1]<br />
* Slower than Invisible as application involvement is required [1]<br />
** ex of when invisible is used is Processor addressing-context identifiers [1]<br />
==== Abort Protocol ====<br />
* allows the exokernel to take resources away from the LibOS [1]<br />
* used when the LibOS fails to respond to the revocation request [1]<br />
* Exokernel must be careful not to delete as the LibOS might need to write some system critical data to the resource [1]<br />
<br />
== Comparisons ==<br />
====Exokernel/Microkernel====<br />
'''Similarities'''<br />
* Limited functionality in kernel<br />
** functionality in kernel to handle sharing of resources and security<br />
** avoids programming directly to hardware which creates a dependency<br />
* Additional functionality provided in user space as processes<br />
'''Differences'''<br />
* Minimal abstractions provided by the kernel<br />
** Applications given more power in exokernel<br />
<br />
====Exokernel/VM====<br />
'''Similarities'''<br />
* Idea of partitioning resources between applications/OSs<br />
* "Control" of resource given<br />
* Isolation from other applications/OSs<br />
'''Differences'''<br />
* Exokernel runs applications, VM runs OS<br />
* VM uses a hostOS and guestOSs run on top<br />
* Virtualization on VMs, Exokernel deals with real resources<br />
* VM hides a lot of information because it emulates. Exokernel does not.<br />
<br />
====Microkernel/VM====<br />
'''Differences'''<br />
* With a virtual machine, you are not virtualizing apps like with a microkernel but virtualizing an entire Operating System.<br />
* This can be costly but the benefits are that it's easier and all the standard OS features are available.<br />
<br />
== References ==<br />
[1]<nowiki> Engler, D. R., Kaashoek, M. F., and O'Toole, J. 1995. Exokernel: an operating system architecture for application-level resource management. In Proceedings of the Fifteenth ACM Symposium on Operating Systems Principles (Copper Mountain, Colorado, United States, December 03 - 06, 1995). M. B. Jones, Ed. SOSP '95. ACM, New York, NY, 251-266. DOI= http://doi.acm.org/10.1145/224056.224076 </nowiki><br />
<br />
[2]<nowiki>Engler, Dawson R. "The Exokernel Operating System Architecture." Diss. Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 1998. Web. 9 Oct. 2010. <http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.61.5054&rep=rep1&type=pdf>.</nowiki><br />
<br />
[3]<nowiki>Kaashoek, M. F., Engler, D. R., Ganger, G. R., Briceño, H. M., Hunt, R., Mazières, D., Pinckney, T., Grimm, R., Jannotti, J., and Mackenzie, K. 1997. Application performance and flexibility on exokernel systems. In Proceedings of the Sixteenth ACM Symposium on Operating Systems Principles (Saint Malo, France, October 05 - 08, 1997). W. M. Waite, Ed. SOSP '97. ACM, New York, NY, 52-65. DOI= http://doi.acm.org/10.1145/268998.266644 </nowiki><br />
<br />
[4]<nowiki>Vallee, G.; Naughton, T.; Engelmann, C.; Hong Ong; Scott, S.L.; , "System-Level Virtualization for High Performance Computing," Parallel, Distributed and Network-Based Processing, 2008. PDP 2008. 16th Euromicro Conference on , vol., no., pp.636-643, 13-15 Feb. 2008<br />
DOI= http://doi.acm.org/10.1109/PDP.2008.85 </nowiki><br />
<br />
[5]<nowiki>Goldberg, R. P. 1973. Architecture of virtual machines. In Proceedings of the Workshop on Virtual Computer Systems (Cambridge, Massachusetts, United States, March 26 - 27, 1973). ACM, New York, NY, 74-112. DOI= http://doi.acm.org/10.1145/800122.803950 </nowiki><br />
<br />
[6]<nowiki>Vallee, G., Naughton, T., and Scott, S. L. 2007. System management software for virtual environments. In Proceedings of the 4th international Conference on Computing Frontiers (Ischia, Italy, May 07 - 09, 2007). CF '07. ACM, New York, NY, 153-160. DOI= http://doi.acm.org/10.1145/1242531.1242555 </nowiki><br />
<br />
[7]<nowiki>Liedtke, J. 1995. On micro-kernel construction. In Proceedings of the Fifteenth ACM Symposium on Operating Systems Principles (Copper Mountain, Colorado, United States, December 03 - 06, 1995). M. B. Jones, Ed. SOSP '95. ACM, New York, NY, 237-250. DOI= http://doi.acm.org/10.1145/224056.224075 </nowiki><br />
<br />
== Unsorted ==<br />
An overview of exokernels,virtual machines, microkernels *[http://www2.supchurch.org:10999/files/school/classes/CSCI4730/Lectures/grad-structures.ppt Overview](Power Point)<br><br />
Should not be used as a source but an overview.<br />
<br />
The original paper on [http://portal.acm.org/citation.cfm?id=224076 Exokernels] --[[User:Gautam|Gautam]] 22:39, 6 October 2010 (UTC)<br />
<br />
Exokernel-<br />
Minimalistic abstractions for developers<br />
Exokernels can be seen as a good compromise between virtual machines and microkernels in the sense that exokernels can give that low level access to developers similar to direct access through a protected layer and at the same time can contain enough hardware abstraction to allow similar benefit of hiding the hardware resources to application programs.<br />
Exokernel – fewest hardware abstractions to developer<br />
Microkernel - is the near-minimum amount of software that can provide the mechanisms needed to implement an operating system<br />
Virtual machine is a simulation of any or devices requested by an application program<br />
Exokenel – I’ve got a sound card<br />
Virtual Machine – I’ve got the sound card you’re looking for, perfect virtual match<br />
Microkernel – I’ve got sound card that plays Khazikstan sound format only<br />
MicroKernel - Very small, very predictable, good for schedualing (QNX is a microkernel - POSIX compatable, benefits of running linux software like modern browsers) <br />
<br />
This is some ideas I've got on this question, please contribute below<br />
-Rovic<br />
<br />
Outlining some main features here as I see them.<br />
<br />
I found that the exokernel was an even lower-level design than the microkernel, closer to the hardware without abstraction. They have the same architecture with the basic functionality contained in the kernel to manage everyone. As the exokernel "gives" the resource to the application it can use the resource in isolation of other applications (until forced to shared) much like VMs receive their resources, either partitioned or virtualized, and execute as if its running on its own machine. There is this similar notion of partitioning the resources among applications/OS and allowing them to take control of what they have. <br />
<br />
I'll locate some references later on. --[[User:Slay|Slay]] 15:00, 7 October 2010 (UTC)<br />
<br />
I'm just going to post my answer for question 1 on the individuel assignment and hope it helps. --[[User:Aellebla|Aellebla]] 15:06, 12 October 2010 (UTC)<br />
<br />
The design of the micro kernel was to take everything they could out of the Kernel and put it into a process. For ex, networking would be put into a process instead of staying in the kernel. The micro kernel dev's tried to keep lots of things in user space for efficiency. But one major problem with this is there would be a large amount of moving from a process to the kernel to user space and back again and this is a costly, non efficient process.It was an application specific OS, there was no multiplexing. With a virtual machine you are not virtualizing apps like with a microkernel but virtualizing an entire Operating System. This is very heavy however but the benefits are that it‟s easy and all the standard OS features are there whereas in a microkernel setup they would not all be there and this can be seen as a compromise.<br />
<br />
Exokernels can be seen as a compromise to virtual machines and microkernels because virtual machines emulate and exokernels do not. When you emulate something you hide a lot of the actual information because you wouldn‟t be able to see the „real‟ hardware. If we look at a virtual box setup running Linux, and we go look at all the hardware, it will be displayed as fake hardware.<br />
<br />
<br />
<br />
Maybe we can have an introduction - paragraph or so on each type - then similarities - differences - and the compromise. I am going to do some research and writing this weekend and I will put some up -- Jslonosky<br />
<br />
btw in my page (i guess you can call it that) i have some resources i have found --[[User:Asoknack|Asoknack]] 15:50, 8 October 2010 (UTC)<br />
- Wow, nice man. I will go ahead and write up the descriptive paragraphs on each kernel and virtual machine if no one minds. --Jslonosky<br />
<br />
I think we should divide up the paragraphs and proofread each others instead. (Are there only 4 of us?) I don't have much time to work on this today though but I'll try to work on it tomorrow morning. - Slay<br />
<br />
Sure guy. That sounds good. There should be 5 or 6 of us though.. . Oh well. Their loss. I will do some before or after work today. Ill start with Microkernel since there is not a large amount of info here, and so we don't overlap each other - JSlonosky<br />
<br />
yeah i think there was more like 7 of us btw if any one has any more information feel free to add it would be nice if you add the references so that way citing is really easy on acm.org it will auto give you the citation info (where it says Display Formats click on ACM Ref and new window with the citation info auto pop's up) --[[User:Asoknack|Asoknack]] 02:28, 11 October 2010 (UTC)<br />
<br />
I added an outline of the similarities and differences. Add any more that I missed. These are from observations so I don't have any resources. -Slay<br />
That's probably fine. Our textbook probably outlines some of them, so I am sure we can find a few there - JSlonosky<br />
<br />
Talked to the teacher today and for VM he said we should focus on the implementation such as Xen and VMware , he also said to talk about para virtualization --[[User:Asoknack|Asoknack]] 18:42, 12 October 2010 (UTC)<br />
<br />
A paper about emulation and paravirtualization [http://portal.acm.org/citation.cfm?id=1189289&coll=GUIDE&dl=GUIDE&CFID=105648137&CFTOKEN=47153176&ret=1#Fulltext link] - Slay<br />
<br />
Oh no big words. Sorry about the Microkernels not done yet. Working on an outline now. Finally found how to access the ACM through carleton. Gawd. <br />
I am planning an outline, quick bit about kernels in general, (maybe mention monolith kernels?), and what microkernels do.<br />
I see the microkernel outline info and a reference ( Whomever did that == hero: true) about the scheduling and the Memory management. Should that be included in kernels in general and then mention what microkernels build upon/change? - JSlonosky<br />
<br />
Sorry late to the party here. My mistake was not checking the discussion page when I checked in. I don't want to trample anyone's current work but I don't see any work on the final essay done. I would love to help just need to know where I can step in so as to not screw anyone else up. -- [[User:Cling|Cling]]<br />
<br />
I don't think I'll be able to write up something for the final essay, even though I suggested splitting it. I'll do research tonight though on the paravirtualization. If I find the time, I'll try to write something. Sorry about that. --[[User:Slay|Slay]] 21:52, 13 October 2010 (UTC)<br />
<br />
We all have 3004 to do too, man. I do not think anyone has chosen to do Virtual Machine section yet, or the Exokernel itself. But the contrast paragraph and the intro is chosen, and intro is done. Microkernel and kernel will be done in a hour I hope. -- JSlonosky<br />
<br />
I can attempt to write up anything, the issue is I don't have any context on what to write, how do I tie it in to the rest of the essay? I only have a Japanese Quiz tomorrow morning then I should be good to write anything up for the rest of the day. As someone who has already written part of the essay, and assuming I attempt the exokernel section, how much do you think I should write? Should it just be about exokernel or should there be comparisons to the other topics? Thanks --[[User:Cling|Cling]] 23:14, 13 October 2010 (UTC)<br />
<br />
Go with the Exokernel itself. Slade is getting off work in a hour and we can double check what he is doing then. We can put it together tomorrow sometime, and fill in the other stuff. - JSLonosky<br />
<br />
I'll attempt to work on VM tonight, then. I would feel so bad if I didn't write anything. -Slay<br />
<br />
Still wondering how much to write, I think we should decide on a decent word count or length so we don't have one short section (which would probably be mine) and/or one massive section that dwarfs all the others. If anyone has already written a section could you post your word count so we can aim to be around there, it would obviously be just a recommendation but it's just better to be on the safe side and have everything uniform. I haven't seen any formal requirements for the essay but I could be wrong, I also haven't been to class in a while. --[[User:Cling|Cling]] 23:33, 13 October 2010 (UTC)<br />
<br />
<br />
Yeah Slay, VM probably doesnt have much to write about. Get something down, and we can go over it. CLing, Just write what you think. There is not a lot to go over if I write kernel/microkernel well enough. What is a exokernel? exokernel was an even lower-level design than the microkernel, closer to the hardware without abstraction, basically (As said by Slade). I will probably end up with 500 or a bit more words. -- JSlonosky<br />
<br />
Sound off!<br />
<br />
Who's actually reading this? Add your name to the list...<br />
<br />
Rovic P.<br />
Jon Slonosky<br />
Corey Ling<br />
Steph Lay<br />
<br />
== The Essay ==<br />
<br />
Let's actually breakdown the essay into components then write it here.<br />
<br />
I'd like to go along the premise that microkernels and and virtual machines are "weaker" than exokernels in design for the essay. If anyone has any objections, add it here. <br />
<br />
-Slade<br />
<br />
what do you mean by "weaker"(i think you mean exokernels' takes the best of both worlds ) --[[User:Asoknack|Asoknack]] 02:45, 13 October 2010 (UTC)<br />
<br />
What I mean by weaker is that we should focus on the things microkernels and virtual machines may not do as well compared to a system based off an exokernel design and then focus on how an exokenenel can take the best of both worlds. Please choose which section you will work on, that's not to say it'll be the only part you do, but rather we'll all contribute to each part please. 1 day left.<br />
-Slade<br />
<br />
...to the extent that exokernels be seen as a compromise between virtual machines and microkernels. <br />
-I'll work on the initial intro. -Slade<br />
<br />
3 paragraphs that prove it<br />
Explain how the key design characteristics of these three system architectures compare with each other. <br />
<br />
<br />
intro/thesis statement -Rovic P.<br />
<br />
Paragraph 1 -Microkernel -Jon S.<br />
<br />
Paragraph 2 -Virtual Machine -Steph L.<br />
<br />
Paragraph 3 -Exokernel -Corey L<br />
<br />
Paragraph 4 - Contrast/Compromise --[[User:Asoknack|Asoknack]]<br />
<br />
Conclusion - Jon S. - Only a sentence per paragraph, excluding Intro</div>Asoknackhttps://homeostasis.scs.carleton.ca/wiki/index.php?title=Talk:COMP_3000_Essay_1_2010_Question_1&diff=3164Talk:COMP 3000 Essay 1 2010 Question 12010-10-13T02:45:22Z<p>Asoknack: /* The Essay */</p>
<hr />
<div>== Microkernel == <br />
* Moving kernel functionality into processes contained in user space, e.g. file systems, drivers<br />
* Keep basic functionality in kernel to handle sharing of resources<br />
* Separation allows for manageability and security, corruption in one does not necessarily cause failure in system<br />
* Large amount of moving from a process to Kernel to user space and back again, this is a costly operation.<br />
<br />
----<br />
<br />
''' Microkernel '''<br />
* try's to minimize the amount of software that is mandatory or required [7]<br />
advantages of Microkernel<br />
* favors a modular system structure [7]<br />
* one failure of a program does not impact any other programs [7]<br />
* can support more than one api or strategies since all programs are separated [7]<br />
==== Microkernel Concepts ==== <br />
* piece of code is allowed in the kernel only if moving it outside the kernel would adversely affect the system. [7]<br />
* any subsystem program created must be independent of all other subsystem's, any subsystem that is used can guarantee this from all other subsystems [7]<br />
===== Address Space =====<br />
* a mapping that relates the physical page to the virtual page. [7]<br />
* processor specific [7]<br />
* hide's the hardware's concept of address space [7]<br />
* based off the idea of recursion each subsystem has it's own address space [7]<br />
* the micro kernel provides 3 operations [7]<br />
** Grant [7]<br />
*** allows the owner to give a page to a recipient, provided the recipient want's it the page is removed from the owner's address space and but in the recipients. [7]<br />
*** must be available to the owner. [7]<br />
** Map [7]<br />
*** allows the user to share a page with a recipient [7]<br />
*** page is not removed from the owner's address space. [7]<br />
** Flush [7]<br />
*** remove's the page from all recipients address space [7]<br />
*** how does this work with Grant --[[User:Asoknack|Asoknack]] 19:10, 12 October 2010 (UTC)<br />
* allows memory management and paging out side the kernel<br />
* Map and flush is required for memory manger's and pagers [7]<br />
* can be used to implement access right's [7]<br />
* controlling I/O Right's and driver's are not done at kernel level [7]<br />
<br />
===== Thread's IPC =====<br />
* Threads<br />
** in the kernel [7]<br />
** Since a thread has an address space , all changes to the thread need to be done by the kernel [7]<br />
* IPC [7]<br />
** in the kernel IPC<br />
** grant and map also need IPC (So buye the priciple above this has to be in the kernel)[7]<br />
** basic way for sub process to communicate. [7]<br />
* Interrupts<br />
** partially in the kernel [7]<br />
** hard ware is a set of thread's which are empty except for there unique sender id [7]<br />
** transformation of the message to the interrupt is done in the kernel [7]<br />
** the kernel is not involved in device - specific interrupt's and does not understand the interrupt. [7]<br />
*** resting the interrupt is done at user level [7]<br />
** if a privileged command is need it is done implicitly the next time an IPC command is sent from the device [7]<br />
<br />
===== Unique Identifiers =====<br />
<br />
== Virtual Machine ==<br />
* Partitioning or virtualizing resources among OS virtualization running on top of host OS<br />
* Virtualized OS believe running on full machine on its own<br />
<br />
----<br />
System Level Virtualization<br />
<br />
=== VMM ===<br />
* stands for Virtual Machine Monitor, also known as the hyper-visor[4]<br />
* responsible for virtualization of hardware(mapping physical to virtual) and the VM that run on top of the virtuallized hardware [4]<br />
* usually a small os with no drivers , so it is coupled with a linux distro that provides device / hardware access [4]<br />
** the os that the VMM is using for driver's is called the hostOS [6]<br />
*the hostOS provides login and physical access to the hardware as well as management for the VMM [6]<br />
=== VM ===<br />
* the OS that the vm is running is called the guestOS [6]<br />
* the guestOS only sees resources that have been allocated to the VM [6]<br />
==== three approaches ====<br />
*Type I virtualization [5]<br />
** runs off the physical hardware [4]<br />
** Isolation of the guestOs from the hardware is done threw processe level protection meachnism[6]<br />
*** ring 0 = VMM [6]<br />
*** ring 1 = VM [6]<br />
*** this means all instructions from the VM must go threw the VMM [6]<br />
** since there can be multiple VM's on a computer the scheduling is done by the VMM [6]<br />
** on boot the VMM creates a hardware platform for the VM [6]<br />
** load's the VM kernel into virtual memory and then boot's it like a regular computer [6]<br />
** ex. Xen [4]<br />
*Type II virtualization [5]<br />
** run off the host Os [4]<br />
** ex. VMware , QEMU [4]<br />
* Para-virtualization [6]<br />
** Similar to Type but use the HostOs for Device driver access [6]<br />
<br />
== Exokernel ==<br />
* Micro-kernel architecture with limited abstractions, ask for resource, get resource not resource abstraction<br />
* Less functionality provided by kernel, security and handling of resource sharing<br />
* Once application receives resource, it can use it as it wishes/in control<br />
* Keep the basic kernel to handle allocating resources and sharing rather than developing straight to the hardware<br />
<br />
----<br />
* multiplex resources securely providing protection to mutual distrustful application threw the use of secure binding's[1]<br />
* Goal of the exokernel is to give LibOS maximum freedom with out allowing them to interfere with each other. to do this the exokernel separates protection from management in doing this it provide 3 important tasks[1]<br />
** tracking ownership of resources [1]<br />
** ensuring protection by guarding all resource usage and binding points (not to shure what binding points are)[1]<br />
** revoking access to the resources [1]<br />
* LibrayOS (LibOs)<br />
** Reduces the number of kernel crossings[1]<br />
** Not trusted by the exokernel so can be trusted by the application , Example given is a bad parameter passed to the LibOs only the application is affected.[1] (So LibOs cant interact with kernel ???)<br />
** Any application running on the Exokernel can change the LibrayOs freely [1]<br />
** Application that use LibOS that implement standard interfaces (POSIX) will be portable on any system with the same interface [1]<br />
** LibOs can be made portable if it is designed to interact with a low-level machine independent level to hide hardware details [1]<br />
<br />
=== Exokernel Design ===<br />
==== Design Principles ====<br />
*Securely Expose Hardware [1]<br />
** an Exokernel tries to create low level primitives that the hardware resources can be accessed from, this also includes interrupts,exceptions [1]<br />
** the exokernel also export privileged instructions to the LibOS so that traditional OS abstractions can be implemented (eg Process , address pace)[1]<br />
** Exokernels should avoid resource management except when required protection ( allocation , revocation , ownership)[1]<br />
** application based resource management is the best way to build flexible efficient flexible systems [1]<br />
*Expose allocation[1]<br />
** allow LibOs to request physical resources [1]<br />
** resource allocation should not be automatic, the LibOS should participate in every single allocation decision [1]<br />
*Expose Names[1]<br />
** Use physical name's when ever possible[3] (not to sure what physical names are, I think it is as simple as what the hardware is called)--[[User:Asoknack|Asoknack]] 20:27, 9 October 2010 (UTC)<br />
** Physical names capture useful information [3]<br />
*** safer than and less resource intensive than virtual names as no translations are needed[3]<br />
*Expose Revocation [1]<br />
** use visible revocation protocol [1]<br />
** allows well behaved LibOS to preform application level resource management [1]<br />
** Visible revocation allows the LibOS to choose what instance of the resource to release[1](Visible means that when revocation happens the exokernel tell the LibOS that resource is being revoked)<br />
''' Policy '''<br />
* LibOS handle resource policy decisions<br />
* Exokernels have a policy to decided between competing LibOS (Priority , share of resources)<br />
** it enforces this threw allocation and deallocation (every thing can achieved threw this even what block to write and such)<br />
<br />
==== Secure Bindings ====<br />
* Used by the exokernel to allow the LibOS to bind to resources [1]<br />
* Allows the separation of protection and resource use [1]<br />
* only checks authorization during bind time [1]<br />
** Application's with complex needs for resources only authorized during bind.[1]<br />
* access checking is done during access time and there is no need to understand complex resources needs during access[1]<br />
** (this means that the exokernel checks once to make sure an application has authorization once approved, when the application tries to use the resource the exokernel is only concerned about policy conflict's)--[[User:Asoknack|Asoknack]] 18:20, 9 October 2010 (UTC)<br />
** allows the kernel to protect the resources with out understanding what the resource is [1]<br />
*three way's to implement<br />
* Hardware Mechanisms [1]<br />
* Software caching [1]<br />
* Downloading application code [1]<br />
''' Downloading Code to the Kernel '''<br />
* used to implement secure bindings , and improve performance[1]<br />
** eliminate the number of kernel crossings [1]<br />
** downloaded code can be run with out the application to be scheduled [2]<br />
==== Visible Resource Revocation ====<br />
* Used for most resources [1]<br />
** allows for LibOS to help with deallocation [1]<br />
** LibOS are able to garner what resources are scare [1]<br />
* Slower than Invisible as application involvement is required [1]<br />
** ex of when invisible is used is Processor addressing-context identifiers [1]<br />
==== Abort Protocol ====<br />
* allows the exokernel to take resources away from the LibOS [1]<br />
* used when the LibOS fails to respond to the revocation request [1]<br />
* Exokernel must be careful not to delete as the LibOS might need to write some system critical data to the resource [1]<br />
<br />
== Comparisons ==<br />
====Exokernel/Microkernel====<br />
'''Similarities'''<br />
* Limited functionality in kernel<br />
** functionality in kernel to handle sharing of resources and security<br />
** avoids programming directly to hardware which creates a dependency<br />
* Additional functionality provided in user space as processes<br />
'''Differences'''<br />
* Minimal abstractions provided by the kernel<br />
** Applications given more power in exokernel<br />
<br />
====Exokernel/VM====<br />
'''Similarities'''<br />
* Idea of partitioning resources between applications/OSs<br />
* "Control" of resource given<br />
* Isolation from other applications/OSs<br />
'''Differences'''<br />
* Exokernel runs applications, VM runs OS<br />
* VM uses a hostOS and guestOSs run on top<br />
* Virtualization on VMs, Exokernel deals with real resources<br />
* VM hides a lot of information because it emulates. Exokernel does not.<br />
<br />
====Microkernel/VM====<br />
'''Differences'''<br />
* With a virtual machine, you are not virtualizing apps like with a microkernel but virtualizing an entire Operating System.<br />
* This can be costly but the benefits are that it's easier and all the standard OS features are available.<br />
<br />
== References ==<br />
[1]<nowiki> Engler, D. R., Kaashoek, M. F., and O'Toole, J. 1995. Exokernel: an operating system architecture for application-level resource management. In Proceedings of the Fifteenth ACM Symposium on Operating Systems Principles (Copper Mountain, Colorado, United States, December 03 - 06, 1995). M. B. Jones, Ed. SOSP '95. ACM, New York, NY, 251-266. DOI= http://doi.acm.org/10.1145/224056.224076 </nowiki><br />
<br />
[2]<nowiki>Engler, Dawson R. "The Exokernel Operating System Architecture." Diss. Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 1998. Web. 9 Oct. 2010. <http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.61.5054&rep=rep1&type=pdf>.</nowiki><br />
<br />
[3]<nowiki>Kaashoek, M. F., Engler, D. R., Ganger, G. R., Briceño, H. M., Hunt, R., Mazières, D., Pinckney, T., Grimm, R., Jannotti, J., and Mackenzie, K. 1997. Application performance and flexibility on exokernel systems. In Proceedings of the Sixteenth ACM Symposium on Operating Systems Principles (Saint Malo, France, October 05 - 08, 1997). W. M. Waite, Ed. SOSP '97. ACM, New York, NY, 52-65. DOI= http://doi.acm.org/10.1145/268998.266644 </nowiki><br />
<br />
[4]<nowiki>Vallee, G.; Naughton, T.; Engelmann, C.; Hong Ong; Scott, S.L.; , "System-Level Virtualization for High Performance Computing," Parallel, Distributed and Network-Based Processing, 2008. PDP 2008. 16th Euromicro Conference on , vol., no., pp.636-643, 13-15 Feb. 2008<br />
DOI= http://doi.acm.org/10.1109/PDP.2008.85 </nowiki><br />
<br />
[5]<nowiki>Goldberg, R. P. 1973. Architecture of virtual machines. In Proceedings of the Workshop on Virtual Computer Systems (Cambridge, Massachusetts, United States, March 26 - 27, 1973). ACM, New York, NY, 74-112. DOI= http://doi.acm.org/10.1145/800122.803950 </nowiki><br />
<br />
[6]<nowiki>Vallee, G., Naughton, T., and Scott, S. L. 2007. System management software for virtual environments. In Proceedings of the 4th international Conference on Computing Frontiers (Ischia, Italy, May 07 - 09, 2007). CF '07. ACM, New York, NY, 153-160. DOI= http://doi.acm.org/10.1145/1242531.1242555 </nowiki><br />
<br />
[7]<nowiki>Liedtke, J. 1995. On micro-kernel construction. In Proceedings of the Fifteenth ACM Symposium on Operating Systems Principles (Copper Mountain, Colorado, United States, December 03 - 06, 1995). M. B. Jones, Ed. SOSP '95. ACM, New York, NY, 237-250. DOI= http://doi.acm.org/10.1145/224056.224075 </nowiki><br />
<br />
== Unsorted ==<br />
An overview of exokernels,virtual machines, microkernels *[http://www2.supchurch.org:10999/files/school/classes/CSCI4730/Lectures/grad-structures.ppt Overview](Power Point)<br><br />
Should not be used as a source but an overview.<br />
<br />
The original paper on [http://portal.acm.org/citation.cfm?id=224076 Exokernels] --[[User:Gautam|Gautam]] 22:39, 6 October 2010 (UTC)<br />
<br />
Exokernel-<br />
Minimalistic abstractions for developers<br />
Exokernels can be seen as a good compromise between virtual machines and microkernels in the sense that exokernels can give that low level access to developers similar to direct access through a protected layer and at the same time can contain enough hardware abstraction to allow similar benefit of hiding the hardware resources to application programs.<br />
Exokernel – fewest hardware abstractions to developer<br />
Microkernel - is the near-minimum amount of software that can provide the mechanisms needed to implement an operating system<br />
Virtual machine is a simulation of any or devices requested by an application program<br />
Exokenel – I’ve got a sound card<br />
Virtual Machine – I’ve got the sound card you’re looking for, perfect virtual match<br />
Microkernel – I’ve got sound card that plays Khazikstan sound format only<br />
MicroKernel - Very small, very predictable, good for schedualing (QNX is a microkernel - POSIX compatable, benefits of running linux software like modern browsers) <br />
<br />
This is some ideas I've got on this question, please contribute below<br />
-Rovic<br />
<br />
Outlining some main features here as I see them.<br />
<br />
I found that the exokernel was an even lower-level design than the microkernel, closer to the hardware without abstraction. They have the same architecture with the basic functionality contained in the kernel to manage everyone. As the exokernel "gives" the resource to the application it can use the resource in isolation of other applications (until forced to shared) much like VMs receive their resources, either partitioned or virtualized, and execute as if its running on its own machine. There is this similar notion of partitioning the resources among applications/OS and allowing them to take control of what they have. <br />
<br />
I'll locate some references later on. --[[User:Slay|Slay]] 15:00, 7 October 2010 (UTC)<br />
<br />
I'm just going to post my answer for question 1 on the individuel assignment and hope it helps. --[[User:Aellebla|Aellebla]] 15:06, 12 October 2010 (UTC)<br />
<br />
The design of the micro kernel was to take everything they could out of the Kernel and put it into a process. For ex, networking would be put into a process instead of staying in the kernel. The micro kernel dev's tried to keep lots of things in user space for efficiency. But one major problem with this is there would be a large amount of moving from a process to the kernel to user space and back again and this is a costly, non efficient process.It was an application specific OS, there was no multiplexing. With a virtual machine you are not virtualizing apps like with a microkernel but virtualizing an entire Operating System. This is very heavy however but the benefits are that it‟s easy and all the standard OS features are there whereas in a microkernel setup they would not all be there and this can be seen as a compromise.<br />
<br />
Exokernels can be seen as a compromise to virtual machines and microkernels because virtual machines emulate and exokernels do not. When you emulate something you hide a lot of the actual information because you wouldn‟t be able to see the „real‟ hardware. If we look at a virtual box setup running Linux, and we go look at all the hardware, it will be displayed as fake hardware.<br />
<br />
<br />
<br />
Maybe we can have an introduction - paragraph or so on each type - then similarities - differences - and the compromise. I am going to do some research and writing this weekend and I will put some up -- Jslonosky<br />
<br />
btw in my page (i guess you can call it that) i have some resources i have found --[[User:Asoknack|Asoknack]] 15:50, 8 October 2010 (UTC)<br />
- Wow, nice man. I will go ahead and write up the descriptive paragraphs on each kernel and virtual machine if no one minds. --Jslonosky<br />
<br />
I think we should divide up the paragraphs and proofread each others instead. (Are there only 4 of us?) I don't have much time to work on this today though but I'll try to work on it tomorrow morning. - Slay<br />
<br />
Sure guy. That sounds good. There should be 5 or 6 of us though.. . Oh well. Their loss. I will do some before or after work today. Ill start with Microkernel since there is not a large amount of info here, and so we don't overlap each other - JSlonosky<br />
<br />
yeah i think there was more like 7 of us btw if any one has any more information feel free to add it would be nice if you add the references so that way citing is really easy on acm.org it will auto give you the citation info (where it says Display Formats click on ACM Ref and new window with the citation info auto pop's up) --[[User:Asoknack|Asoknack]] 02:28, 11 October 2010 (UTC)<br />
<br />
I added an outline of the similarities and differences. Add any more that I missed. These are from observations so I don't have any resources. -Slay<br />
That's probably fine. Our textbook probably outlines some of them, so I am sure we can find a few there - JSlonosky<br />
<br />
Talked to the teacher today and for VM he said we should focus on the implementation such as Xen and VMware , he also said to talk about para virtualization --[[User:Asoknack|Asoknack]] 18:42, 12 October 2010 (UTC)<br />
<br />
== The Essay ==<br />
<br />
Let's actually breakdown the essay into components then write it here.<br />
<br />
I'd like to go along the premise that microkernels and and virtual machines are "weaker" than exokernels in design for the essay. If anyone has any objections, add it here. <br />
<br />
-Slade<br />
<br />
what do you mean by "weaker"(i think you mean exokernels' takes the best of both worlds ) --[[User:Asoknack|Asoknack]] 02:45, 13 October 2010 (UTC)<br />
<br />
We have our intro/thesis statement<br />
<br />
<br />
<br />
...to the extent that exokernels be seen as a compromise between virtual machines and microkernels. <br />
-I'll work on the initial intro, should have it ready by tonight. -Slade<br />
<br />
3 paragraphs that prove it<br />
Explain how the key design characteristics of these three system architectures compare with each other. <br />
<br />
and conclusion</div>Asoknackhttps://homeostasis.scs.carleton.ca/wiki/index.php?title=Talk:COMP_3000_Essay_1_2010_Question_1&diff=3105Talk:COMP 3000 Essay 1 2010 Question 12010-10-12T19:39:48Z<p>Asoknack: /* Address Space */</p>
<hr />
<div>== Microkernel == <br />
* Moving kernel functionality into processes contained in user space, e.g. file systems, drivers<br />
* Keep basic functionality in kernel to handle sharing of resources<br />
* Separation allows for manageability and security, corruption in one does not necessarily cause failure in system<br />
* Large amount of moving from a process to Kernel to user space and back again, this is a costly operation.<br />
<br />
----<br />
<br />
''' Microkernel '''<br />
* try's to minimize the amount of software that is mandatory or required [7]<br />
advantages of Microkernel<br />
* favors a modular system structure [7]<br />
* one failure of a program does not impact any other programs [7]<br />
* can support more than one api or strategies since all programs are separated [7]<br />
==== Microkernel Concepts ==== <br />
* piece of code is allowed in the kernel only if moving it outside the kernel would adversely affect the system. [7]<br />
* any subsystem program created must be independent of all other subsystem's, any subsystem that is used can guarantee this from all other subsystems [7]<br />
===== Address Space =====<br />
* a mapping that relates the physical page to the virtual page. [7]<br />
* processor specific [7]<br />
* hide's the hardware's concept of address space [7]<br />
* based off the idea of recursion each subsystem has it's own address space [7]<br />
* the micro kernel provides 3 operations [7]<br />
** Grant [7]<br />
*** allows the owner to give a page to a recipient, provided the recipient want's it the page is removed from the owner's address space and but in the recipients. [7]<br />
*** must be available to the owner. [7]<br />
** Map [7]<br />
*** allows the user to share a page with a recipient [7]<br />
*** page is not removed from the owner's address space. [7]<br />
** Flush [7]<br />
*** remove's the page from all recipients address space [7]<br />
*** how does this work with Grant --[[User:Asoknack|Asoknack]] 19:10, 12 October 2010 (UTC)<br />
* allows memory management and paging out side the kernel<br />
* Map and flush is required for memory manger's and pagers [7]<br />
* can be used to implement access right's [7]<br />
* controlling I/O Right's and driver's are not done at kernel level [7]<br />
<br />
===== Thread's IPC =====<br />
* Threads<br />
** in the kernel [7]<br />
** Since a thread has an address space , all changes to the thread need to be done by the kernel [7]<br />
* IPC [7]<br />
** in the kernel IPC<br />
** grant and map also need IPC (So buye the priciple above this has to be in the kernel)[7]<br />
** basic way for sub process to communicate. [7]<br />
* Interrupts<br />
** partially in the kernel [7]<br />
** hard ware is a set of thread's which are empty except for there unique sender id [7]<br />
** transformation of the message to the interrupt is done in the kernel [7]<br />
** the kernel is not involved in device - specific interrupt's and does not understand the interrupt. [7]<br />
*** resting the interrupt is done at user level [7]<br />
** if a privileged command is need it is done implicitly the next time an IPC command is sent from the device [7]<br />
<br />
===== Unique Identifiers =====<br />
<br />
== Virtual Machine ==<br />
* Partitioning or virtualizing resources among OS virtualization running on top of host OS<br />
* Virtualized OS believe running on full machine on its own<br />
<br />
----<br />
System Level Virtualization<br />
<br />
=== VMM ===<br />
* stands for Virtual Machine Monitor, also known as the hyper-visor[4]<br />
* responsible for virtualization of hardware(mapping physical to virtual) and the VM that run on top of the virtuallized hardware [4]<br />
* usually a small os with no drivers , so it is coupled with a linux distro that provides device / hardware access [4]<br />
** the os that the VMM is using for driver's is called the hostOS [6]<br />
*the hostOS provides login and physical access to the hardware as well as management for the VMM [6]<br />
=== VM ===<br />
* the OS that the vm is running is called the guestOS [6]<br />
* the guestOS only sees resources that have been allocated to the VM [6]<br />
==== three approaches ====<br />
*Type I virtualization [5]<br />
** runs off the physical hardware [4]<br />
** Isolation of the guestOs from the hardware is done threw processe level protection meachnism[6]<br />
*** ring 0 = VMM [6]<br />
*** ring 1 = VM [6]<br />
*** this means all instructions from the VM must go threw the VMM [6]<br />
** since there can be multiple VM's on a computer the scheduling is done by the VMM [6]<br />
** on boot the VMM creates a hardware platform for the VM [6]<br />
** load's the VM kernel into virtual memory and then boot's it like a regular computer [6]<br />
** ex. Xen [4]<br />
*Type II virtualization [5]<br />
** run off the host Os [4]<br />
** ex. VMware , QEMU [4]<br />
* Para-virtualization [6]<br />
** Similar to Type but use the HostOs for Device driver access [6]<br />
<br />
== Exokernel ==<br />
* Micro-kernel architecture with limited abstractions, ask for resource, get resource not resource abstraction<br />
* Less functionality provided by kernel, security and handling of resource sharing<br />
* Once application receives resource, it can use it as it wishes/in control<br />
* Keep the basic kernel to handle allocating resources and sharing rather than developing straight to the hardware<br />
<br />
----<br />
* multiplex resources securely providing protection to mutual distrustful application threw the use of secure binding's[1]<br />
* Goal of the exokernel is to give LibOS maximum freedom with out allowing them to interfere with each other. to do this the exokernel separates protection from management in doing this it provide 3 important tasks[1]<br />
** tracking ownership of resources [1]<br />
** ensuring protection by guarding all resource usage and binding points (not to shure what binding points are)[1]<br />
** revoking access to the resources [1]<br />
* LibrayOS (LibOs)<br />
** Reduces the number of kernel crossings[1]<br />
** Not trusted by the exokernel so can be trusted by the application , Example given is a bad parameter passed to the LibOs only the application is affected.[1] (So LibOs cant interact with kernel ???)<br />
** Any application running on the Exokernel can change the LibrayOs freely [1]<br />
** Application that use LibOS that implement standard interfaces (POSIX) will be portable on any system with the same interface [1]<br />
** LibOs can be made portable if it is designed to interact with a low-level machine independent level to hide hardware details [1]<br />
<br />
=== Exokernel Design ===<br />
==== Design Principles ====<br />
*Securely Expose Hardware [1]<br />
** an Exokernel tries to create low level primitives that the hardware resources can be accessed from, this also includes interrupts,exceptions [1]<br />
** the exokernel also export privileged instructions to the LibOS so that traditional OS abstractions can be implemented (eg Process , address pace)[1]<br />
** Exokernels should avoid resource management except when required protection ( allocation , revocation , ownership)[1]<br />
** application based resource management is the best way to build flexible efficient flexible systems [1]<br />
*Expose allocation[1]<br />
** allow LibOs to request physical resources [1]<br />
** resource allocation should not be automatic, the LibOS should participate in every single allocation decision [1]<br />
*Expose Names[1]<br />
** Use physical name's when ever possible[3] (not to sure what physical names are, I think it is as simple as what the hardware is called)--[[User:Asoknack|Asoknack]] 20:27, 9 October 2010 (UTC)<br />
** Physical names capture useful information [3]<br />
*** safer than and less resource intensive than virtual names as no translations are needed[3]<br />
*Expose Revocation [1]<br />
** use visible revocation protocol [1]<br />
** allows well behaved LibOS to preform application level resource management [1]<br />
** Visible revocation allows the LibOS to choose what instance of the resource to release[1](Visible means that when revocation happens the exokernel tell the LibOS that resource is being revoked)<br />
''' Policy '''<br />
* LibOS handle resource policy decisions<br />
* Exokernels have a policy to decided between competing LibOS (Priority , share of resources)<br />
** it enforces this threw allocation and deallocation (every thing can achieved threw this even what block to write and such)<br />
<br />
==== Secure Bindings ====<br />
* Used by the exokernel to allow the LibOS to bind to resources [1]<br />
* Allows the separation of protection and resource use [1]<br />
* only checks authorization during bind time [1]<br />
** Application's with complex needs for resources only authorized during bind.[1]<br />
* access checking is done during access time and there is no need to understand complex resources needs during access[1]<br />
** (this means that the exokernel checks once to make sure an application has authorization once approved, when the application tries to use the resource the exokernel is only concerned about policy conflict's)--[[User:Asoknack|Asoknack]] 18:20, 9 October 2010 (UTC)<br />
** allows the kernel to protect the resources with out understanding what the resource is [1]<br />
*three way's to implement<br />
* Hardware Mechanisms [1]<br />
* Software caching [1]<br />
* Downloading application code [1]<br />
''' Downloading Code to the Kernel '''<br />
* used to implement secure bindings , and improve performance[1]<br />
** eliminate the number of kernel crossings [1]<br />
** downloaded code can be run with out the application to be scheduled [2]<br />
==== Visible Resource Revocation ====<br />
* Used for most resources [1]<br />
** allows for LibOS to help with deallocation [1]<br />
** LibOS are able to garner what resources are scare [1]<br />
* Slower than Invisible as application involvement is required [1]<br />
** ex of when invisible is used is Processor addressing-context identifiers [1]<br />
==== Abort Protocol ====<br />
* allows the exokernel to take resources away from the LibOS [1]<br />
* used when the LibOS fails to respond to the revocation request [1]<br />
* Exokernel must be careful not to delete as the LibOS might need to write some system critical data to the resource [1]<br />
<br />
== Comparisons ==<br />
====Exokernel/Microkernel====<br />
'''Similarities'''<br />
* Limited functionality in kernel<br />
** functionality in kernel to handle sharing of resources and security<br />
** avoids programming directly to hardware which creates a dependency<br />
* Additional functionality provided in user space as processes<br />
'''Differences'''<br />
* Minimal abstractions provided by the kernel<br />
** Applications given more power in exokernel<br />
<br />
====Exokernel/VM====<br />
'''Similarities'''<br />
* Idea of partitioning resources between applications/OSs<br />
* "Control" of resource given<br />
* Isolation from other applications/OSs<br />
'''Differences'''<br />
* Exokernel runs applications, VM runs OS<br />
* VM uses a hostOS and guestOSs run on top<br />
* Virtualization on VMs, Exokernel deals with real resources<br />
* VM hides a lot of information because it emulates. Exokernel does not.<br />
<br />
====Microkernel/VM====<br />
'''Differences'''<br />
* With a virtual machine, you are not virtualizing apps like with a microkernel but virtualizing an entire Operating System.<br />
* This can be costly but the benefits are that it's easier and all the standard OS features are available.<br />
<br />
== References ==<br />
[1]<nowiki> Engler, D. R., Kaashoek, M. F., and O'Toole, J. 1995. Exokernel: an operating system architecture for application-level resource management. In Proceedings of the Fifteenth ACM Symposium on Operating Systems Principles (Copper Mountain, Colorado, United States, December 03 - 06, 1995). M. B. Jones, Ed. SOSP '95. ACM, New York, NY, 251-266. DOI= http://doi.acm.org/10.1145/224056.224076 </nowiki><br />
<br />
[2]<nowiki>Engler, Dawson R. "The Exokernel Operating System Architecture." Diss. Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 1998. Web. 9 Oct. 2010. <http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.61.5054&rep=rep1&type=pdf>.</nowiki><br />
<br />
[3]<nowiki>Kaashoek, M. F., Engler, D. R., Ganger, G. R., Briceño, H. M., Hunt, R., Mazières, D., Pinckney, T., Grimm, R., Jannotti, J., and Mackenzie, K. 1997. Application performance and flexibility on exokernel systems. In Proceedings of the Sixteenth ACM Symposium on Operating Systems Principles (Saint Malo, France, October 05 - 08, 1997). W. M. Waite, Ed. SOSP '97. ACM, New York, NY, 52-65. DOI= http://doi.acm.org/10.1145/268998.266644 </nowiki><br />
<br />
[4]<nowiki>Vallee, G.; Naughton, T.; Engelmann, C.; Hong Ong; Scott, S.L.; , "System-Level Virtualization for High Performance Computing," Parallel, Distributed and Network-Based Processing, 2008. PDP 2008. 16th Euromicro Conference on , vol., no., pp.636-643, 13-15 Feb. 2008<br />
DOI= http://doi.acm.org/10.1109/PDP.2008.85 </nowiki><br />
<br />
[5]<nowiki>Goldberg, R. P. 1973. Architecture of virtual machines. In Proceedings of the Workshop on Virtual Computer Systems (Cambridge, Massachusetts, United States, March 26 - 27, 1973). ACM, New York, NY, 74-112. DOI= http://doi.acm.org/10.1145/800122.803950 </nowiki><br />
<br />
[6]<nowiki>Vallee, G., Naughton, T., and Scott, S. L. 2007. System management software for virtual environments. In Proceedings of the 4th international Conference on Computing Frontiers (Ischia, Italy, May 07 - 09, 2007). CF '07. ACM, New York, NY, 153-160. DOI= http://doi.acm.org/10.1145/1242531.1242555 </nowiki><br />
<br />
[7]<nowiki>Liedtke, J. 1995. On micro-kernel construction. In Proceedings of the Fifteenth ACM Symposium on Operating Systems Principles (Copper Mountain, Colorado, United States, December 03 - 06, 1995). M. B. Jones, Ed. SOSP '95. ACM, New York, NY, 237-250. DOI= http://doi.acm.org/10.1145/224056.224075 </nowiki><br />
<br />
== Unsorted ==<br />
An overview of exokernels,virtual machines, microkernels *[http://www2.supchurch.org:10999/files/school/classes/CSCI4730/Lectures/grad-structures.ppt Overview](Power Point)<br><br />
Should not be used as a source but an overview.<br />
<br />
The original paper on [http://portal.acm.org/citation.cfm?id=224076 Exokernels] --[[User:Gautam|Gautam]] 22:39, 6 October 2010 (UTC)<br />
<br />
Exokernel-<br />
Minimalistic abstractions for developers<br />
Exokernels can be seen as a good compromise between virtual machines and microkernels in the sense that exokernels can give that low level access to developers similar to direct access through a protected layer and at the same time can contain enough hardware abstraction to allow similar benefit of hiding the hardware resources to application programs.<br />
Exokernel – fewest hardware abstractions to developer<br />
Microkernel - is the near-minimum amount of software that can provide the mechanisms needed to implement an operating system<br />
Virtual machine is a simulation of any or devices requested by an application program<br />
Exokenel – I’ve got a sound card<br />
Virtual Machine – I’ve got the sound card you’re looking for, perfect virtual match<br />
Microkernel – I’ve got sound card that plays Khazikstan sound format only<br />
MicroKernel - Very small, very predictable, good for schedualing (QNX is a microkernel - POSIX compatable, benefits of running linux software like modern browsers) <br />
<br />
This is some ideas I've got on this question, please contribute below<br />
-Rovic<br />
<br />
Outlining some main features here as I see them.<br />
<br />
I found that the exokernel was an even lower-level design than the microkernel, closer to the hardware without abstraction. They have the same architecture with the basic functionality contained in the kernel to manage everyone. As the exokernel "gives" the resource to the application it can use the resource in isolation of other applications (until forced to shared) much like VMs receive their resources, either partitioned or virtualized, and execute as if its running on its own machine. There is this similar notion of partitioning the resources among applications/OS and allowing them to take control of what they have. <br />
<br />
I'll locate some references later on. --[[User:Slay|Slay]] 15:00, 7 October 2010 (UTC)<br />
<br />
I'm just going to post my answer for question 1 on the individuel assignment and hope it helps. --[[User:Aellebla|Aellebla]] 15:06, 12 October 2010 (UTC)<br />
<br />
The design of the micro kernel was to take everything they could out of the Kernel and put it into a process. For ex, networking would be put into a process instead of staying in the kernel. The micro kernel dev's tried to keep lots of things in user space for efficiency. But one major problem with this is there would be a large amount of moving from a process to the kernel to user space and back again and this is a costly, non efficient process.It was an application specific OS, there was no multiplexing. With a virtual machine you are not virtualizing apps like with a microkernel but virtualizing an entire Operating System. This is very heavy however but the benefits are that it‟s easy and all the standard OS features are there whereas in a microkernel setup they would not all be there and this can be seen as a compromise.<br />
<br />
Exokernels can be seen as a compromise to virtual machines and microkernels because virtual machines emulate and exokernels do not. When you emulate something you hide a lot of the actual information because you wouldn‟t be able to see the „real‟ hardware. If we look at a virtual box setup running Linux, and we go look at all the hardware, it will be displayed as fake hardware.<br />
<br />
<br />
<br />
Maybe we can have an introduction - paragraph or so on each type - then similarities - differences - and the compromise. I am going to do some research and writing this weekend and I will put some up -- Jslonosky<br />
<br />
btw in my page (i guess you can call it that) i have some resources i have found --[[User:Asoknack|Asoknack]] 15:50, 8 October 2010 (UTC)<br />
- Wow, nice man. I will go ahead and write up the descriptive paragraphs on each kernel and virtual machine if no one minds. --Jslonosky<br />
<br />
I think we should divide up the paragraphs and proofread each others instead. (Are there only 4 of us?) I don't have much time to work on this today though but I'll try to work on it tomorrow morning. - Slay<br />
<br />
Sure guy. That sounds good. There should be 5 or 6 of us though.. . Oh well. Their loss. I will do some before or after work today. Ill start with Microkernel since there is not a large amount of info here, and so we don't overlap each other - JSlonosky<br />
<br />
yeah i think there was more like 7 of us btw if any one has any more information feel free to add it would be nice if you add the references so that way citing is really easy on acm.org it will auto give you the citation info (where it says Display Formats click on ACM Ref and new window with the citation info auto pop's up) --[[User:Asoknack|Asoknack]] 02:28, 11 October 2010 (UTC)<br />
<br />
I added an outline of the similarities and differences. Add any more that I missed. These are from observations so I don't have any resources. -Slay<br />
That's probably fine. Our textbook probably outlines some of them, so I am sure we can find a few there - JSlonosky<br />
<br />
Talked to the teacher today and for VM he said we should focus on the implementation such as Xen and VMware , he also said to talk about para virtualization --[[User:Asoknack|Asoknack]] 18:42, 12 October 2010 (UTC)<br />
<br />
== The Essay ==<br />
<br />
Let's actually breakdown the essay into components then write it here.<br />
<br />
We have our intro/thesis statement<br />
<br />
<br />
<br />
...to the extent that exokernels be seen as a compromise between virtual machines and microkernels. <br />
-I'll work on the initial intro, should have it ready by tonight. -Slade<br />
<br />
3 paragraphs that prove it<br />
Explain how the key design characteristics of these three system architectures compare with each other. <br />
<br />
and conclusion</div>Asoknackhttps://homeostasis.scs.carleton.ca/wiki/index.php?title=Talk:COMP_3000_Essay_1_2010_Question_1&diff=3104Talk:COMP 3000 Essay 1 2010 Question 12010-10-12T19:38:16Z<p>Asoknack: /* Thread's IPC */</p>
<hr />
<div>== Microkernel == <br />
* Moving kernel functionality into processes contained in user space, e.g. file systems, drivers<br />
* Keep basic functionality in kernel to handle sharing of resources<br />
* Separation allows for manageability and security, corruption in one does not necessarily cause failure in system<br />
* Large amount of moving from a process to Kernel to user space and back again, this is a costly operation.<br />
<br />
----<br />
<br />
''' Microkernel '''<br />
* try's to minimize the amount of software that is mandatory or required [7]<br />
advantages of Microkernel<br />
* favors a modular system structure [7]<br />
* one failure of a program does not impact any other programs [7]<br />
* can support more than one api or strategies since all programs are separated [7]<br />
==== Microkernel Concepts ==== <br />
* piece of code is allowed in the kernel only if moving it outside the kernel would adversely affect the system. [7]<br />
* any subsystem program created must be independent of all other subsystem's, any subsystem that is used can guarantee this from all other subsystems [7]<br />
===== Address Space =====<br />
* a mapping that relates the physical page to the virtual page. [7]<br />
* hide's the hardware's concept of address space [7]<br />
* based off the idea of recursion each subsystem has it's own address space [7]<br />
* the micro kernel provides 3 operations [7]<br />
** Grant [7]<br />
*** allows the owner to give a page to a recipient, provided the recipient want's it the page is removed from the owner's address space and but in the recipients. [7]<br />
*** must be available to the owner. [7]<br />
** Map [7]<br />
*** allows the user to share a page with a recipient [7]<br />
*** page is not removed from the owner's address space. [7]<br />
** Flush [7]<br />
*** remove's the page from all recipients address space [7]<br />
*** how does this work with Grant --[[User:Asoknack|Asoknack]] 19:10, 12 October 2010 (UTC)<br />
* allows memory management and paging out side the kernel<br />
* Map and flush is required for memory manger's and pagers [7]<br />
* can be used to implement access right's [7]<br />
* controlling I/O Right's and driver's are not done at kernel level [7]<br />
<br />
===== Thread's IPC =====<br />
* Threads<br />
** in the kernel [7]<br />
** Since a thread has an address space , all changes to the thread need to be done by the kernel [7]<br />
* IPC [7]<br />
** in the kernel IPC<br />
** grant and map also need IPC (So buye the priciple above this has to be in the kernel)[7]<br />
** basic way for sub process to communicate. [7]<br />
* Interrupts<br />
** partially in the kernel [7]<br />
** hard ware is a set of thread's which are empty except for there unique sender id [7]<br />
** transformation of the message to the interrupt is done in the kernel [7]<br />
** the kernel is not involved in device - specific interrupt's and does not understand the interrupt. [7]<br />
*** resting the interrupt is done at user level [7]<br />
** if a privileged command is need it is done implicitly the next time an IPC command is sent from the device [7]<br />
<br />
===== Unique Identifiers =====<br />
<br />
== Virtual Machine ==<br />
* Partitioning or virtualizing resources among OS virtualization running on top of host OS<br />
* Virtualized OS believe running on full machine on its own<br />
<br />
----<br />
System Level Virtualization<br />
<br />
=== VMM ===<br />
* stands for Virtual Machine Monitor, also known as the hyper-visor[4]<br />
* responsible for virtualization of hardware(mapping physical to virtual) and the VM that run on top of the virtuallized hardware [4]<br />
* usually a small os with no drivers , so it is coupled with a linux distro that provides device / hardware access [4]<br />
** the os that the VMM is using for driver's is called the hostOS [6]<br />
*the hostOS provides login and physical access to the hardware as well as management for the VMM [6]<br />
=== VM ===<br />
* the OS that the vm is running is called the guestOS [6]<br />
* the guestOS only sees resources that have been allocated to the VM [6]<br />
==== three approaches ====<br />
*Type I virtualization [5]<br />
** runs off the physical hardware [4]<br />
** Isolation of the guestOs from the hardware is done threw processe level protection meachnism[6]<br />
*** ring 0 = VMM [6]<br />
*** ring 1 = VM [6]<br />
*** this means all instructions from the VM must go threw the VMM [6]<br />
** since there can be multiple VM's on a computer the scheduling is done by the VMM [6]<br />
** on boot the VMM creates a hardware platform for the VM [6]<br />
** load's the VM kernel into virtual memory and then boot's it like a regular computer [6]<br />
** ex. Xen [4]<br />
*Type II virtualization [5]<br />
** run off the host Os [4]<br />
** ex. VMware , QEMU [4]<br />
* Para-virtualization [6]<br />
** Similar to Type but use the HostOs for Device driver access [6]<br />
<br />
== Exokernel ==<br />
* Micro-kernel architecture with limited abstractions, ask for resource, get resource not resource abstraction<br />
* Less functionality provided by kernel, security and handling of resource sharing<br />
* Once application receives resource, it can use it as it wishes/in control<br />
* Keep the basic kernel to handle allocating resources and sharing rather than developing straight to the hardware<br />
<br />
----<br />
* multiplex resources securely providing protection to mutual distrustful application threw the use of secure binding's[1]<br />
* Goal of the exokernel is to give LibOS maximum freedom with out allowing them to interfere with each other. to do this the exokernel separates protection from management in doing this it provide 3 important tasks[1]<br />
** tracking ownership of resources [1]<br />
** ensuring protection by guarding all resource usage and binding points (not to shure what binding points are)[1]<br />
** revoking access to the resources [1]<br />
* LibrayOS (LibOs)<br />
** Reduces the number of kernel crossings[1]<br />
** Not trusted by the exokernel so can be trusted by the application , Example given is a bad parameter passed to the LibOs only the application is affected.[1] (So LibOs cant interact with kernel ???)<br />
** Any application running on the Exokernel can change the LibrayOs freely [1]<br />
** Application that use LibOS that implement standard interfaces (POSIX) will be portable on any system with the same interface [1]<br />
** LibOs can be made portable if it is designed to interact with a low-level machine independent level to hide hardware details [1]<br />
<br />
=== Exokernel Design ===<br />
==== Design Principles ====<br />
*Securely Expose Hardware [1]<br />
** an Exokernel tries to create low level primitives that the hardware resources can be accessed from, this also includes interrupts,exceptions [1]<br />
** the exokernel also export privileged instructions to the LibOS so that traditional OS abstractions can be implemented (eg Process , address pace)[1]<br />
** Exokernels should avoid resource management except when required protection ( allocation , revocation , ownership)[1]<br />
** application based resource management is the best way to build flexible efficient flexible systems [1]<br />
*Expose allocation[1]<br />
** allow LibOs to request physical resources [1]<br />
** resource allocation should not be automatic, the LibOS should participate in every single allocation decision [1]<br />
*Expose Names[1]<br />
** Use physical name's when ever possible[3] (not to sure what physical names are, I think it is as simple as what the hardware is called)--[[User:Asoknack|Asoknack]] 20:27, 9 October 2010 (UTC)<br />
** Physical names capture useful information [3]<br />
*** safer than and less resource intensive than virtual names as no translations are needed[3]<br />
*Expose Revocation [1]<br />
** use visible revocation protocol [1]<br />
** allows well behaved LibOS to preform application level resource management [1]<br />
** Visible revocation allows the LibOS to choose what instance of the resource to release[1](Visible means that when revocation happens the exokernel tell the LibOS that resource is being revoked)<br />
''' Policy '''<br />
* LibOS handle resource policy decisions<br />
* Exokernels have a policy to decided between competing LibOS (Priority , share of resources)<br />
** it enforces this threw allocation and deallocation (every thing can achieved threw this even what block to write and such)<br />
<br />
==== Secure Bindings ====<br />
* Used by the exokernel to allow the LibOS to bind to resources [1]<br />
* Allows the separation of protection and resource use [1]<br />
* only checks authorization during bind time [1]<br />
** Application's with complex needs for resources only authorized during bind.[1]<br />
* access checking is done during access time and there is no need to understand complex resources needs during access[1]<br />
** (this means that the exokernel checks once to make sure an application has authorization once approved, when the application tries to use the resource the exokernel is only concerned about policy conflict's)--[[User:Asoknack|Asoknack]] 18:20, 9 October 2010 (UTC)<br />
** allows the kernel to protect the resources with out understanding what the resource is [1]<br />
*three way's to implement<br />
* Hardware Mechanisms [1]<br />
* Software caching [1]<br />
* Downloading application code [1]<br />
''' Downloading Code to the Kernel '''<br />
* used to implement secure bindings , and improve performance[1]<br />
** eliminate the number of kernel crossings [1]<br />
** downloaded code can be run with out the application to be scheduled [2]<br />
==== Visible Resource Revocation ====<br />
* Used for most resources [1]<br />
** allows for LibOS to help with deallocation [1]<br />
** LibOS are able to garner what resources are scare [1]<br />
* Slower than Invisible as application involvement is required [1]<br />
** ex of when invisible is used is Processor addressing-context identifiers [1]<br />
==== Abort Protocol ====<br />
* allows the exokernel to take resources away from the LibOS [1]<br />
* used when the LibOS fails to respond to the revocation request [1]<br />
* Exokernel must be careful not to delete as the LibOS might need to write some system critical data to the resource [1]<br />
<br />
== Comparisons ==<br />
====Exokernel/Microkernel====<br />
'''Similarities'''<br />
* Limited functionality in kernel<br />
** functionality in kernel to handle sharing of resources and security<br />
** avoids programming directly to hardware which creates a dependency<br />
* Additional functionality provided in user space as processes<br />
'''Differences'''<br />
* Minimal abstractions provided by the kernel<br />
** Applications given more power in exokernel<br />
<br />
====Exokernel/VM====<br />
'''Similarities'''<br />
* Idea of partitioning resources between applications/OSs<br />
* "Control" of resource given<br />
* Isolation from other applications/OSs<br />
'''Differences'''<br />
* Exokernel runs applications, VM runs OS<br />
* VM uses a hostOS and guestOSs run on top<br />
* Virtualization on VMs, Exokernel deals with real resources<br />
* VM hides a lot of information because it emulates. Exokernel does not.<br />
<br />
====Microkernel/VM====<br />
'''Differences'''<br />
* With a virtual machine, you are not virtualizing apps like with a microkernel but virtualizing an entire Operating System.<br />
* This can be costly but the benefits are that it's easier and all the standard OS features are available.<br />
<br />
== References ==<br />
[1]<nowiki> Engler, D. R., Kaashoek, M. F., and O'Toole, J. 1995. Exokernel: an operating system architecture for application-level resource management. In Proceedings of the Fifteenth ACM Symposium on Operating Systems Principles (Copper Mountain, Colorado, United States, December 03 - 06, 1995). M. B. Jones, Ed. SOSP '95. ACM, New York, NY, 251-266. DOI= http://doi.acm.org/10.1145/224056.224076 </nowiki><br />
<br />
[2]<nowiki>Engler, Dawson R. "The Exokernel Operating System Architecture." Diss. Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 1998. Web. 9 Oct. 2010. <http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.61.5054&rep=rep1&type=pdf>.</nowiki><br />
<br />
[3]<nowiki>Kaashoek, M. F., Engler, D. R., Ganger, G. R., Briceño, H. M., Hunt, R., Mazières, D., Pinckney, T., Grimm, R., Jannotti, J., and Mackenzie, K. 1997. Application performance and flexibility on exokernel systems. In Proceedings of the Sixteenth ACM Symposium on Operating Systems Principles (Saint Malo, France, October 05 - 08, 1997). W. M. Waite, Ed. SOSP '97. ACM, New York, NY, 52-65. DOI= http://doi.acm.org/10.1145/268998.266644 </nowiki><br />
<br />
[4]<nowiki>Vallee, G.; Naughton, T.; Engelmann, C.; Hong Ong; Scott, S.L.; , "System-Level Virtualization for High Performance Computing," Parallel, Distributed and Network-Based Processing, 2008. PDP 2008. 16th Euromicro Conference on , vol., no., pp.636-643, 13-15 Feb. 2008<br />
DOI= http://doi.acm.org/10.1109/PDP.2008.85 </nowiki><br />
<br />
[5]<nowiki>Goldberg, R. P. 1973. Architecture of virtual machines. In Proceedings of the Workshop on Virtual Computer Systems (Cambridge, Massachusetts, United States, March 26 - 27, 1973). ACM, New York, NY, 74-112. DOI= http://doi.acm.org/10.1145/800122.803950 </nowiki><br />
<br />
[6]<nowiki>Vallee, G., Naughton, T., and Scott, S. L. 2007. System management software for virtual environments. In Proceedings of the 4th international Conference on Computing Frontiers (Ischia, Italy, May 07 - 09, 2007). CF '07. ACM, New York, NY, 153-160. DOI= http://doi.acm.org/10.1145/1242531.1242555 </nowiki><br />
<br />
[7]<nowiki>Liedtke, J. 1995. On micro-kernel construction. In Proceedings of the Fifteenth ACM Symposium on Operating Systems Principles (Copper Mountain, Colorado, United States, December 03 - 06, 1995). M. B. Jones, Ed. SOSP '95. ACM, New York, NY, 237-250. DOI= http://doi.acm.org/10.1145/224056.224075 </nowiki><br />
<br />
== Unsorted ==<br />
An overview of exokernels,virtual machines, microkernels *[http://www2.supchurch.org:10999/files/school/classes/CSCI4730/Lectures/grad-structures.ppt Overview](Power Point)<br><br />
Should not be used as a source but an overview.<br />
<br />
The original paper on [http://portal.acm.org/citation.cfm?id=224076 Exokernels] --[[User:Gautam|Gautam]] 22:39, 6 October 2010 (UTC)<br />
<br />
Exokernel-<br />
Minimalistic abstractions for developers<br />
Exokernels can be seen as a good compromise between virtual machines and microkernels in the sense that exokernels can give that low level access to developers similar to direct access through a protected layer and at the same time can contain enough hardware abstraction to allow similar benefit of hiding the hardware resources to application programs.<br />
Exokernel – fewest hardware abstractions to developer<br />
Microkernel - is the near-minimum amount of software that can provide the mechanisms needed to implement an operating system<br />
Virtual machine is a simulation of any or devices requested by an application program<br />
Exokenel – I’ve got a sound card<br />
Virtual Machine – I’ve got the sound card you’re looking for, perfect virtual match<br />
Microkernel – I’ve got sound card that plays Khazikstan sound format only<br />
MicroKernel - Very small, very predictable, good for schedualing (QNX is a microkernel - POSIX compatable, benefits of running linux software like modern browsers) <br />
<br />
This is some ideas I've got on this question, please contribute below<br />
-Rovic<br />
<br />
Outlining some main features here as I see them.<br />
<br />
I found that the exokernel was an even lower-level design than the microkernel, closer to the hardware without abstraction. They have the same architecture with the basic functionality contained in the kernel to manage everyone. As the exokernel "gives" the resource to the application it can use the resource in isolation of other applications (until forced to shared) much like VMs receive their resources, either partitioned or virtualized, and execute as if its running on its own machine. There is this similar notion of partitioning the resources among applications/OS and allowing them to take control of what they have. <br />
<br />
I'll locate some references later on. --[[User:Slay|Slay]] 15:00, 7 October 2010 (UTC)<br />
<br />
I'm just going to post my answer for question 1 on the individuel assignment and hope it helps. --[[User:Aellebla|Aellebla]] 15:06, 12 October 2010 (UTC)<br />
<br />
The design of the micro kernel was to take everything they could out of the Kernel and put it into a process. For ex, networking would be put into a process instead of staying in the kernel. The micro kernel dev's tried to keep lots of things in user space for efficiency. But one major problem with this is there would be a large amount of moving from a process to the kernel to user space and back again and this is a costly, non efficient process.It was an application specific OS, there was no multiplexing. With a virtual machine you are not virtualizing apps like with a microkernel but virtualizing an entire Operating System. This is very heavy however but the benefits are that it‟s easy and all the standard OS features are there whereas in a microkernel setup they would not all be there and this can be seen as a compromise.<br />
<br />
Exokernels can be seen as a compromise to virtual machines and microkernels because virtual machines emulate and exokernels do not. When you emulate something you hide a lot of the actual information because you wouldn‟t be able to see the „real‟ hardware. If we look at a virtual box setup running Linux, and we go look at all the hardware, it will be displayed as fake hardware.<br />
<br />
<br />
<br />
Maybe we can have an introduction - paragraph or so on each type - then similarities - differences - and the compromise. I am going to do some research and writing this weekend and I will put some up -- Jslonosky<br />
<br />
btw in my page (i guess you can call it that) i have some resources i have found --[[User:Asoknack|Asoknack]] 15:50, 8 October 2010 (UTC)<br />
- Wow, nice man. I will go ahead and write up the descriptive paragraphs on each kernel and virtual machine if no one minds. --Jslonosky<br />
<br />
I think we should divide up the paragraphs and proofread each others instead. (Are there only 4 of us?) I don't have much time to work on this today though but I'll try to work on it tomorrow morning. - Slay<br />
<br />
Sure guy. That sounds good. There should be 5 or 6 of us though.. . Oh well. Their loss. I will do some before or after work today. Ill start with Microkernel since there is not a large amount of info here, and so we don't overlap each other - JSlonosky<br />
<br />
yeah i think there was more like 7 of us btw if any one has any more information feel free to add it would be nice if you add the references so that way citing is really easy on acm.org it will auto give you the citation info (where it says Display Formats click on ACM Ref and new window with the citation info auto pop's up) --[[User:Asoknack|Asoknack]] 02:28, 11 October 2010 (UTC)<br />
<br />
I added an outline of the similarities and differences. Add any more that I missed. These are from observations so I don't have any resources. -Slay<br />
That's probably fine. Our textbook probably outlines some of them, so I am sure we can find a few there - JSlonosky<br />
<br />
Talked to the teacher today and for VM he said we should focus on the implementation such as Xen and VMware , he also said to talk about para virtualization --[[User:Asoknack|Asoknack]] 18:42, 12 October 2010 (UTC)<br />
<br />
== The Essay ==<br />
<br />
Let's actually breakdown the essay into components then write it here.<br />
<br />
We have our intro/thesis statement<br />
<br />
<br />
<br />
...to the extent that exokernels be seen as a compromise between virtual machines and microkernels. <br />
-I'll work on the initial intro, should have it ready by tonight. -Slade<br />
<br />
3 paragraphs that prove it<br />
Explain how the key design characteristics of these three system architectures compare with each other. <br />
<br />
and conclusion</div>Asoknackhttps://homeostasis.scs.carleton.ca/wiki/index.php?title=Talk:COMP_3000_Essay_1_2010_Question_1&diff=3101Talk:COMP 3000 Essay 1 2010 Question 12010-10-12T19:31:17Z<p>Asoknack: /* Thread's IPC */</p>
<hr />
<div>== Microkernel == <br />
* Moving kernel functionality into processes contained in user space, e.g. file systems, drivers<br />
* Keep basic functionality in kernel to handle sharing of resources<br />
* Separation allows for manageability and security, corruption in one does not necessarily cause failure in system<br />
* Large amount of moving from a process to Kernel to user space and back again, this is a costly operation.<br />
<br />
----<br />
<br />
''' Microkernel '''<br />
* try's to minimize the amount of software that is mandatory or required [7]<br />
advantages of Microkernel<br />
* favors a modular system structure [7]<br />
* one failure of a program does not impact any other programs [7]<br />
* can support more than one api or strategies since all programs are separated [7]<br />
==== Microkernel Concepts ==== <br />
* piece of code is allowed in the kernel only if moving it outside the kernel would adversely affect the system. [7]<br />
* any subsystem program created must be independent of all other subsystem's, any subsystem that is used can guarantee this from all other subsystems [7]<br />
===== Address Space =====<br />
* a mapping that relates the physical page to the virtual page. [7]<br />
* hide's the hardware's concept of address space [7]<br />
* based off the idea of recursion each subsystem has it's own address space [7]<br />
* the micro kernel provides 3 operations [7]<br />
** Grant [7]<br />
*** allows the owner to give a page to a recipient, provided the recipient want's it the page is removed from the owner's address space and but in the recipients. [7]<br />
*** must be available to the owner. [7]<br />
** Map [7]<br />
*** allows the user to share a page with a recipient [7]<br />
*** page is not removed from the owner's address space. [7]<br />
** Flush [7]<br />
*** remove's the page from all recipients address space [7]<br />
*** how does this work with Grant --[[User:Asoknack|Asoknack]] 19:10, 12 October 2010 (UTC)<br />
* allows memory management and paging out side the kernel<br />
* Map and flush is required for memory manger's and pagers [7]<br />
* can be used to implement access right's [7]<br />
* controlling I/O Right's and driver's are not done at kernel level [7]<br />
<br />
===== Thread's IPC =====<br />
* Threads<br />
** kernel [7]<br />
*** Since a thread has an address space , all changes to the thread need to be done by the kernel [7]<br />
* IPC<br />
** IPC [7]<br />
** grant and map also need IPC (So buye the priciple above this has to be in the kernel)[7]<br />
** basic way for sub process to communicate. [7]<br />
* Interupts<br />
**<br />
<br />
===== Unique Identifiers =====<br />
<br />
== Virtual Machine ==<br />
* Partitioning or virtualizing resources among OS virtualization running on top of host OS<br />
* Virtualized OS believe running on full machine on its own<br />
<br />
----<br />
System Level Virtualization<br />
<br />
=== VMM ===<br />
* stands for Virtual Machine Monitor, also known as the hyper-visor[4]<br />
* responsible for virtualization of hardware(mapping physical to virtual) and the VM that run on top of the virtuallized hardware [4]<br />
* usually a small os with no drivers , so it is coupled with a linux distro that provides device / hardware access [4]<br />
** the os that the VMM is using for driver's is called the hostOS [6]<br />
*the hostOS provides login and physical access to the hardware as well as management for the VMM [6]<br />
=== VM ===<br />
* the OS that the vm is running is called the guestOS [6]<br />
* the guestOS only sees resources that have been allocated to the VM [6]<br />
==== three approaches ====<br />
*Type I virtualization [5]<br />
** runs off the physical hardware [4]<br />
** Isolation of the guestOs from the hardware is done threw processe level protection meachnism[6]<br />
*** ring 0 = VMM [6]<br />
*** ring 1 = VM [6]<br />
*** this means all instructions from the VM must go threw the VMM [6]<br />
** since there can be multiple VM's on a computer the scheduling is done by the VMM [6]<br />
** on boot the VMM creates a hardware platform for the VM [6]<br />
** load's the VM kernel into virtual memory and then boot's it like a regular computer [6]<br />
** ex. Xen [4]<br />
*Type II virtualization [5]<br />
** run off the host Os [4]<br />
** ex. VMware , QEMU [4]<br />
* Para-virtualization [6]<br />
** Similar to Type but use the HostOs for Device driver access [6]<br />
<br />
== Exokernel ==<br />
* Micro-kernel architecture with limited abstractions, ask for resource, get resource not resource abstraction<br />
* Less functionality provided by kernel, security and handling of resource sharing<br />
* Once application receives resource, it can use it as it wishes/in control<br />
* Keep the basic kernel to handle allocating resources and sharing rather than developing straight to the hardware<br />
<br />
----<br />
* multiplex resources securely providing protection to mutual distrustful application threw the use of secure binding's[1]<br />
* Goal of the exokernel is to give LibOS maximum freedom with out allowing them to interfere with each other. to do this the exokernel separates protection from management in doing this it provide 3 important tasks[1]<br />
** tracking ownership of resources [1]<br />
** ensuring protection by guarding all resource usage and binding points (not to shure what binding points are)[1]<br />
** revoking access to the resources [1]<br />
* LibrayOS (LibOs)<br />
** Reduces the number of kernel crossings[1]<br />
** Not trusted by the exokernel so can be trusted by the application , Example given is a bad parameter passed to the LibOs only the application is affected.[1] (So LibOs cant interact with kernel ???)<br />
** Any application running on the Exokernel can change the LibrayOs freely [1]<br />
** Application that use LibOS that implement standard interfaces (POSIX) will be portable on any system with the same interface [1]<br />
** LibOs can be made portable if it is designed to interact with a low-level machine independent level to hide hardware details [1]<br />
<br />
=== Exokernel Design ===<br />
==== Design Principles ====<br />
*Securely Expose Hardware [1]<br />
** an Exokernel tries to create low level primitives that the hardware resources can be accessed from, this also includes interrupts,exceptions [1]<br />
** the exokernel also export privileged instructions to the LibOS so that traditional OS abstractions can be implemented (eg Process , address pace)[1]<br />
** Exokernels should avoid resource management except when required protection ( allocation , revocation , ownership)[1]<br />
** application based resource management is the best way to build flexible efficient flexible systems [1]<br />
*Expose allocation[1]<br />
** allow LibOs to request physical resources [1]<br />
** resource allocation should not be automatic, the LibOS should participate in every single allocation decision [1]<br />
*Expose Names[1]<br />
** Use physical name's when ever possible[3] (not to sure what physical names are, I think it is as simple as what the hardware is called)--[[User:Asoknack|Asoknack]] 20:27, 9 October 2010 (UTC)<br />
** Physical names capture useful information [3]<br />
*** safer than and less resource intensive than virtual names as no translations are needed[3]<br />
*Expose Revocation [1]<br />
** use visible revocation protocol [1]<br />
** allows well behaved LibOS to preform application level resource management [1]<br />
** Visible revocation allows the LibOS to choose what instance of the resource to release[1](Visible means that when revocation happens the exokernel tell the LibOS that resource is being revoked)<br />
''' Policy '''<br />
* LibOS handle resource policy decisions<br />
* Exokernels have a policy to decided between competing LibOS (Priority , share of resources)<br />
** it enforces this threw allocation and deallocation (every thing can achieved threw this even what block to write and such)<br />
<br />
==== Secure Bindings ====<br />
* Used by the exokernel to allow the LibOS to bind to resources [1]<br />
* Allows the separation of protection and resource use [1]<br />
* only checks authorization during bind time [1]<br />
** Application's with complex needs for resources only authorized during bind.[1]<br />
* access checking is done during access time and there is no need to understand complex resources needs during access[1]<br />
** (this means that the exokernel checks once to make sure an application has authorization once approved, when the application tries to use the resource the exokernel is only concerned about policy conflict's)--[[User:Asoknack|Asoknack]] 18:20, 9 October 2010 (UTC)<br />
** allows the kernel to protect the resources with out understanding what the resource is [1]<br />
*three way's to implement<br />
* Hardware Mechanisms [1]<br />
* Software caching [1]<br />
* Downloading application code [1]<br />
''' Downloading Code to the Kernel '''<br />
* used to implement secure bindings , and improve performance[1]<br />
** eliminate the number of kernel crossings [1]<br />
** downloaded code can be run with out the application to be scheduled [2]<br />
==== Visible Resource Revocation ====<br />
* Used for most resources [1]<br />
** allows for LibOS to help with deallocation [1]<br />
** LibOS are able to garner what resources are scare [1]<br />
* Slower than Invisible as application involvement is required [1]<br />
** ex of when invisible is used is Processor addressing-context identifiers [1]<br />
==== Abort Protocol ====<br />
* allows the exokernel to take resources away from the LibOS [1]<br />
* used when the LibOS fails to respond to the revocation request [1]<br />
* Exokernel must be careful not to delete as the LibOS might need to write some system critical data to the resource [1]<br />
<br />
== Comparisons ==<br />
====Exokernel/Microkernel====<br />
'''Similarities'''<br />
* Limited functionality in kernel<br />
** functionality in kernel to handle sharing of resources and security<br />
** avoids programming directly to hardware which creates a dependency<br />
* Additional functionality provided in user space as processes<br />
'''Differences'''<br />
* Minimal abstractions provided by the kernel<br />
** Applications given more power in exokernel<br />
<br />
====Exokernel/VM====<br />
'''Similarities'''<br />
* Idea of partitioning resources between applications/OSs<br />
* "Control" of resource given<br />
* Isolation from other applications/OSs<br />
'''Differences'''<br />
* Exokernel runs applications, VM runs OS<br />
* VM uses a hostOS and guestOSs run on top<br />
* Virtualization on VMs, Exokernel deals with real resources<br />
* VM hides a lot of information because it emulates. Exokernel does not.<br />
<br />
====Microkernel/VM====<br />
'''Differences'''<br />
* With a virtual machine, you are not virtualizing apps like with a microkernel but virtualizing an entire Operating System.<br />
* This can be costly but the benefits are that it's easier and all the standard OS features are available.<br />
<br />
== References ==<br />
[1]<nowiki> Engler, D. R., Kaashoek, M. F., and O'Toole, J. 1995. Exokernel: an operating system architecture for application-level resource management. In Proceedings of the Fifteenth ACM Symposium on Operating Systems Principles (Copper Mountain, Colorado, United States, December 03 - 06, 1995). M. B. Jones, Ed. SOSP '95. ACM, New York, NY, 251-266. DOI= http://doi.acm.org/10.1145/224056.224076 </nowiki><br />
<br />
[2]<nowiki>Engler, Dawson R. "The Exokernel Operating System Architecture." Diss. Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 1998. Web. 9 Oct. 2010. <http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.61.5054&rep=rep1&type=pdf>.</nowiki><br />
<br />
[3]<nowiki>Kaashoek, M. F., Engler, D. R., Ganger, G. R., Briceño, H. M., Hunt, R., Mazières, D., Pinckney, T., Grimm, R., Jannotti, J., and Mackenzie, K. 1997. Application performance and flexibility on exokernel systems. In Proceedings of the Sixteenth ACM Symposium on Operating Systems Principles (Saint Malo, France, October 05 - 08, 1997). W. M. Waite, Ed. SOSP '97. ACM, New York, NY, 52-65. DOI= http://doi.acm.org/10.1145/268998.266644 </nowiki><br />
<br />
[4]<nowiki>Vallee, G.; Naughton, T.; Engelmann, C.; Hong Ong; Scott, S.L.; , "System-Level Virtualization for High Performance Computing," Parallel, Distributed and Network-Based Processing, 2008. PDP 2008. 16th Euromicro Conference on , vol., no., pp.636-643, 13-15 Feb. 2008<br />
DOI= http://doi.acm.org/10.1109/PDP.2008.85 </nowiki><br />
<br />
[5]<nowiki>Goldberg, R. P. 1973. Architecture of virtual machines. In Proceedings of the Workshop on Virtual Computer Systems (Cambridge, Massachusetts, United States, March 26 - 27, 1973). ACM, New York, NY, 74-112. DOI= http://doi.acm.org/10.1145/800122.803950 </nowiki><br />
<br />
[6]<nowiki>Vallee, G., Naughton, T., and Scott, S. L. 2007. System management software for virtual environments. In Proceedings of the 4th international Conference on Computing Frontiers (Ischia, Italy, May 07 - 09, 2007). CF '07. ACM, New York, NY, 153-160. DOI= http://doi.acm.org/10.1145/1242531.1242555 </nowiki><br />
<br />
[7]<nowiki>Liedtke, J. 1995. On micro-kernel construction. In Proceedings of the Fifteenth ACM Symposium on Operating Systems Principles (Copper Mountain, Colorado, United States, December 03 - 06, 1995). M. B. Jones, Ed. SOSP '95. ACM, New York, NY, 237-250. DOI= http://doi.acm.org/10.1145/224056.224075 </nowiki><br />
<br />
== Unsorted ==<br />
An overview of exokernels,virtual machines, microkernels *[http://www2.supchurch.org:10999/files/school/classes/CSCI4730/Lectures/grad-structures.ppt Overview](Power Point)<br><br />
Should not be used as a source but an overview.<br />
<br />
The original paper on [http://portal.acm.org/citation.cfm?id=224076 Exokernels] --[[User:Gautam|Gautam]] 22:39, 6 October 2010 (UTC)<br />
<br />
Exokernel-<br />
Minimalistic abstractions for developers<br />
Exokernels can be seen as a good compromise between virtual machines and microkernels in the sense that exokernels can give that low level access to developers similar to direct access through a protected layer and at the same time can contain enough hardware abstraction to allow similar benefit of hiding the hardware resources to application programs.<br />
Exokernel – fewest hardware abstractions to developer<br />
Microkernel - is the near-minimum amount of software that can provide the mechanisms needed to implement an operating system<br />
Virtual machine is a simulation of any or devices requested by an application program<br />
Exokenel – I’ve got a sound card<br />
Virtual Machine – I’ve got the sound card you’re looking for, perfect virtual match<br />
Microkernel – I’ve got sound card that plays Khazikstan sound format only<br />
MicroKernel - Very small, very predictable, good for schedualing (QNX is a microkernel - POSIX compatable, benefits of running linux software like modern browsers) <br />
<br />
This is some ideas I've got on this question, please contribute below<br />
-Rovic<br />
<br />
Outlining some main features here as I see them.<br />
<br />
I found that the exokernel was an even lower-level design than the microkernel, closer to the hardware without abstraction. They have the same architecture with the basic functionality contained in the kernel to manage everyone. As the exokernel "gives" the resource to the application it can use the resource in isolation of other applications (until forced to shared) much like VMs receive their resources, either partitioned or virtualized, and execute as if its running on its own machine. There is this similar notion of partitioning the resources among applications/OS and allowing them to take control of what they have. <br />
<br />
I'll locate some references later on. --[[User:Slay|Slay]] 15:00, 7 October 2010 (UTC)<br />
<br />
I'm just going to post my answer for question 1 on the individuel assignment and hope it helps. --[[User:Aellebla|Aellebla]] 15:06, 12 October 2010 (UTC)<br />
<br />
The design of the micro kernel was to take everything they could out of the Kernel and put it into a process. For ex, networking would be put into a process instead of staying in the kernel. The micro kernel dev's tried to keep lots of things in user space for efficiency. But one major problem with this is there would be a large amount of moving from a process to the kernel to user space and back again and this is a costly, non efficient process.It was an application specific OS, there was no multiplexing. With a virtual machine you are not virtualizing apps like with a microkernel but virtualizing an entire Operating System. This is very heavy however but the benefits are that it‟s easy and all the standard OS features are there whereas in a microkernel setup they would not all be there and this can be seen as a compromise.<br />
<br />
Exokernels can be seen as a compromise to virtual machines and microkernels because virtual machines emulate and exokernels do not. When you emulate something you hide a lot of the actual information because you wouldn‟t be able to see the „real‟ hardware. If we look at a virtual box setup running Linux, and we go look at all the hardware, it will be displayed as fake hardware.<br />
<br />
<br />
<br />
Maybe we can have an introduction - paragraph or so on each type - then similarities - differences - and the compromise. I am going to do some research and writing this weekend and I will put some up -- Jslonosky<br />
<br />
btw in my page (i guess you can call it that) i have some resources i have found --[[User:Asoknack|Asoknack]] 15:50, 8 October 2010 (UTC)<br />
- Wow, nice man. I will go ahead and write up the descriptive paragraphs on each kernel and virtual machine if no one minds. --Jslonosky<br />
<br />
I think we should divide up the paragraphs and proofread each others instead. (Are there only 4 of us?) I don't have much time to work on this today though but I'll try to work on it tomorrow morning. - Slay<br />
<br />
Sure guy. That sounds good. There should be 5 or 6 of us though.. . Oh well. Their loss. I will do some before or after work today. Ill start with Microkernel since there is not a large amount of info here, and so we don't overlap each other - JSlonosky<br />
<br />
yeah i think there was more like 7 of us btw if any one has any more information feel free to add it would be nice if you add the references so that way citing is really easy on acm.org it will auto give you the citation info (where it says Display Formats click on ACM Ref and new window with the citation info auto pop's up) --[[User:Asoknack|Asoknack]] 02:28, 11 October 2010 (UTC)<br />
<br />
I added an outline of the similarities and differences. Add any more that I missed. These are from observations so I don't have any resources. -Slay<br />
That's probably fine. Our textbook probably outlines some of them, so I am sure we can find a few there - JSlonosky<br />
<br />
Talked to the teacher today and for VM he said we should focus on the implementation such as Xen and VMware , he also said to talk about para virtualization --[[User:Asoknack|Asoknack]] 18:42, 12 October 2010 (UTC)<br />
<br />
== The Essay ==<br />
<br />
Let's actually breakdown the essay into components then write it here.<br />
<br />
We have our intro/thesis statement<br />
<br />
<br />
<br />
...to the extent that exokernels be seen as a compromise between virtual machines and microkernels. <br />
-I'll work on the initial intro, should have it ready by tonight. -Slade<br />
<br />
3 paragraphs that prove it<br />
Explain how the key design characteristics of these three system architectures compare with each other. <br />
<br />
and conclusion</div>Asoknackhttps://homeostasis.scs.carleton.ca/wiki/index.php?title=Talk:COMP_3000_Essay_1_2010_Question_1&diff=3100Talk:COMP 3000 Essay 1 2010 Question 12010-10-12T19:20:55Z<p>Asoknack: /* Address Space */</p>
<hr />
<div>== Microkernel == <br />
* Moving kernel functionality into processes contained in user space, e.g. file systems, drivers<br />
* Keep basic functionality in kernel to handle sharing of resources<br />
* Separation allows for manageability and security, corruption in one does not necessarily cause failure in system<br />
* Large amount of moving from a process to Kernel to user space and back again, this is a costly operation.<br />
<br />
----<br />
<br />
''' Microkernel '''<br />
* try's to minimize the amount of software that is mandatory or required [7]<br />
advantages of Microkernel<br />
* favors a modular system structure [7]<br />
* one failure of a program does not impact any other programs [7]<br />
* can support more than one api or strategies since all programs are separated [7]<br />
==== Microkernel Concepts ==== <br />
* piece of code is allowed in the kernel only if moving it outside the kernel would adversely affect the system. [7]<br />
* any subsystem program created must be independent of all other subsystem's, any subsystem that is used can guarantee this from all other subsystems [7]<br />
===== Address Space =====<br />
* a mapping that relates the physical page to the virtual page. [7]<br />
* hide's the hardware's concept of address space [7]<br />
* based off the idea of recursion each subsystem has it's own address space [7]<br />
* the micro kernel provides 3 operations [7]<br />
** Grant [7]<br />
*** allows the owner to give a page to a recipient, provided the recipient want's it the page is removed from the owner's address space and but in the recipients. [7]<br />
*** must be available to the owner. [7]<br />
** Map [7]<br />
*** allows the user to share a page with a recipient [7]<br />
*** page is not removed from the owner's address space. [7]<br />
** Flush [7]<br />
*** remove's the page from all recipients address space [7]<br />
*** how does this work with Grant --[[User:Asoknack|Asoknack]] 19:10, 12 October 2010 (UTC)<br />
* allows memory management and paging out side the kernel<br />
* Map and flush is required for memory manger's and pagers [7]<br />
* can be used to implement access right's [7]<br />
* controlling I/O Right's and driver's are not done at kernel level [7]<br />
<br />
===== Thread's IPC =====<br />
===== Unique Identifiers =====<br />
<br />
== Virtual Machine ==<br />
* Partitioning or virtualizing resources among OS virtualization running on top of host OS<br />
* Virtualized OS believe running on full machine on its own<br />
<br />
----<br />
System Level Virtualization<br />
<br />
=== VMM ===<br />
* stands for Virtual Machine Monitor, also known as the hyper-visor[4]<br />
* responsible for virtualization of hardware(mapping physical to virtual) and the VM that run on top of the virtuallized hardware [4]<br />
* usually a small os with no drivers , so it is coupled with a linux distro that provides device / hardware access [4]<br />
** the os that the VMM is using for driver's is called the hostOS [6]<br />
*the hostOS provides login and physical access to the hardware as well as management for the VMM [6]<br />
=== VM ===<br />
* the OS that the vm is running is called the guestOS [6]<br />
* the guestOS only sees resources that have been allocated to the VM [6]<br />
==== three approaches ====<br />
*Type I virtualization [5]<br />
** runs off the physical hardware [4]<br />
** Isolation of the guestOs from the hardware is done threw processe level protection meachnism[6]<br />
*** ring 0 = VMM [6]<br />
*** ring 1 = VM [6]<br />
*** this means all instructions from the VM must go threw the VMM [6]<br />
** since there can be multiple VM's on a computer the scheduling is done by the VMM [6]<br />
** on boot the VMM creates a hardware platform for the VM [6]<br />
** load's the VM kernel into virtual memory and then boot's it like a regular computer [6]<br />
** ex. Xen [4]<br />
*Type II virtualization [5]<br />
** run off the host Os [4]<br />
** ex. VMware , QEMU [4]<br />
* Para-virtualization [6]<br />
** Similar to Type but use the HostOs for Device driver access [6]<br />
<br />
== Exokernel ==<br />
* Micro-kernel architecture with limited abstractions, ask for resource, get resource not resource abstraction<br />
* Less functionality provided by kernel, security and handling of resource sharing<br />
* Once application receives resource, it can use it as it wishes/in control<br />
* Keep the basic kernel to handle allocating resources and sharing rather than developing straight to the hardware<br />
<br />
----<br />
* multiplex resources securely providing protection to mutual distrustful application threw the use of secure binding's[1]<br />
* Goal of the exokernel is to give LibOS maximum freedom with out allowing them to interfere with each other. to do this the exokernel separates protection from management in doing this it provide 3 important tasks[1]<br />
** tracking ownership of resources [1]<br />
** ensuring protection by guarding all resource usage and binding points (not to shure what binding points are)[1]<br />
** revoking access to the resources [1]<br />
* LibrayOS (LibOs)<br />
** Reduces the number of kernel crossings[1]<br />
** Not trusted by the exokernel so can be trusted by the application , Example given is a bad parameter passed to the LibOs only the application is affected.[1] (So LibOs cant interact with kernel ???)<br />
** Any application running on the Exokernel can change the LibrayOs freely [1]<br />
** Application that use LibOS that implement standard interfaces (POSIX) will be portable on any system with the same interface [1]<br />
** LibOs can be made portable if it is designed to interact with a low-level machine independent level to hide hardware details [1]<br />
<br />
=== Exokernel Design ===<br />
==== Design Principles ====<br />
*Securely Expose Hardware [1]<br />
** an Exokernel tries to create low level primitives that the hardware resources can be accessed from, this also includes interrupts,exceptions [1]<br />
** the exokernel also export privileged instructions to the LibOS so that traditional OS abstractions can be implemented (eg Process , address pace)[1]<br />
** Exokernels should avoid resource management except when required protection ( allocation , revocation , ownership)[1]<br />
** application based resource management is the best way to build flexible efficient flexible systems [1]<br />
*Expose allocation[1]<br />
** allow LibOs to request physical resources [1]<br />
** resource allocation should not be automatic, the LibOS should participate in every single allocation decision [1]<br />
*Expose Names[1]<br />
** Use physical name's when ever possible[3] (not to sure what physical names are, I think it is as simple as what the hardware is called)--[[User:Asoknack|Asoknack]] 20:27, 9 October 2010 (UTC)<br />
** Physical names capture useful information [3]<br />
*** safer than and less resource intensive than virtual names as no translations are needed[3]<br />
*Expose Revocation [1]<br />
** use visible revocation protocol [1]<br />
** allows well behaved LibOS to preform application level resource management [1]<br />
** Visible revocation allows the LibOS to choose what instance of the resource to release[1](Visible means that when revocation happens the exokernel tell the LibOS that resource is being revoked)<br />
''' Policy '''<br />
* LibOS handle resource policy decisions<br />
* Exokernels have a policy to decided between competing LibOS (Priority , share of resources)<br />
** it enforces this threw allocation and deallocation (every thing can achieved threw this even what block to write and such)<br />
<br />
==== Secure Bindings ====<br />
* Used by the exokernel to allow the LibOS to bind to resources [1]<br />
* Allows the separation of protection and resource use [1]<br />
* only checks authorization during bind time [1]<br />
** Application's with complex needs for resources only authorized during bind.[1]<br />
* access checking is done during access time and there is no need to understand complex resources needs during access[1]<br />
** (this means that the exokernel checks once to make sure an application has authorization once approved, when the application tries to use the resource the exokernel is only concerned about policy conflict's)--[[User:Asoknack|Asoknack]] 18:20, 9 October 2010 (UTC)<br />
** allows the kernel to protect the resources with out understanding what the resource is [1]<br />
*three way's to implement<br />
* Hardware Mechanisms [1]<br />
* Software caching [1]<br />
* Downloading application code [1]<br />
''' Downloading Code to the Kernel '''<br />
* used to implement secure bindings , and improve performance[1]<br />
** eliminate the number of kernel crossings [1]<br />
** downloaded code can be run with out the application to be scheduled [2]<br />
==== Visible Resource Revocation ====<br />
* Used for most resources [1]<br />
** allows for LibOS to help with deallocation [1]<br />
** LibOS are able to garner what resources are scare [1]<br />
* Slower than Invisible as application involvement is required [1]<br />
** ex of when invisible is used is Processor addressing-context identifiers [1]<br />
==== Abort Protocol ====<br />
* allows the exokernel to take resources away from the LibOS [1]<br />
* used when the LibOS fails to respond to the revocation request [1]<br />
* Exokernel must be careful not to delete as the LibOS might need to write some system critical data to the resource [1]<br />
<br />
== Comparisons ==<br />
====Exokernel/Microkernel====<br />
'''Similarities'''<br />
* Limited functionality in kernel<br />
** functionality in kernel to handle sharing of resources and security<br />
** avoids programming directly to hardware which creates a dependency<br />
* Additional functionality provided in user space as processes<br />
'''Differences'''<br />
* Minimal abstractions provided by the kernel<br />
** Applications given more power in exokernel<br />
<br />
====Exokernel/VM====<br />
'''Similarities'''<br />
* Idea of partitioning resources between applications/OSs<br />
* "Control" of resource given<br />
* Isolation from other applications/OSs<br />
'''Differences'''<br />
* Exokernel runs applications, VM runs OS<br />
* VM uses a hostOS and guestOSs run on top<br />
* Virtualization on VMs, Exokernel deals with real resources<br />
* VM hides a lot of information because it emulates. Exokernel does not.<br />
<br />
====Microkernel/VM====<br />
'''Differences'''<br />
* With a virtual machine, you are not virtualizing apps like with a microkernel but virtualizing an entire Operating System.<br />
* This can be costly but the benefits are that it's easier and all the standard OS features are available.<br />
<br />
== References ==<br />
[1]<nowiki> Engler, D. R., Kaashoek, M. F., and O'Toole, J. 1995. Exokernel: an operating system architecture for application-level resource management. In Proceedings of the Fifteenth ACM Symposium on Operating Systems Principles (Copper Mountain, Colorado, United States, December 03 - 06, 1995). M. B. Jones, Ed. SOSP '95. ACM, New York, NY, 251-266. DOI= http://doi.acm.org/10.1145/224056.224076 </nowiki><br />
<br />
[2]<nowiki>Engler, Dawson R. "The Exokernel Operating System Architecture." Diss. Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 1998. Web. 9 Oct. 2010. <http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.61.5054&rep=rep1&type=pdf>.</nowiki><br />
<br />
[3]<nowiki>Kaashoek, M. F., Engler, D. R., Ganger, G. R., Briceño, H. M., Hunt, R., Mazières, D., Pinckney, T., Grimm, R., Jannotti, J., and Mackenzie, K. 1997. Application performance and flexibility on exokernel systems. In Proceedings of the Sixteenth ACM Symposium on Operating Systems Principles (Saint Malo, France, October 05 - 08, 1997). W. M. Waite, Ed. SOSP '97. ACM, New York, NY, 52-65. DOI= http://doi.acm.org/10.1145/268998.266644 </nowiki><br />
<br />
[4]<nowiki>Vallee, G.; Naughton, T.; Engelmann, C.; Hong Ong; Scott, S.L.; , "System-Level Virtualization for High Performance Computing," Parallel, Distributed and Network-Based Processing, 2008. PDP 2008. 16th Euromicro Conference on , vol., no., pp.636-643, 13-15 Feb. 2008<br />
DOI= http://doi.acm.org/10.1109/PDP.2008.85 </nowiki><br />
<br />
[5]<nowiki>Goldberg, R. P. 1973. Architecture of virtual machines. In Proceedings of the Workshop on Virtual Computer Systems (Cambridge, Massachusetts, United States, March 26 - 27, 1973). ACM, New York, NY, 74-112. DOI= http://doi.acm.org/10.1145/800122.803950 </nowiki><br />
<br />
[6]<nowiki>Vallee, G., Naughton, T., and Scott, S. L. 2007. System management software for virtual environments. In Proceedings of the 4th international Conference on Computing Frontiers (Ischia, Italy, May 07 - 09, 2007). CF '07. ACM, New York, NY, 153-160. DOI= http://doi.acm.org/10.1145/1242531.1242555 </nowiki><br />
<br />
[7]<nowiki>Liedtke, J. 1995. On micro-kernel construction. In Proceedings of the Fifteenth ACM Symposium on Operating Systems Principles (Copper Mountain, Colorado, United States, December 03 - 06, 1995). M. B. Jones, Ed. SOSP '95. ACM, New York, NY, 237-250. DOI= http://doi.acm.org/10.1145/224056.224075 </nowiki><br />
<br />
== Unsorted ==<br />
An overview of exokernels,virtual machines, microkernels *[http://www2.supchurch.org:10999/files/school/classes/CSCI4730/Lectures/grad-structures.ppt Overview](Power Point)<br><br />
Should not be used as a source but an overview.<br />
<br />
The original paper on [http://portal.acm.org/citation.cfm?id=224076 Exokernels] --[[User:Gautam|Gautam]] 22:39, 6 October 2010 (UTC)<br />
<br />
Exokernel-<br />
Minimalistic abstractions for developers<br />
Exokernels can be seen as a good compromise between virtual machines and microkernels in the sense that exokernels can give that low level access to developers similar to direct access through a protected layer and at the same time can contain enough hardware abstraction to allow similar benefit of hiding the hardware resources to application programs.<br />
Exokernel – fewest hardware abstractions to developer<br />
Microkernel - is the near-minimum amount of software that can provide the mechanisms needed to implement an operating system<br />
Virtual machine is a simulation of any or devices requested by an application program<br />
Exokenel – I’ve got a sound card<br />
Virtual Machine – I’ve got the sound card you’re looking for, perfect virtual match<br />
Microkernel – I’ve got sound card that plays Khazikstan sound format only<br />
MicroKernel - Very small, very predictable, good for schedualing (QNX is a microkernel - POSIX compatable, benefits of running linux software like modern browsers) <br />
<br />
This is some ideas I've got on this question, please contribute below<br />
-Rovic<br />
<br />
Outlining some main features here as I see them.<br />
<br />
I found that the exokernel was an even lower-level design than the microkernel, closer to the hardware without abstraction. They have the same architecture with the basic functionality contained in the kernel to manage everyone. As the exokernel "gives" the resource to the application it can use the resource in isolation of other applications (until forced to shared) much like VMs receive their resources, either partitioned or virtualized, and execute as if its running on its own machine. There is this similar notion of partitioning the resources among applications/OS and allowing them to take control of what they have. <br />
<br />
I'll locate some references later on. --[[User:Slay|Slay]] 15:00, 7 October 2010 (UTC)<br />
<br />
I'm just going to post my answer for question 1 on the individuel assignment and hope it helps. --[[User:Aellebla|Aellebla]] 15:06, 12 October 2010 (UTC)<br />
<br />
The design of the micro kernel was to take everything they could out of the Kernel and put it into a process. For ex, networking would be put into a process instead of staying in the kernel. The micro kernel dev's tried to keep lots of things in user space for efficiency. But one major problem with this is there would be a large amount of moving from a process to the kernel to user space and back again and this is a costly, non efficient process.It was an application specific OS, there was no multiplexing. With a virtual machine you are not virtualizing apps like with a microkernel but virtualizing an entire Operating System. This is very heavy however but the benefits are that it‟s easy and all the standard OS features are there whereas in a microkernel setup they would not all be there and this can be seen as a compromise.<br />
<br />
Exokernels can be seen as a compromise to virtual machines and microkernels because virtual machines emulate and exokernels do not. When you emulate something you hide a lot of the actual information because you wouldn‟t be able to see the „real‟ hardware. If we look at a virtual box setup running Linux, and we go look at all the hardware, it will be displayed as fake hardware.<br />
<br />
<br />
<br />
Maybe we can have an introduction - paragraph or so on each type - then similarities - differences - and the compromise. I am going to do some research and writing this weekend and I will put some up -- Jslonosky<br />
<br />
btw in my page (i guess you can call it that) i have some resources i have found --[[User:Asoknack|Asoknack]] 15:50, 8 October 2010 (UTC)<br />
- Wow, nice man. I will go ahead and write up the descriptive paragraphs on each kernel and virtual machine if no one minds. --Jslonosky<br />
<br />
I think we should divide up the paragraphs and proofread each others instead. (Are there only 4 of us?) I don't have much time to work on this today though but I'll try to work on it tomorrow morning. - Slay<br />
<br />
Sure guy. That sounds good. There should be 5 or 6 of us though.. . Oh well. Their loss. I will do some before or after work today. Ill start with Microkernel since there is not a large amount of info here, and so we don't overlap each other - JSlonosky<br />
<br />
yeah i think there was more like 7 of us btw if any one has any more information feel free to add it would be nice if you add the references so that way citing is really easy on acm.org it will auto give you the citation info (where it says Display Formats click on ACM Ref and new window with the citation info auto pop's up) --[[User:Asoknack|Asoknack]] 02:28, 11 October 2010 (UTC)<br />
<br />
I added an outline of the similarities and differences. Add any more that I missed. These are from observations so I don't have any resources. -Slay<br />
That's probably fine. Our textbook probably outlines some of them, so I am sure we can find a few there - JSlonosky<br />
<br />
Talked to the teacher today and for VM he said we should focus on the implementation such as Xen and VMware , he also said to talk about para virtualization --[[User:Asoknack|Asoknack]] 18:42, 12 October 2010 (UTC)<br />
<br />
== The Essay ==<br />
<br />
Let's actually breakdown the essay into components then write it here.<br />
<br />
We have our intro/thesis statement<br />
<br />
<br />
<br />
...to the extent that exokernels be seen as a compromise between virtual machines and microkernels. <br />
-I'll work on the initial intro, should have it ready by tonight. -Slade<br />
<br />
3 paragraphs that prove it<br />
Explain how the key design characteristics of these three system architectures compare with each other. <br />
<br />
and conclusion</div>Asoknackhttps://homeostasis.scs.carleton.ca/wiki/index.php?title=Talk:COMP_3000_Essay_1_2010_Question_1&diff=3099Talk:COMP 3000 Essay 1 2010 Question 12010-10-12T19:20:32Z<p>Asoknack: /* Address Space */</p>
<hr />
<div>== Microkernel == <br />
* Moving kernel functionality into processes contained in user space, e.g. file systems, drivers<br />
* Keep basic functionality in kernel to handle sharing of resources<br />
* Separation allows for manageability and security, corruption in one does not necessarily cause failure in system<br />
* Large amount of moving from a process to Kernel to user space and back again, this is a costly operation.<br />
<br />
----<br />
<br />
''' Microkernel '''<br />
* try's to minimize the amount of software that is mandatory or required [7]<br />
advantages of Microkernel<br />
* favors a modular system structure [7]<br />
* one failure of a program does not impact any other programs [7]<br />
* can support more than one api or strategies since all programs are separated [7]<br />
==== Microkernel Concepts ==== <br />
* piece of code is allowed in the kernel only if moving it outside the kernel would adversely affect the system. [7]<br />
* any subsystem program created must be independent of all other subsystem's, any subsystem that is used can guarantee this from all other subsystems [7]<br />
===== Address Space =====<br />
* a mapping that relates the physical page to the virtual page. [7]<br />
* hide's the hardware's concept of address space [7]<br />
* based off the idea of recursion each subsystem has it's own address space [7]<br />
* the micro kernel provides 3 operations [7]<br />
** Grant [7]<br />
*** allows the owner to give a page to a recipient, provided the recipient want's it the page is removed from the owner's address space and but in the recipients. [7]<br />
*** must be available to the owner. [7]<br />
** Map [7]<br />
*** allows the user to share a page with a recipient [7]<br />
*** page is not removed from the owner's address space. [7]<br />
** Flush [7]<br />
*** remove's the page from all recipients address space<br />
*** how does this work with Grant --[[User:Asoknack|Asoknack]] 19:10, 12 October 2010 (UTC)<br />
* allows memory management and paging out side the kernel<br />
* Map and flush is required for memory manger's and pagers [7]<br />
* can be used to implement acces right's<br />
* controlling I/O Right's and driver's are not done at kernel level<br />
<br />
===== Thread's IPC =====<br />
===== Unique Identifiers =====<br />
<br />
== Virtual Machine ==<br />
* Partitioning or virtualizing resources among OS virtualization running on top of host OS<br />
* Virtualized OS believe running on full machine on its own<br />
<br />
----<br />
System Level Virtualization<br />
<br />
=== VMM ===<br />
* stands for Virtual Machine Monitor, also known as the hyper-visor[4]<br />
* responsible for virtualization of hardware(mapping physical to virtual) and the VM that run on top of the virtuallized hardware [4]<br />
* usually a small os with no drivers , so it is coupled with a linux distro that provides device / hardware access [4]<br />
** the os that the VMM is using for driver's is called the hostOS [6]<br />
*the hostOS provides login and physical access to the hardware as well as management for the VMM [6]<br />
=== VM ===<br />
* the OS that the vm is running is called the guestOS [6]<br />
* the guestOS only sees resources that have been allocated to the VM [6]<br />
==== three approaches ====<br />
*Type I virtualization [5]<br />
** runs off the physical hardware [4]<br />
** Isolation of the guestOs from the hardware is done threw processe level protection meachnism[6]<br />
*** ring 0 = VMM [6]<br />
*** ring 1 = VM [6]<br />
*** this means all instructions from the VM must go threw the VMM [6]<br />
** since there can be multiple VM's on a computer the scheduling is done by the VMM [6]<br />
** on boot the VMM creates a hardware platform for the VM [6]<br />
** load's the VM kernel into virtual memory and then boot's it like a regular computer [6]<br />
** ex. Xen [4]<br />
*Type II virtualization [5]<br />
** run off the host Os [4]<br />
** ex. VMware , QEMU [4]<br />
* Para-virtualization [6]<br />
** Similar to Type but use the HostOs for Device driver access [6]<br />
<br />
== Exokernel ==<br />
* Micro-kernel architecture with limited abstractions, ask for resource, get resource not resource abstraction<br />
* Less functionality provided by kernel, security and handling of resource sharing<br />
* Once application receives resource, it can use it as it wishes/in control<br />
* Keep the basic kernel to handle allocating resources and sharing rather than developing straight to the hardware<br />
<br />
----<br />
* multiplex resources securely providing protection to mutual distrustful application threw the use of secure binding's[1]<br />
* Goal of the exokernel is to give LibOS maximum freedom with out allowing them to interfere with each other. to do this the exokernel separates protection from management in doing this it provide 3 important tasks[1]<br />
** tracking ownership of resources [1]<br />
** ensuring protection by guarding all resource usage and binding points (not to shure what binding points are)[1]<br />
** revoking access to the resources [1]<br />
* LibrayOS (LibOs)<br />
** Reduces the number of kernel crossings[1]<br />
** Not trusted by the exokernel so can be trusted by the application , Example given is a bad parameter passed to the LibOs only the application is affected.[1] (So LibOs cant interact with kernel ???)<br />
** Any application running on the Exokernel can change the LibrayOs freely [1]<br />
** Application that use LibOS that implement standard interfaces (POSIX) will be portable on any system with the same interface [1]<br />
** LibOs can be made portable if it is designed to interact with a low-level machine independent level to hide hardware details [1]<br />
<br />
=== Exokernel Design ===<br />
==== Design Principles ====<br />
*Securely Expose Hardware [1]<br />
** an Exokernel tries to create low level primitives that the hardware resources can be accessed from, this also includes interrupts,exceptions [1]<br />
** the exokernel also export privileged instructions to the LibOS so that traditional OS abstractions can be implemented (eg Process , address pace)[1]<br />
** Exokernels should avoid resource management except when required protection ( allocation , revocation , ownership)[1]<br />
** application based resource management is the best way to build flexible efficient flexible systems [1]<br />
*Expose allocation[1]<br />
** allow LibOs to request physical resources [1]<br />
** resource allocation should not be automatic, the LibOS should participate in every single allocation decision [1]<br />
*Expose Names[1]<br />
** Use physical name's when ever possible[3] (not to sure what physical names are, I think it is as simple as what the hardware is called)--[[User:Asoknack|Asoknack]] 20:27, 9 October 2010 (UTC)<br />
** Physical names capture useful information [3]<br />
*** safer than and less resource intensive than virtual names as no translations are needed[3]<br />
*Expose Revocation [1]<br />
** use visible revocation protocol [1]<br />
** allows well behaved LibOS to preform application level resource management [1]<br />
** Visible revocation allows the LibOS to choose what instance of the resource to release[1](Visible means that when revocation happens the exokernel tell the LibOS that resource is being revoked)<br />
''' Policy '''<br />
* LibOS handle resource policy decisions<br />
* Exokernels have a policy to decided between competing LibOS (Priority , share of resources)<br />
** it enforces this threw allocation and deallocation (every thing can achieved threw this even what block to write and such)<br />
<br />
==== Secure Bindings ====<br />
* Used by the exokernel to allow the LibOS to bind to resources [1]<br />
* Allows the separation of protection and resource use [1]<br />
* only checks authorization during bind time [1]<br />
** Application's with complex needs for resources only authorized during bind.[1]<br />
* access checking is done during access time and there is no need to understand complex resources needs during access[1]<br />
** (this means that the exokernel checks once to make sure an application has authorization once approved, when the application tries to use the resource the exokernel is only concerned about policy conflict's)--[[User:Asoknack|Asoknack]] 18:20, 9 October 2010 (UTC)<br />
** allows the kernel to protect the resources with out understanding what the resource is [1]<br />
*three way's to implement<br />
* Hardware Mechanisms [1]<br />
* Software caching [1]<br />
* Downloading application code [1]<br />
''' Downloading Code to the Kernel '''<br />
* used to implement secure bindings , and improve performance[1]<br />
** eliminate the number of kernel crossings [1]<br />
** downloaded code can be run with out the application to be scheduled [2]<br />
==== Visible Resource Revocation ====<br />
* Used for most resources [1]<br />
** allows for LibOS to help with deallocation [1]<br />
** LibOS are able to garner what resources are scare [1]<br />
* Slower than Invisible as application involvement is required [1]<br />
** ex of when invisible is used is Processor addressing-context identifiers [1]<br />
==== Abort Protocol ====<br />
* allows the exokernel to take resources away from the LibOS [1]<br />
* used when the LibOS fails to respond to the revocation request [1]<br />
* Exokernel must be careful not to delete as the LibOS might need to write some system critical data to the resource [1]<br />
<br />
== Comparisons ==<br />
====Exokernel/Microkernel====<br />
'''Similarities'''<br />
* Limited functionality in kernel<br />
** functionality in kernel to handle sharing of resources and security<br />
** avoids programming directly to hardware which creates a dependency<br />
* Additional functionality provided in user space as processes<br />
'''Differences'''<br />
* Minimal abstractions provided by the kernel<br />
** Applications given more power in exokernel<br />
<br />
====Exokernel/VM====<br />
'''Similarities'''<br />
* Idea of partitioning resources between applications/OSs<br />
* "Control" of resource given<br />
* Isolation from other applications/OSs<br />
'''Differences'''<br />
* Exokernel runs applications, VM runs OS<br />
* VM uses a hostOS and guestOSs run on top<br />
* Virtualization on VMs, Exokernel deals with real resources<br />
* VM hides a lot of information because it emulates. Exokernel does not.<br />
<br />
====Microkernel/VM====<br />
'''Differences'''<br />
* With a virtual machine, you are not virtualizing apps like with a microkernel but virtualizing an entire Operating System.<br />
* This can be costly but the benefits are that it's easier and all the standard OS features are available.<br />
<br />
== References ==<br />
[1]<nowiki> Engler, D. R., Kaashoek, M. F., and O'Toole, J. 1995. Exokernel: an operating system architecture for application-level resource management. In Proceedings of the Fifteenth ACM Symposium on Operating Systems Principles (Copper Mountain, Colorado, United States, December 03 - 06, 1995). M. B. Jones, Ed. SOSP '95. ACM, New York, NY, 251-266. DOI= http://doi.acm.org/10.1145/224056.224076 </nowiki><br />
<br />
[2]<nowiki>Engler, Dawson R. "The Exokernel Operating System Architecture." Diss. Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 1998. Web. 9 Oct. 2010. <http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.61.5054&rep=rep1&type=pdf>.</nowiki><br />
<br />
[3]<nowiki>Kaashoek, M. F., Engler, D. R., Ganger, G. R., Briceño, H. M., Hunt, R., Mazières, D., Pinckney, T., Grimm, R., Jannotti, J., and Mackenzie, K. 1997. Application performance and flexibility on exokernel systems. In Proceedings of the Sixteenth ACM Symposium on Operating Systems Principles (Saint Malo, France, October 05 - 08, 1997). W. M. Waite, Ed. SOSP '97. ACM, New York, NY, 52-65. DOI= http://doi.acm.org/10.1145/268998.266644 </nowiki><br />
<br />
[4]<nowiki>Vallee, G.; Naughton, T.; Engelmann, C.; Hong Ong; Scott, S.L.; , "System-Level Virtualization for High Performance Computing," Parallel, Distributed and Network-Based Processing, 2008. PDP 2008. 16th Euromicro Conference on , vol., no., pp.636-643, 13-15 Feb. 2008<br />
DOI= http://doi.acm.org/10.1109/PDP.2008.85 </nowiki><br />
<br />
[5]<nowiki>Goldberg, R. P. 1973. Architecture of virtual machines. In Proceedings of the Workshop on Virtual Computer Systems (Cambridge, Massachusetts, United States, March 26 - 27, 1973). ACM, New York, NY, 74-112. DOI= http://doi.acm.org/10.1145/800122.803950 </nowiki><br />
<br />
[6]<nowiki>Vallee, G., Naughton, T., and Scott, S. L. 2007. System management software for virtual environments. In Proceedings of the 4th international Conference on Computing Frontiers (Ischia, Italy, May 07 - 09, 2007). CF '07. ACM, New York, NY, 153-160. DOI= http://doi.acm.org/10.1145/1242531.1242555 </nowiki><br />
<br />
[7]<nowiki>Liedtke, J. 1995. On micro-kernel construction. In Proceedings of the Fifteenth ACM Symposium on Operating Systems Principles (Copper Mountain, Colorado, United States, December 03 - 06, 1995). M. B. Jones, Ed. SOSP '95. ACM, New York, NY, 237-250. DOI= http://doi.acm.org/10.1145/224056.224075 </nowiki><br />
<br />
== Unsorted ==<br />
An overview of exokernels,virtual machines, microkernels *[http://www2.supchurch.org:10999/files/school/classes/CSCI4730/Lectures/grad-structures.ppt Overview](Power Point)<br><br />
Should not be used as a source but an overview.<br />
<br />
The original paper on [http://portal.acm.org/citation.cfm?id=224076 Exokernels] --[[User:Gautam|Gautam]] 22:39, 6 October 2010 (UTC)<br />
<br />
Exokernel-<br />
Minimalistic abstractions for developers<br />
Exokernels can be seen as a good compromise between virtual machines and microkernels in the sense that exokernels can give that low level access to developers similar to direct access through a protected layer and at the same time can contain enough hardware abstraction to allow similar benefit of hiding the hardware resources to application programs.<br />
Exokernel – fewest hardware abstractions to developer<br />
Microkernel - is the near-minimum amount of software that can provide the mechanisms needed to implement an operating system<br />
Virtual machine is a simulation of any or devices requested by an application program<br />
Exokenel – I’ve got a sound card<br />
Virtual Machine – I’ve got the sound card you’re looking for, perfect virtual match<br />
Microkernel – I’ve got sound card that plays Khazikstan sound format only<br />
MicroKernel - Very small, very predictable, good for schedualing (QNX is a microkernel - POSIX compatable, benefits of running linux software like modern browsers) <br />
<br />
This is some ideas I've got on this question, please contribute below<br />
-Rovic<br />
<br />
Outlining some main features here as I see them.<br />
<br />
I found that the exokernel was an even lower-level design than the microkernel, closer to the hardware without abstraction. They have the same architecture with the basic functionality contained in the kernel to manage everyone. As the exokernel "gives" the resource to the application it can use the resource in isolation of other applications (until forced to shared) much like VMs receive their resources, either partitioned or virtualized, and execute as if its running on its own machine. There is this similar notion of partitioning the resources among applications/OS and allowing them to take control of what they have. <br />
<br />
I'll locate some references later on. --[[User:Slay|Slay]] 15:00, 7 October 2010 (UTC)<br />
<br />
I'm just going to post my answer for question 1 on the individuel assignment and hope it helps. --[[User:Aellebla|Aellebla]] 15:06, 12 October 2010 (UTC)<br />
<br />
The design of the micro kernel was to take everything they could out of the Kernel and put it into a process. For ex, networking would be put into a process instead of staying in the kernel. The micro kernel dev's tried to keep lots of things in user space for efficiency. But one major problem with this is there would be a large amount of moving from a process to the kernel to user space and back again and this is a costly, non efficient process.It was an application specific OS, there was no multiplexing. With a virtual machine you are not virtualizing apps like with a microkernel but virtualizing an entire Operating System. This is very heavy however but the benefits are that it‟s easy and all the standard OS features are there whereas in a microkernel setup they would not all be there and this can be seen as a compromise.<br />
<br />
Exokernels can be seen as a compromise to virtual machines and microkernels because virtual machines emulate and exokernels do not. When you emulate something you hide a lot of the actual information because you wouldn‟t be able to see the „real‟ hardware. If we look at a virtual box setup running Linux, and we go look at all the hardware, it will be displayed as fake hardware.<br />
<br />
<br />
<br />
Maybe we can have an introduction - paragraph or so on each type - then similarities - differences - and the compromise. I am going to do some research and writing this weekend and I will put some up -- Jslonosky<br />
<br />
btw in my page (i guess you can call it that) i have some resources i have found --[[User:Asoknack|Asoknack]] 15:50, 8 October 2010 (UTC)<br />
- Wow, nice man. I will go ahead and write up the descriptive paragraphs on each kernel and virtual machine if no one minds. --Jslonosky<br />
<br />
I think we should divide up the paragraphs and proofread each others instead. (Are there only 4 of us?) I don't have much time to work on this today though but I'll try to work on it tomorrow morning. - Slay<br />
<br />
Sure guy. That sounds good. There should be 5 or 6 of us though.. . Oh well. Their loss. I will do some before or after work today. Ill start with Microkernel since there is not a large amount of info here, and so we don't overlap each other - JSlonosky<br />
<br />
yeah i think there was more like 7 of us btw if any one has any more information feel free to add it would be nice if you add the references so that way citing is really easy on acm.org it will auto give you the citation info (where it says Display Formats click on ACM Ref and new window with the citation info auto pop's up) --[[User:Asoknack|Asoknack]] 02:28, 11 October 2010 (UTC)<br />
<br />
I added an outline of the similarities and differences. Add any more that I missed. These are from observations so I don't have any resources. -Slay<br />
That's probably fine. Our textbook probably outlines some of them, so I am sure we can find a few there - JSlonosky<br />
<br />
Talked to the teacher today and for VM he said we should focus on the implementation such as Xen and VMware , he also said to talk about para virtualization --[[User:Asoknack|Asoknack]] 18:42, 12 October 2010 (UTC)<br />
<br />
== The Essay ==<br />
<br />
Let's actually breakdown the essay into components then write it here.<br />
<br />
We have our intro/thesis statement<br />
<br />
<br />
<br />
...to the extent that exokernels be seen as a compromise between virtual machines and microkernels. <br />
-I'll work on the initial intro, should have it ready by tonight. -Slade<br />
<br />
3 paragraphs that prove it<br />
Explain how the key design characteristics of these three system architectures compare with each other. <br />
<br />
and conclusion</div>Asoknackhttps://homeostasis.scs.carleton.ca/wiki/index.php?title=Talk:COMP_3000_Essay_1_2010_Question_1&diff=3096Talk:COMP 3000 Essay 1 2010 Question 12010-10-12T19:14:01Z<p>Asoknack: /* Unsorted */</p>
<hr />
<div>== Microkernel == <br />
* Moving kernel functionality into processes contained in user space, e.g. file systems, drivers<br />
* Keep basic functionality in kernel to handle sharing of resources<br />
* Separation allows for manageability and security, corruption in one does not necessarily cause failure in system<br />
* Large amount of moving from a process to Kernel to user space and back again, this is a costly operation.<br />
<br />
----<br />
<br />
''' Microkernel '''<br />
* try's to minimize the amount of software that is mandatory or required [7]<br />
advantages of Microkernel<br />
* favors a modular system structure [7]<br />
* one failure of a program does not impact any other programs [7]<br />
* can support more than one api or strategies since all programs are separated [7]<br />
==== Microkernel Concepts ==== <br />
* piece of code is allowed in the kernel only if moving it outside the kernel would adversely affect the system. [7]<br />
* any subsystem program created must be independent of all other subsystem's, any subsystem that is used can guarantee this from all other subsystems [7]<br />
===== Address Space =====<br />
* a mapping that relates the physical page to the virtual page. [7]<br />
* hide's the hardware's concept of address space [7]<br />
* based off the idea of recursion each subsystem has it's own address space [7]<br />
* the micro kernel provides 3 operations [7]<br />
** Grant [7]<br />
*** allows the owner to give a page to a recipient, provided the recipient want's it the page is removed from the owner's address space and but in the recipients. [7]<br />
*** must be available to the owner. [7]<br />
** Map [7]<br />
*** allows the user to share a page with a recipient [7]<br />
*** page is not removed from the owner's address space. [7]<br />
** Flush [7]<br />
*** remove's the page from all recipients address space<br />
*** how does this work with Grant --[[User:Asoknack|Asoknack]] 19:10, 12 October 2010 (UTC)<br />
<br />
===== Thread's IPC =====<br />
===== Unique Identifiers =====<br />
<br />
== Virtual Machine ==<br />
* Partitioning or virtualizing resources among OS virtualization running on top of host OS<br />
* Virtualized OS believe running on full machine on its own<br />
<br />
----<br />
System Level Virtualization<br />
<br />
=== VMM ===<br />
* stands for Virtual Machine Monitor, also known as the hyper-visor[4]<br />
* responsible for virtualization of hardware(mapping physical to virtual) and the VM that run on top of the virtuallized hardware [4]<br />
* usually a small os with no drivers , so it is coupled with a linux distro that provides device / hardware access [4]<br />
** the os that the VMM is using for driver's is called the hostOS [6]<br />
*the hostOS provides login and physical access to the hardware as well as management for the VMM [6]<br />
=== VM ===<br />
* the OS that the vm is running is called the guestOS [6]<br />
* the guestOS only sees resources that have been allocated to the VM [6]<br />
==== three approaches ====<br />
*Type I virtualization [5]<br />
** runs off the physical hardware [4]<br />
** Isolation of the guestOs from the hardware is done threw processe level protection meachnism[6]<br />
*** ring 0 = VMM [6]<br />
*** ring 1 = VM [6]<br />
*** this means all instructions from the VM must go threw the VMM [6]<br />
** since there can be multiple VM's on a computer the scheduling is done by the VMM [6]<br />
** on boot the VMM creates a hardware platform for the VM [6]<br />
** load's the VM kernel into virtual memory and then boot's it like a regular computer [6]<br />
** ex. Xen [4]<br />
*Type II virtualization [5]<br />
** run off the host Os [4]<br />
** ex. VMware , QEMU [4]<br />
* Para-virtualization [6]<br />
** Similar to Type but use the HostOs for Device driver access [6]<br />
<br />
== Exokernel ==<br />
* Micro-kernel architecture with limited abstractions, ask for resource, get resource not resource abstraction<br />
* Less functionality provided by kernel, security and handling of resource sharing<br />
* Once application receives resource, it can use it as it wishes/in control<br />
* Keep the basic kernel to handle allocating resources and sharing rather than developing straight to the hardware<br />
<br />
----<br />
* multiplex resources securely providing protection to mutual distrustful application threw the use of secure binding's[1]<br />
* Goal of the exokernel is to give LibOS maximum freedom with out allowing them to interfere with each other. to do this the exokernel separates protection from management in doing this it provide 3 important tasks[1]<br />
** tracking ownership of resources [1]<br />
** ensuring protection by guarding all resource usage and binding points (not to shure what binding points are)[1]<br />
** revoking access to the resources [1]<br />
* LibrayOS (LibOs)<br />
** Reduces the number of kernel crossings[1]<br />
** Not trusted by the exokernel so can be trusted by the application , Example given is a bad parameter passed to the LibOs only the application is affected.[1] (So LibOs cant interact with kernel ???)<br />
** Any application running on the Exokernel can change the LibrayOs freely [1]<br />
** Application that use LibOS that implement standard interfaces (POSIX) will be portable on any system with the same interface [1]<br />
** LibOs can be made portable if it is designed to interact with a low-level machine independent level to hide hardware details [1]<br />
<br />
=== Exokernel Design ===<br />
==== Design Principles ====<br />
*Securely Expose Hardware [1]<br />
** an Exokernel tries to create low level primitives that the hardware resources can be accessed from, this also includes interrupts,exceptions [1]<br />
** the exokernel also export privileged instructions to the LibOS so that traditional OS abstractions can be implemented (eg Process , address pace)[1]<br />
** Exokernels should avoid resource management except when required protection ( allocation , revocation , ownership)[1]<br />
** application based resource management is the best way to build flexible efficient flexible systems [1]<br />
*Expose allocation[1]<br />
** allow LibOs to request physical resources [1]<br />
** resource allocation should not be automatic, the LibOS should participate in every single allocation decision [1]<br />
*Expose Names[1]<br />
** Use physical name's when ever possible[3] (not to sure what physical names are, I think it is as simple as what the hardware is called)--[[User:Asoknack|Asoknack]] 20:27, 9 October 2010 (UTC)<br />
** Physical names capture useful information [3]<br />
*** safer than and less resource intensive than virtual names as no translations are needed[3]<br />
*Expose Revocation [1]<br />
** use visible revocation protocol [1]<br />
** allows well behaved LibOS to preform application level resource management [1]<br />
** Visible revocation allows the LibOS to choose what instance of the resource to release[1](Visible means that when revocation happens the exokernel tell the LibOS that resource is being revoked)<br />
''' Policy '''<br />
* LibOS handle resource policy decisions<br />
* Exokernels have a policy to decided between competing LibOS (Priority , share of resources)<br />
** it enforces this threw allocation and deallocation (every thing can achieved threw this even what block to write and such)<br />
<br />
==== Secure Bindings ====<br />
* Used by the exokernel to allow the LibOS to bind to resources [1]<br />
* Allows the separation of protection and resource use [1]<br />
* only checks authorization during bind time [1]<br />
** Application's with complex needs for resources only authorized during bind.[1]<br />
* access checking is done during access time and there is no need to understand complex resources needs during access[1]<br />
** (this means that the exokernel checks once to make sure an application has authorization once approved, when the application tries to use the resource the exokernel is only concerned about policy conflict's)--[[User:Asoknack|Asoknack]] 18:20, 9 October 2010 (UTC)<br />
** allows the kernel to protect the resources with out understanding what the resource is [1]<br />
*three way's to implement<br />
* Hardware Mechanisms [1]<br />
* Software caching [1]<br />
* Downloading application code [1]<br />
''' Downloading Code to the Kernel '''<br />
* used to implement secure bindings , and improve performance[1]<br />
** eliminate the number of kernel crossings [1]<br />
** downloaded code can be run with out the application to be scheduled [2]<br />
==== Visible Resource Revocation ====<br />
* Used for most resources [1]<br />
** allows for LibOS to help with deallocation [1]<br />
** LibOS are able to garner what resources are scare [1]<br />
* Slower than Invisible as application involvement is required [1]<br />
** ex of when invisible is used is Processor addressing-context identifiers [1]<br />
==== Abort Protocol ====<br />
* allows the exokernel to take resources away from the LibOS [1]<br />
* used when the LibOS fails to respond to the revocation request [1]<br />
* Exokernel must be careful not to delete as the LibOS might need to write some system critical data to the resource [1]<br />
<br />
== Comparisons ==<br />
====Exokernel/Microkernel====<br />
'''Similarities'''<br />
* Limited functionality in kernel<br />
** functionality in kernel to handle sharing of resources and security<br />
** avoids programming directly to hardware which creates a dependency<br />
* Additional functionality provided in user space as processes<br />
'''Differences'''<br />
* Minimal abstractions provided by the kernel<br />
** Applications given more power in exokernel<br />
<br />
====Exokernel/VM====<br />
'''Similarities'''<br />
* Idea of partitioning resources between applications/OSs<br />
* "Control" of resource given<br />
* Isolation from other applications/OSs<br />
'''Differences'''<br />
* Exokernel runs applications, VM runs OS<br />
* VM uses a hostOS and guestOSs run on top<br />
* Virtualization on VMs, Exokernel deals with real resources<br />
* VM hides a lot of information because it emulates. Exokernel does not.<br />
<br />
====Microkernel/VM====<br />
'''Differences'''<br />
* With a virtual machine, you are not virtualizing apps like with a microkernel but virtualizing an entire Operating System.<br />
* This can be costly but the benefits are that it's easier and all the standard OS features are available.<br />
<br />
== References ==<br />
[1]<nowiki> Engler, D. R., Kaashoek, M. F., and O'Toole, J. 1995. Exokernel: an operating system architecture for application-level resource management. In Proceedings of the Fifteenth ACM Symposium on Operating Systems Principles (Copper Mountain, Colorado, United States, December 03 - 06, 1995). M. B. Jones, Ed. SOSP '95. ACM, New York, NY, 251-266. DOI= http://doi.acm.org/10.1145/224056.224076 </nowiki><br />
<br />
[2]<nowiki>Engler, Dawson R. "The Exokernel Operating System Architecture." Diss. Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 1998. Web. 9 Oct. 2010. <http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.61.5054&rep=rep1&type=pdf>.</nowiki><br />
<br />
[3]<nowiki>Kaashoek, M. F., Engler, D. R., Ganger, G. R., Briceño, H. M., Hunt, R., Mazières, D., Pinckney, T., Grimm, R., Jannotti, J., and Mackenzie, K. 1997. Application performance and flexibility on exokernel systems. In Proceedings of the Sixteenth ACM Symposium on Operating Systems Principles (Saint Malo, France, October 05 - 08, 1997). W. M. Waite, Ed. SOSP '97. ACM, New York, NY, 52-65. DOI= http://doi.acm.org/10.1145/268998.266644 </nowiki><br />
<br />
[4]<nowiki>Vallee, G.; Naughton, T.; Engelmann, C.; Hong Ong; Scott, S.L.; , "System-Level Virtualization for High Performance Computing," Parallel, Distributed and Network-Based Processing, 2008. PDP 2008. 16th Euromicro Conference on , vol., no., pp.636-643, 13-15 Feb. 2008<br />
DOI= http://doi.acm.org/10.1109/PDP.2008.85 </nowiki><br />
<br />
[5]<nowiki>Goldberg, R. P. 1973. Architecture of virtual machines. In Proceedings of the Workshop on Virtual Computer Systems (Cambridge, Massachusetts, United States, March 26 - 27, 1973). ACM, New York, NY, 74-112. DOI= http://doi.acm.org/10.1145/800122.803950 </nowiki><br />
<br />
[6]<nowiki>Vallee, G., Naughton, T., and Scott, S. L. 2007. System management software for virtual environments. In Proceedings of the 4th international Conference on Computing Frontiers (Ischia, Italy, May 07 - 09, 2007). CF '07. ACM, New York, NY, 153-160. DOI= http://doi.acm.org/10.1145/1242531.1242555 </nowiki><br />
<br />
[7]<nowiki>Liedtke, J. 1995. On micro-kernel construction. In Proceedings of the Fifteenth ACM Symposium on Operating Systems Principles (Copper Mountain, Colorado, United States, December 03 - 06, 1995). M. B. Jones, Ed. SOSP '95. ACM, New York, NY, 237-250. DOI= http://doi.acm.org/10.1145/224056.224075 </nowiki><br />
<br />
== Unsorted ==<br />
An overview of exokernels,virtual machines, microkernels *[http://www2.supchurch.org:10999/files/school/classes/CSCI4730/Lectures/grad-structures.ppt Overview](Power Point)<br><br />
Should not be used as a source but an overview.<br />
<br />
The original paper on [http://portal.acm.org/citation.cfm?id=224076 Exokernels] --[[User:Gautam|Gautam]] 22:39, 6 October 2010 (UTC)<br />
<br />
Exokernel-<br />
Minimalistic abstractions for developers<br />
Exokernels can be seen as a good compromise between virtual machines and microkernels in the sense that exokernels can give that low level access to developers similar to direct access through a protected layer and at the same time can contain enough hardware abstraction to allow similar benefit of hiding the hardware resources to application programs.<br />
Exokernel – fewest hardware abstractions to developer<br />
Microkernel - is the near-minimum amount of software that can provide the mechanisms needed to implement an operating system<br />
Virtual machine is a simulation of any or devices requested by an application program<br />
Exokenel – I’ve got a sound card<br />
Virtual Machine – I’ve got the sound card you’re looking for, perfect virtual match<br />
Microkernel – I’ve got sound card that plays Khazikstan sound format only<br />
MicroKernel - Very small, very predictable, good for schedualing (QNX is a microkernel - POSIX compatable, benefits of running linux software like modern browsers) <br />
<br />
This is some ideas I've got on this question, please contribute below<br />
-Rovic<br />
<br />
Outlining some main features here as I see them.<br />
<br />
I found that the exokernel was an even lower-level design than the microkernel, closer to the hardware without abstraction. They have the same architecture with the basic functionality contained in the kernel to manage everyone. As the exokernel "gives" the resource to the application it can use the resource in isolation of other applications (until forced to shared) much like VMs receive their resources, either partitioned or virtualized, and execute as if its running on its own machine. There is this similar notion of partitioning the resources among applications/OS and allowing them to take control of what they have. <br />
<br />
I'll locate some references later on. --[[User:Slay|Slay]] 15:00, 7 October 2010 (UTC)<br />
<br />
I'm just going to post my answer for question 1 on the individuel assignment and hope it helps. --[[User:Aellebla|Aellebla]] 15:06, 12 October 2010 (UTC)<br />
<br />
The design of the micro kernel was to take everything they could out of the Kernel and put it into a process. For ex, networking would be put into a process instead of staying in the kernel. The micro kernel dev's tried to keep lots of things in user space for efficiency. But one major problem with this is there would be a large amount of moving from a process to the kernel to user space and back again and this is a costly, non efficient process.It was an application specific OS, there was no multiplexing. With a virtual machine you are not virtualizing apps like with a microkernel but virtualizing an entire Operating System. This is very heavy however but the benefits are that it‟s easy and all the standard OS features are there whereas in a microkernel setup they would not all be there and this can be seen as a compromise.<br />
<br />
Exokernels can be seen as a compromise to virtual machines and microkernels because virtual machines emulate and exokernels do not. When you emulate something you hide a lot of the actual information because you wouldn‟t be able to see the „real‟ hardware. If we look at a virtual box setup running Linux, and we go look at all the hardware, it will be displayed as fake hardware.<br />
<br />
<br />
<br />
Maybe we can have an introduction - paragraph or so on each type - then similarities - differences - and the compromise. I am going to do some research and writing this weekend and I will put some up -- Jslonosky<br />
<br />
btw in my page (i guess you can call it that) i have some resources i have found --[[User:Asoknack|Asoknack]] 15:50, 8 October 2010 (UTC)<br />
- Wow, nice man. I will go ahead and write up the descriptive paragraphs on each kernel and virtual machine if no one minds. --Jslonosky<br />
<br />
I think we should divide up the paragraphs and proofread each others instead. (Are there only 4 of us?) I don't have much time to work on this today though but I'll try to work on it tomorrow morning. - Slay<br />
<br />
Sure guy. That sounds good. There should be 5 or 6 of us though.. . Oh well. Their loss. I will do some before or after work today. Ill start with Microkernel since there is not a large amount of info here, and so we don't overlap each other - JSlonosky<br />
<br />
yeah i think there was more like 7 of us btw if any one has any more information feel free to add it would be nice if you add the references so that way citing is really easy on acm.org it will auto give you the citation info (where it says Display Formats click on ACM Ref and new window with the citation info auto pop's up) --[[User:Asoknack|Asoknack]] 02:28, 11 October 2010 (UTC)<br />
<br />
I added an outline of the similarities and differences. Add any more that I missed. These are from observations so I don't have any resources. -Slay<br />
That's probably fine. Our textbook probably outlines some of them, so I am sure we can find a few there - JSlonosky<br />
<br />
Talked to the teacher today and for VM he said we should focus on the implementation such as Xen and VMware , he also said to talk about para virtualization --[[User:Asoknack|Asoknack]] 18:42, 12 October 2010 (UTC)<br />
<br />
== The Essay ==<br />
<br />
Let's actually breakdown the essay into components then write it here.<br />
<br />
We have our intro/thesis statement<br />
<br />
<br />
<br />
...to the extent that exokernels be seen as a compromise between virtual machines and microkernels. <br />
-I'll work on the initial intro, should have it ready by tonight. -Slade<br />
<br />
3 paragraphs that prove it<br />
Explain how the key design characteristics of these three system architectures compare with each other. <br />
<br />
and conclusion</div>Asoknackhttps://homeostasis.scs.carleton.ca/wiki/index.php?title=COMP_3000_Essay_1_2010_Question_1&diff=3095COMP 3000 Essay 1 2010 Question 12010-10-12T19:13:48Z<p>Asoknack: /* Resources */</p>
<hr />
<div>=Question=<br />
To what extent can exokernels be seen as a compromise between virtual machines and microkernels? Explain how the key design characteristics of these three system architectures compare with each other.<br />
<br />
=Answer=<br />
<br />
=Misc=<br />
* every thing is moved to discussion page</div>Asoknackhttps://homeostasis.scs.carleton.ca/wiki/index.php?title=Talk:COMP_3000_Essay_1_2010_Question_1&diff=3094Talk:COMP 3000 Essay 1 2010 Question 12010-10-12T19:10:34Z<p>Asoknack: /* Address Space */</p>
<hr />
<div>== Microkernel == <br />
* Moving kernel functionality into processes contained in user space, e.g. file systems, drivers<br />
* Keep basic functionality in kernel to handle sharing of resources<br />
* Separation allows for manageability and security, corruption in one does not necessarily cause failure in system<br />
* Large amount of moving from a process to Kernel to user space and back again, this is a costly operation.<br />
<br />
----<br />
<br />
''' Microkernel '''<br />
* try's to minimize the amount of software that is mandatory or required [7]<br />
advantages of Microkernel<br />
* favors a modular system structure [7]<br />
* one failure of a program does not impact any other programs [7]<br />
* can support more than one api or strategies since all programs are separated [7]<br />
==== Microkernel Concepts ==== <br />
* piece of code is allowed in the kernel only if moving it outside the kernel would adversely affect the system. [7]<br />
* any subsystem program created must be independent of all other subsystem's, any subsystem that is used can guarantee this from all other subsystems [7]<br />
===== Address Space =====<br />
* a mapping that relates the physical page to the virtual page. [7]<br />
* hide's the hardware's concept of address space [7]<br />
* based off the idea of recursion each subsystem has it's own address space [7]<br />
* the micro kernel provides 3 operations [7]<br />
** Grant [7]<br />
*** allows the owner to give a page to a recipient, provided the recipient want's it the page is removed from the owner's address space and but in the recipients. [7]<br />
*** must be available to the owner. [7]<br />
** Map [7]<br />
*** allows the user to share a page with a recipient [7]<br />
*** page is not removed from the owner's address space. [7]<br />
** Flush [7]<br />
*** remove's the page from all recipients address space<br />
*** how does this work with Grant --[[User:Asoknack|Asoknack]] 19:10, 12 October 2010 (UTC)<br />
<br />
===== Thread's IPC =====<br />
===== Unique Identifiers =====<br />
<br />
== Virtual Machine ==<br />
* Partitioning or virtualizing resources among OS virtualization running on top of host OS<br />
* Virtualized OS believe running on full machine on its own<br />
<br />
----<br />
System Level Virtualization<br />
<br />
=== VMM ===<br />
* stands for Virtual Machine Monitor, also known as the hyper-visor[4]<br />
* responsible for virtualization of hardware(mapping physical to virtual) and the VM that run on top of the virtuallized hardware [4]<br />
* usually a small os with no drivers , so it is coupled with a linux distro that provides device / hardware access [4]<br />
** the os that the VMM is using for driver's is called the hostOS [6]<br />
*the hostOS provides login and physical access to the hardware as well as management for the VMM [6]<br />
=== VM ===<br />
* the OS that the vm is running is called the guestOS [6]<br />
* the guestOS only sees resources that have been allocated to the VM [6]<br />
==== three approaches ====<br />
*Type I virtualization [5]<br />
** runs off the physical hardware [4]<br />
** Isolation of the guestOs from the hardware is done threw processe level protection meachnism[6]<br />
*** ring 0 = VMM [6]<br />
*** ring 1 = VM [6]<br />
*** this means all instructions from the VM must go threw the VMM [6]<br />
** since there can be multiple VM's on a computer the scheduling is done by the VMM [6]<br />
** on boot the VMM creates a hardware platform for the VM [6]<br />
** load's the VM kernel into virtual memory and then boot's it like a regular computer [6]<br />
** ex. Xen [4]<br />
*Type II virtualization [5]<br />
** run off the host Os [4]<br />
** ex. VMware , QEMU [4]<br />
* Para-virtualization [6]<br />
** Similar to Type but use the HostOs for Device driver access [6]<br />
<br />
== Exokernel ==<br />
* Micro-kernel architecture with limited abstractions, ask for resource, get resource not resource abstraction<br />
* Less functionality provided by kernel, security and handling of resource sharing<br />
* Once application receives resource, it can use it as it wishes/in control<br />
* Keep the basic kernel to handle allocating resources and sharing rather than developing straight to the hardware<br />
<br />
----<br />
* multiplex resources securely providing protection to mutual distrustful application threw the use of secure binding's[1]<br />
* Goal of the exokernel is to give LibOS maximum freedom with out allowing them to interfere with each other. to do this the exokernel separates protection from management in doing this it provide 3 important tasks[1]<br />
** tracking ownership of resources [1]<br />
** ensuring protection by guarding all resource usage and binding points (not to shure what binding points are)[1]<br />
** revoking access to the resources [1]<br />
* LibrayOS (LibOs)<br />
** Reduces the number of kernel crossings[1]<br />
** Not trusted by the exokernel so can be trusted by the application , Example given is a bad parameter passed to the LibOs only the application is affected.[1] (So LibOs cant interact with kernel ???)<br />
** Any application running on the Exokernel can change the LibrayOs freely [1]<br />
** Application that use LibOS that implement standard interfaces (POSIX) will be portable on any system with the same interface [1]<br />
** LibOs can be made portable if it is designed to interact with a low-level machine independent level to hide hardware details [1]<br />
<br />
=== Exokernel Design ===<br />
==== Design Principles ====<br />
*Securely Expose Hardware [1]<br />
** an Exokernel tries to create low level primitives that the hardware resources can be accessed from, this also includes interrupts,exceptions [1]<br />
** the exokernel also export privileged instructions to the LibOS so that traditional OS abstractions can be implemented (eg Process , address pace)[1]<br />
** Exokernels should avoid resource management except when required protection ( allocation , revocation , ownership)[1]<br />
** application based resource management is the best way to build flexible efficient flexible systems [1]<br />
*Expose allocation[1]<br />
** allow LibOs to request physical resources [1]<br />
** resource allocation should not be automatic, the LibOS should participate in every single allocation decision [1]<br />
*Expose Names[1]<br />
** Use physical name's when ever possible[3] (not to sure what physical names are, I think it is as simple as what the hardware is called)--[[User:Asoknack|Asoknack]] 20:27, 9 October 2010 (UTC)<br />
** Physical names capture useful information [3]<br />
*** safer than and less resource intensive than virtual names as no translations are needed[3]<br />
*Expose Revocation [1]<br />
** use visible revocation protocol [1]<br />
** allows well behaved LibOS to preform application level resource management [1]<br />
** Visible revocation allows the LibOS to choose what instance of the resource to release[1](Visible means that when revocation happens the exokernel tell the LibOS that resource is being revoked)<br />
''' Policy '''<br />
* LibOS handle resource policy decisions<br />
* Exokernels have a policy to decided between competing LibOS (Priority , share of resources)<br />
** it enforces this threw allocation and deallocation (every thing can achieved threw this even what block to write and such)<br />
<br />
==== Secure Bindings ====<br />
* Used by the exokernel to allow the LibOS to bind to resources [1]<br />
* Allows the separation of protection and resource use [1]<br />
* only checks authorization during bind time [1]<br />
** Application's with complex needs for resources only authorized during bind.[1]<br />
* access checking is done during access time and there is no need to understand complex resources needs during access[1]<br />
** (this means that the exokernel checks once to make sure an application has authorization once approved, when the application tries to use the resource the exokernel is only concerned about policy conflict's)--[[User:Asoknack|Asoknack]] 18:20, 9 October 2010 (UTC)<br />
** allows the kernel to protect the resources with out understanding what the resource is [1]<br />
*three way's to implement<br />
* Hardware Mechanisms [1]<br />
* Software caching [1]<br />
* Downloading application code [1]<br />
''' Downloading Code to the Kernel '''<br />
* used to implement secure bindings , and improve performance[1]<br />
** eliminate the number of kernel crossings [1]<br />
** downloaded code can be run with out the application to be scheduled [2]<br />
==== Visible Resource Revocation ====<br />
* Used for most resources [1]<br />
** allows for LibOS to help with deallocation [1]<br />
** LibOS are able to garner what resources are scare [1]<br />
* Slower than Invisible as application involvement is required [1]<br />
** ex of when invisible is used is Processor addressing-context identifiers [1]<br />
==== Abort Protocol ====<br />
* allows the exokernel to take resources away from the LibOS [1]<br />
* used when the LibOS fails to respond to the revocation request [1]<br />
* Exokernel must be careful not to delete as the LibOS might need to write some system critical data to the resource [1]<br />
<br />
== Comparisons ==<br />
====Exokernel/Microkernel====<br />
'''Similarities'''<br />
* Limited functionality in kernel<br />
** functionality in kernel to handle sharing of resources and security<br />
** avoids programming directly to hardware which creates a dependency<br />
* Additional functionality provided in user space as processes<br />
'''Differences'''<br />
* Minimal abstractions provided by the kernel<br />
** Applications given more power in exokernel<br />
<br />
====Exokernel/VM====<br />
'''Similarities'''<br />
* Idea of partitioning resources between applications/OSs<br />
* "Control" of resource given<br />
* Isolation from other applications/OSs<br />
'''Differences'''<br />
* Exokernel runs applications, VM runs OS<br />
* VM uses a hostOS and guestOSs run on top<br />
* Virtualization on VMs, Exokernel deals with real resources<br />
* VM hides a lot of information because it emulates. Exokernel does not.<br />
<br />
====Microkernel/VM====<br />
'''Differences'''<br />
* With a virtual machine, you are not virtualizing apps like with a microkernel but virtualizing an entire Operating System.<br />
* This can be costly but the benefits are that it's easier and all the standard OS features are available.<br />
<br />
== References ==<br />
[1]<nowiki> Engler, D. R., Kaashoek, M. F., and O'Toole, J. 1995. Exokernel: an operating system architecture for application-level resource management. In Proceedings of the Fifteenth ACM Symposium on Operating Systems Principles (Copper Mountain, Colorado, United States, December 03 - 06, 1995). M. B. Jones, Ed. SOSP '95. ACM, New York, NY, 251-266. DOI= http://doi.acm.org/10.1145/224056.224076 </nowiki><br />
<br />
[2]<nowiki>Engler, Dawson R. "The Exokernel Operating System Architecture." Diss. Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 1998. Web. 9 Oct. 2010. <http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.61.5054&rep=rep1&type=pdf>.</nowiki><br />
<br />
[3]<nowiki>Kaashoek, M. F., Engler, D. R., Ganger, G. R., Briceño, H. M., Hunt, R., Mazières, D., Pinckney, T., Grimm, R., Jannotti, J., and Mackenzie, K. 1997. Application performance and flexibility on exokernel systems. In Proceedings of the Sixteenth ACM Symposium on Operating Systems Principles (Saint Malo, France, October 05 - 08, 1997). W. M. Waite, Ed. SOSP '97. ACM, New York, NY, 52-65. DOI= http://doi.acm.org/10.1145/268998.266644 </nowiki><br />
<br />
[4]<nowiki>Vallee, G.; Naughton, T.; Engelmann, C.; Hong Ong; Scott, S.L.; , "System-Level Virtualization for High Performance Computing," Parallel, Distributed and Network-Based Processing, 2008. PDP 2008. 16th Euromicro Conference on , vol., no., pp.636-643, 13-15 Feb. 2008<br />
DOI= http://doi.acm.org/10.1109/PDP.2008.85 </nowiki><br />
<br />
[5]<nowiki>Goldberg, R. P. 1973. Architecture of virtual machines. In Proceedings of the Workshop on Virtual Computer Systems (Cambridge, Massachusetts, United States, March 26 - 27, 1973). ACM, New York, NY, 74-112. DOI= http://doi.acm.org/10.1145/800122.803950 </nowiki><br />
<br />
[6]<nowiki>Vallee, G., Naughton, T., and Scott, S. L. 2007. System management software for virtual environments. In Proceedings of the 4th international Conference on Computing Frontiers (Ischia, Italy, May 07 - 09, 2007). CF '07. ACM, New York, NY, 153-160. DOI= http://doi.acm.org/10.1145/1242531.1242555 </nowiki><br />
<br />
[7]<nowiki>Liedtke, J. 1995. On micro-kernel construction. In Proceedings of the Fifteenth ACM Symposium on Operating Systems Principles (Copper Mountain, Colorado, United States, December 03 - 06, 1995). M. B. Jones, Ed. SOSP '95. ACM, New York, NY, 237-250. DOI= http://doi.acm.org/10.1145/224056.224075 </nowiki><br />
<br />
== Unsorted ==<br />
Exokernel-<br />
Minimalistic abstractions for developers<br />
Exokernels can be seen as a good compromise between virtual machines and microkernels in the sense that exokernels can give that low level access to developers similar to direct access through a protected layer and at the same time can contain enough hardware abstraction to allow similar benefit of hiding the hardware resources to application programs.<br />
Exokernel – fewest hardware abstractions to developer<br />
Microkernel - is the near-minimum amount of software that can provide the mechanisms needed to implement an operating system<br />
Virtual machine is a simulation of any or devices requested by an application program<br />
Exokenel – I’ve got a sound card<br />
Virtual Machine – I’ve got the sound card you’re looking for, perfect virtual match<br />
Microkernel – I’ve got sound card that plays Khazikstan sound format only<br />
MicroKernel - Very small, very predictable, good for schedualing (QNX is a microkernel - POSIX compatable, benefits of running linux software like modern browsers) <br />
<br />
This is some ideas I've got on this question, please contribute below<br />
-Rovic<br />
<br />
Outlining some main features here as I see them.<br />
<br />
I found that the exokernel was an even lower-level design than the microkernel, closer to the hardware without abstraction. They have the same architecture with the basic functionality contained in the kernel to manage everyone. As the exokernel "gives" the resource to the application it can use the resource in isolation of other applications (until forced to shared) much like VMs receive their resources, either partitioned or virtualized, and execute as if its running on its own machine. There is this similar notion of partitioning the resources among applications/OS and allowing them to take control of what they have. <br />
<br />
I'll locate some references later on. --[[User:Slay|Slay]] 15:00, 7 October 2010 (UTC)<br />
<br />
I'm just going to post my answer for question 1 on the individuel assignment and hope it helps. --[[User:Aellebla|Aellebla]] 15:06, 12 October 2010 (UTC)<br />
<br />
The design of the micro kernel was to take everything they could out of the Kernel and put it into a process. For ex, networking would be put into a process instead of staying in the kernel. The micro kernel dev's tried to keep lots of things in user space for efficiency. But one major problem with this is there would be a large amount of moving from a process to the kernel to user space and back again and this is a costly, non efficient process.It was an application specific OS, there was no multiplexing. With a virtual machine you are not virtualizing apps like with a microkernel but virtualizing an entire Operating System. This is very heavy however but the benefits are that it‟s easy and all the standard OS features are there whereas in a microkernel setup they would not all be there and this can be seen as a compromise.<br />
<br />
Exokernels can be seen as a compromise to virtual machines and microkernels because virtual machines emulate and exokernels do not. When you emulate something you hide a lot of the actual information because you wouldn‟t be able to see the „real‟ hardware. If we look at a virtual box setup running Linux, and we go look at all the hardware, it will be displayed as fake hardware.<br />
<br />
<br />
<br />
Maybe we can have an introduction - paragraph or so on each type - then similarities - differences - and the compromise. I am going to do some research and writing this weekend and I will put some up -- Jslonosky<br />
<br />
btw in my page (i guess you can call it that) i have some resources i have found --[[User:Asoknack|Asoknack]] 15:50, 8 October 2010 (UTC)<br />
- Wow, nice man. I will go ahead and write up the descriptive paragraphs on each kernel and virtual machine if no one minds. --Jslonosky<br />
<br />
I think we should divide up the paragraphs and proofread each others instead. (Are there only 4 of us?) I don't have much time to work on this today though but I'll try to work on it tomorrow morning. - Slay<br />
<br />
Sure guy. That sounds good. There should be 5 or 6 of us though.. . Oh well. Their loss. I will do some before or after work today. Ill start with Microkernel since there is not a large amount of info here, and so we don't overlap each other - JSlonosky<br />
<br />
yeah i think there was more like 7 of us btw if any one has any more information feel free to add it would be nice if you add the references so that way citing is really easy on acm.org it will auto give you the citation info (where it says Display Formats click on ACM Ref and new window with the citation info auto pop's up) --[[User:Asoknack|Asoknack]] 02:28, 11 October 2010 (UTC)<br />
<br />
I added an outline of the similarities and differences. Add any more that I missed. These are from observations so I don't have any resources. -Slay<br />
That's probably fine. Our textbook probably outlines some of them, so I am sure we can find a few there - JSlonosky<br />
<br />
Talked to the teacher today and for VM he said we should focus on the implementation such as Xen and VMware , he also said to talk about para virtualization --[[User:Asoknack|Asoknack]] 18:42, 12 October 2010 (UTC)<br />
<br />
== The Essay ==<br />
<br />
Let's actually breakdown the essay into components then write it here.<br />
<br />
We have our intro/thesis statement<br />
<br />
<br />
<br />
...to the extent that exokernels be seen as a compromise between virtual machines and microkernels. <br />
-I'll work on the initial intro, should have it ready by tonight. -Slade<br />
<br />
3 paragraphs that prove it<br />
Explain how the key design characteristics of these three system architectures compare with each other. <br />
<br />
and conclusion</div>Asoknackhttps://homeostasis.scs.carleton.ca/wiki/index.php?title=Talk:COMP_3000_Essay_1_2010_Question_1&diff=3087Talk:COMP 3000 Essay 1 2010 Question 12010-10-12T18:57:25Z<p>Asoknack: /* Microkernel */</p>
<hr />
<div>== Microkernel == <br />
* Moving kernel functionality into processes contained in user space, e.g. file systems, drivers<br />
* Keep basic functionality in kernel to handle sharing of resources<br />
* Separation allows for manageability and security, corruption in one does not necessarily cause failure in system<br />
* Large amount of moving from a process to Kernel to user space and back again, this is a costly operation.<br />
<br />
----<br />
<br />
''' Microkernel '''<br />
* try's to minimize the amount of software that is mandatory or required [7]<br />
advantages of Microkernel<br />
* favors a modular system structure [7]<br />
* one failure of a program does not impact any other programs [7]<br />
* can support more than one api or strategies since all programs are separated [7]<br />
==== Microkernel Concepts ==== <br />
* piece of code is allowed in the kernel only if moving it outside the kernel would adversely affect the system. [7]<br />
* any subsystem program created must be independent of all other subsystem's, any subsystem that is used can guarantee this from all other subsystems [7]<br />
===== Address Space =====<br />
* a mapping that relates the physical page to the virtual page. [7]<br />
* hide's the hardware's concept of address space [7]<br />
* the micro kernel provides 3 operations [7]<br />
** Grant [7]<br />
** Map [7]<br />
** Flush [7]<br />
===== Thread's IPC =====<br />
===== Unique Identifiers =====<br />
<br />
== Virtual Machine ==<br />
* Partitioning or virtualizing resources among OS virtualization running on top of host OS<br />
* Virtualized OS believe running on full machine on its own<br />
<br />
----<br />
System Level Virtualization<br />
<br />
=== VMM ===<br />
* stands for Virtual Machine Monitor, also known as the hyper-visor[4]<br />
* responsible for virtualization of hardware(mapping physical to virtual) and the VM that run on top of the virtuallized hardware [4]<br />
* usually a small os with no drivers , so it is coupled with a linux distro that provides device / hardware access [4]<br />
** the os that the VMM is using for driver's is called the hostOS [6]<br />
*the hostOS provides login and physical access to the hardware as well as management for the VMM [6]<br />
=== VM ===<br />
* the OS that the vm is running is called the guestOS [6]<br />
* the guestOS only sees resources that have been allocated to the VM [6]<br />
==== three approaches ====<br />
*Type I virtualization [5]<br />
** runs off the physical hardware [4]<br />
** Isolation of the guestOs from the hardware is done threw processe level protection meachnism[6]<br />
*** ring 0 = VMM [6]<br />
*** ring 1 = VM [6]<br />
*** this means all instructions from the VM must go threw the VMM [6]<br />
** since there can be multiple VM's on a computer the scheduling is done by the VMM [6]<br />
** on boot the VMM creates a hardware platform for the VM [6]<br />
** load's the VM kernel into virtual memory and then boot's it like a regular computer [6]<br />
** ex. Xen [4]<br />
*Type II virtualization [5]<br />
** run off the host Os [4]<br />
** ex. VMware , QEMU [4]<br />
* Para-virtualization [6]<br />
** Similar to Type but use the HostOs for Device driver access [6]<br />
<br />
== Exokernel ==<br />
* Micro-kernel architecture with limited abstractions, ask for resource, get resource not resource abstraction<br />
* Less functionality provided by kernel, security and handling of resource sharing<br />
* Once application receives resource, it can use it as it wishes/in control<br />
* Keep the basic kernel to handle allocating resources and sharing rather than developing straight to the hardware<br />
<br />
----<br />
* multiplex resources securely providing protection to mutual distrustful application threw the use of secure binding's[1]<br />
* Goal of the exokernel is to give LibOS maximum freedom with out allowing them to interfere with each other. to do this the exokernel separates protection from management in doing this it provide 3 important tasks[1]<br />
** tracking ownership of resources [1]<br />
** ensuring protection by guarding all resource usage and binding points (not to shure what binding points are)[1]<br />
** revoking access to the resources [1]<br />
* LibrayOS (LibOs)<br />
** Reduces the number of kernel crossings[1]<br />
** Not trusted by the exokernel so can be trusted by the application , Example given is a bad parameter passed to the LibOs only the application is affected.[1] (So LibOs cant interact with kernel ???)<br />
** Any application running on the Exokernel can change the LibrayOs freely [1]<br />
** Application that use LibOS that implement standard interfaces (POSIX) will be portable on any system with the same interface [1]<br />
** LibOs can be made portable if it is designed to interact with a low-level machine independent level to hide hardware details [1]<br />
<br />
=== Exokernel Design ===<br />
==== Design Principles ====<br />
*Securely Expose Hardware [1]<br />
** an Exokernel tries to create low level primitives that the hardware resources can be accessed from, this also includes interrupts,exceptions [1]<br />
** the exokernel also export privileged instructions to the LibOS so that traditional OS abstractions can be implemented (eg Process , address pace)[1]<br />
** Exokernels should avoid resource management except when required protection ( allocation , revocation , ownership)[1]<br />
** application based resource management is the best way to build flexible efficient flexible systems [1]<br />
*Expose allocation[1]<br />
** allow LibOs to request physical resources [1]<br />
** resource allocation should not be automatic, the LibOS should participate in every single allocation decision [1]<br />
*Expose Names[1]<br />
** Use physical name's when ever possible[3] (not to sure what physical names are, I think it is as simple as what the hardware is called)--[[User:Asoknack|Asoknack]] 20:27, 9 October 2010 (UTC)<br />
** Physical names capture useful information [3]<br />
*** safer than and less resource intensive than virtual names as no translations are needed[3]<br />
*Expose Revocation [1]<br />
** use visible revocation protocol [1]<br />
** allows well behaved LibOS to preform application level resource management [1]<br />
** Visible revocation allows the LibOS to choose what instance of the resource to release[1](Visible means that when revocation happens the exokernel tell the LibOS that resource is being revoked)<br />
''' Policy '''<br />
* LibOS handle resource policy decisions<br />
* Exokernels have a policy to decided between competing LibOS (Priority , share of resources)<br />
** it enforces this threw allocation and deallocation (every thing can achieved threw this even what block to write and such)<br />
<br />
==== Secure Bindings ====<br />
* Used by the exokernel to allow the LibOS to bind to resources [1]<br />
* Allows the separation of protection and resource use [1]<br />
* only checks authorization during bind time [1]<br />
** Application's with complex needs for resources only authorized during bind.[1]<br />
* access checking is done during access time and there is no need to understand complex resources needs during access[1]<br />
** (this means that the exokernel checks once to make sure an application has authorization once approved, when the application tries to use the resource the exokernel is only concerned about policy conflict's)--[[User:Asoknack|Asoknack]] 18:20, 9 October 2010 (UTC)<br />
** allows the kernel to protect the resources with out understanding what the resource is [1]<br />
*three way's to implement<br />
* Hardware Mechanisms [1]<br />
* Software caching [1]<br />
* Downloading application code [1]<br />
''' Downloading Code to the Kernel '''<br />
* used to implement secure bindings , and improve performance[1]<br />
** eliminate the number of kernel crossings [1]<br />
** downloaded code can be run with out the application to be scheduled [2]<br />
==== Visible Resource Revocation ====<br />
* Used for most resources [1]<br />
** allows for LibOS to help with deallocation [1]<br />
** LibOS are able to garner what resources are scare [1]<br />
* Slower than Invisible as application involvement is required [1]<br />
** ex of when invisible is used is Processor addressing-context identifiers [1]<br />
==== Abort Protocol ====<br />
* allows the exokernel to take resources away from the LibOS [1]<br />
* used when the LibOS fails to respond to the revocation request [1]<br />
* Exokernel must be careful not to delete as the LibOS might need to write some system critical data to the resource [1]<br />
<br />
== Comparisons ==<br />
====Exokernel/Microkernel====<br />
'''Similarities'''<br />
* Limited functionality in kernel<br />
** functionality in kernel to handle sharing of resources and security<br />
** avoids programming directly to hardware which creates a dependency<br />
* Additional functionality provided in user space as processes<br />
'''Differences'''<br />
* Minimal abstractions provided by the kernel<br />
** Applications given more power in exokernel<br />
<br />
====Exokernel/VM====<br />
'''Similarities'''<br />
* Idea of partitioning resources between applications/OSs<br />
* "Control" of resource given<br />
* Isolation from other applications/OSs<br />
'''Differences'''<br />
* Exokernel runs applications, VM runs OS<br />
* VM uses a hostOS and guestOSs run on top<br />
* Virtualization on VMs, Exokernel deals with real resources<br />
* VM hides a lot of information because it emulates. Exokernel does not.<br />
<br />
====Microkernel/VM====<br />
'''Differences'''<br />
* With a virtual machine, you are not virtualizing apps like with a microkernel but virtualizing an entire Operating System.<br />
* This can be costly but the benefits are that it's easier and all the standard OS features are available.<br />
<br />
== References ==<br />
[1]<nowiki> Engler, D. R., Kaashoek, M. F., and O'Toole, J. 1995. Exokernel: an operating system architecture for application-level resource management. In Proceedings of the Fifteenth ACM Symposium on Operating Systems Principles (Copper Mountain, Colorado, United States, December 03 - 06, 1995). M. B. Jones, Ed. SOSP '95. ACM, New York, NY, 251-266. DOI= http://doi.acm.org/10.1145/224056.224076 </nowiki><br />
<br />
[2]<nowiki>Engler, Dawson R. "The Exokernel Operating System Architecture." Diss. Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 1998. Web. 9 Oct. 2010. <http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.61.5054&rep=rep1&type=pdf>.</nowiki><br />
<br />
[3]<nowiki>Kaashoek, M. F., Engler, D. R., Ganger, G. R., Briceño, H. M., Hunt, R., Mazières, D., Pinckney, T., Grimm, R., Jannotti, J., and Mackenzie, K. 1997. Application performance and flexibility on exokernel systems. In Proceedings of the Sixteenth ACM Symposium on Operating Systems Principles (Saint Malo, France, October 05 - 08, 1997). W. M. Waite, Ed. SOSP '97. ACM, New York, NY, 52-65. DOI= http://doi.acm.org/10.1145/268998.266644 </nowiki><br />
<br />
[4]<nowiki>Vallee, G.; Naughton, T.; Engelmann, C.; Hong Ong; Scott, S.L.; , "System-Level Virtualization for High Performance Computing," Parallel, Distributed and Network-Based Processing, 2008. PDP 2008. 16th Euromicro Conference on , vol., no., pp.636-643, 13-15 Feb. 2008<br />
DOI= http://doi.acm.org/10.1109/PDP.2008.85 </nowiki><br />
<br />
[5]<nowiki>Goldberg, R. P. 1973. Architecture of virtual machines. In Proceedings of the Workshop on Virtual Computer Systems (Cambridge, Massachusetts, United States, March 26 - 27, 1973). ACM, New York, NY, 74-112. DOI= http://doi.acm.org/10.1145/800122.803950 </nowiki><br />
<br />
[6]<nowiki>Vallee, G., Naughton, T., and Scott, S. L. 2007. System management software for virtual environments. In Proceedings of the 4th international Conference on Computing Frontiers (Ischia, Italy, May 07 - 09, 2007). CF '07. ACM, New York, NY, 153-160. DOI= http://doi.acm.org/10.1145/1242531.1242555 </nowiki><br />
<br />
[7]<nowiki>Liedtke, J. 1995. On micro-kernel construction. In Proceedings of the Fifteenth ACM Symposium on Operating Systems Principles (Copper Mountain, Colorado, United States, December 03 - 06, 1995). M. B. Jones, Ed. SOSP '95. ACM, New York, NY, 237-250. DOI= http://doi.acm.org/10.1145/224056.224075 </nowiki><br />
<br />
== Unsorted ==<br />
Exokernel-<br />
Minimalistic abstractions for developers<br />
Exokernels can be seen as a good compromise between virtual machines and microkernels in the sense that exokernels can give that low level access to developers similar to direct access through a protected layer and at the same time can contain enough hardware abstraction to allow similar benefit of hiding the hardware resources to application programs.<br />
Exokernel – fewest hardware abstractions to developer<br />
Microkernel - is the near-minimum amount of software that can provide the mechanisms needed to implement an operating system<br />
Virtual machine is a simulation of any or devices requested by an application program<br />
Exokenel – I’ve got a sound card<br />
Virtual Machine – I’ve got the sound card you’re looking for, perfect virtual match<br />
Microkernel – I’ve got sound card that plays Khazikstan sound format only<br />
MicroKernel - Very small, very predictable, good for schedualing (QNX is a microkernel - POSIX compatable, benefits of running linux software like modern browsers) <br />
<br />
This is some ideas I've got on this question, please contribute below<br />
-Rovic<br />
<br />
Outlining some main features here as I see them.<br />
<br />
I found that the exokernel was an even lower-level design than the microkernel, closer to the hardware without abstraction. They have the same architecture with the basic functionality contained in the kernel to manage everyone. As the exokernel "gives" the resource to the application it can use the resource in isolation of other applications (until forced to shared) much like VMs receive their resources, either partitioned or virtualized, and execute as if its running on its own machine. There is this similar notion of partitioning the resources among applications/OS and allowing them to take control of what they have. <br />
<br />
I'll locate some references later on. --[[User:Slay|Slay]] 15:00, 7 October 2010 (UTC)<br />
<br />
I'm just going to post my answer for question 1 on the individuel assignment and hope it helps. --[[User:Aellebla|Aellebla]] 15:06, 12 October 2010 (UTC)<br />
<br />
The design of the micro kernel was to take everything they could out of the Kernel and put it into a process. For ex, networking would be put into a process instead of staying in the kernel. The micro kernel dev's tried to keep lots of things in user space for efficiency. But one major problem with this is there would be a large amount of moving from a process to the kernel to user space and back again and this is a costly, non efficient process.It was an application specific OS, there was no multiplexing. With a virtual machine you are not virtualizing apps like with a microkernel but virtualizing an entire Operating System. This is very heavy however but the benefits are that it‟s easy and all the standard OS features are there whereas in a microkernel setup they would not all be there and this can be seen as a compromise.<br />
<br />
Exokernels can be seen as a compromise to virtual machines and microkernels because virtual machines emulate and exokernels do not. When you emulate something you hide a lot of the actual information because you wouldn‟t be able to see the „real‟ hardware. If we look at a virtual box setup running Linux, and we go look at all the hardware, it will be displayed as fake hardware.<br />
<br />
<br />
<br />
Maybe we can have an introduction - paragraph or so on each type - then similarities - differences - and the compromise. I am going to do some research and writing this weekend and I will put some up -- Jslonosky<br />
<br />
btw in my page (i guess you can call it that) i have some resources i have found --[[User:Asoknack|Asoknack]] 15:50, 8 October 2010 (UTC)<br />
- Wow, nice man. I will go ahead and write up the descriptive paragraphs on each kernel and virtual machine if no one minds. --Jslonosky<br />
<br />
I think we should divide up the paragraphs and proofread each others instead. (Are there only 4 of us?) I don't have much time to work on this today though but I'll try to work on it tomorrow morning. - Slay<br />
<br />
Sure guy. That sounds good. There should be 5 or 6 of us though.. . Oh well. Their loss. I will do some before or after work today. Ill start with Microkernel since there is not a large amount of info here, and so we don't overlap each other - JSlonosky<br />
<br />
yeah i think there was more like 7 of us btw if any one has any more information feel free to add it would be nice if you add the references so that way citing is really easy on acm.org it will auto give you the citation info (where it says Display Formats click on ACM Ref and new window with the citation info auto pop's up) --[[User:Asoknack|Asoknack]] 02:28, 11 October 2010 (UTC)<br />
<br />
I added an outline of the similarities and differences. Add any more that I missed. These are from observations so I don't have any resources. -Slay<br />
That's probably fine. Our textbook probably outlines some of them, so I am sure we can find a few there - JSlonosky<br />
<br />
Talked to the teacher today and for VM he said we should focus on the implementation such as Xen and VMware , he also said to talk about para virtualization --[[User:Asoknack|Asoknack]] 18:42, 12 October 2010 (UTC)<br />
<br />
== The Essay ==<br />
<br />
Let's actually breakdown the essay into components then write it here.<br />
<br />
We have our intro/thesis statement<br />
<br />
<br />
<br />
...to the extent that exokernels be seen as a compromise between virtual machines and microkernels. <br />
-I'll work on the initial intro, should have it ready by tonight. -Slade<br />
<br />
3 paragraphs that prove it<br />
Explain how the key design characteristics of these three system architectures compare with each other. <br />
<br />
and conclusion</div>Asoknackhttps://homeostasis.scs.carleton.ca/wiki/index.php?title=Talk:COMP_3000_Essay_1_2010_Question_1&diff=3086Talk:COMP 3000 Essay 1 2010 Question 12010-10-12T18:48:38Z<p>Asoknack: /* Microkernel */</p>
<hr />
<div>== Microkernel == <br />
* Moving kernel functionality into processes contained in user space, e.g. file systems, drivers<br />
* Keep basic functionality in kernel to handle sharing of resources<br />
* Separation allows for manageability and security, corruption in one does not necessarily cause failure in system<br />
* Large amount of moving from a process to Kernel to user space and back again, this is a costly operation.<br />
<br />
----<br />
<br />
''' Microkernel '''<br />
* try's to minimize the amount of software that is mandatory or required [7]<br />
advantages of Microkernel<br />
* favors a modular system structure [7]<br />
* one failure of a program does not impact any other programs [7]<br />
* can support more than one api or strategies since all programs are separated [7]<br />
* peice of code is allowed in the kernel only if moving it outside the kernel would adversely affect the system. [7]<br />
==== Microkernel Concepts ==== <br />
===== Address Space =====<br />
===== Thread's IPC =====<br />
===== Unique Identifiers =====<br />
<br />
== Virtual Machine ==<br />
* Partitioning or virtualizing resources among OS virtualization running on top of host OS<br />
* Virtualized OS believe running on full machine on its own<br />
<br />
----<br />
System Level Virtualization<br />
<br />
=== VMM ===<br />
* stands for Virtual Machine Monitor, also known as the hyper-visor[4]<br />
* responsible for virtualization of hardware(mapping physical to virtual) and the VM that run on top of the virtuallized hardware [4]<br />
* usually a small os with no drivers , so it is coupled with a linux distro that provides device / hardware access [4]<br />
** the os that the VMM is using for driver's is called the hostOS [6]<br />
*the hostOS provides login and physical access to the hardware as well as management for the VMM [6]<br />
=== VM ===<br />
* the OS that the vm is running is called the guestOS [6]<br />
* the guestOS only sees resources that have been allocated to the VM [6]<br />
==== three approaches ====<br />
*Type I virtualization [5]<br />
** runs off the physical hardware [4]<br />
** Isolation of the guestOs from the hardware is done threw processe level protection meachnism[6]<br />
*** ring 0 = VMM [6]<br />
*** ring 1 = VM [6]<br />
*** this means all instructions from the VM must go threw the VMM [6]<br />
** since there can be multiple VM's on a computer the scheduling is done by the VMM [6]<br />
** on boot the VMM creates a hardware platform for the VM [6]<br />
** load's the VM kernel into virtual memory and then boot's it like a regular computer [6]<br />
** ex. Xen [4]<br />
*Type II virtualization [5]<br />
** run off the host Os [4]<br />
** ex. VMware , QEMU [4]<br />
* Para-virtualization [6]<br />
** Similar to Type but use the HostOs for Device driver access [6]<br />
<br />
== Exokernel ==<br />
* Micro-kernel architecture with limited abstractions, ask for resource, get resource not resource abstraction<br />
* Less functionality provided by kernel, security and handling of resource sharing<br />
* Once application receives resource, it can use it as it wishes/in control<br />
* Keep the basic kernel to handle allocating resources and sharing rather than developing straight to the hardware<br />
<br />
----<br />
* multiplex resources securely providing protection to mutual distrustful application threw the use of secure binding's[1]<br />
* Goal of the exokernel is to give LibOS maximum freedom with out allowing them to interfere with each other. to do this the exokernel separates protection from management in doing this it provide 3 important tasks[1]<br />
** tracking ownership of resources [1]<br />
** ensuring protection by guarding all resource usage and binding points (not to shure what binding points are)[1]<br />
** revoking access to the resources [1]<br />
* LibrayOS (LibOs)<br />
** Reduces the number of kernel crossings[1]<br />
** Not trusted by the exokernel so can be trusted by the application , Example given is a bad parameter passed to the LibOs only the application is affected.[1] (So LibOs cant interact with kernel ???)<br />
** Any application running on the Exokernel can change the LibrayOs freely [1]<br />
** Application that use LibOS that implement standard interfaces (POSIX) will be portable on any system with the same interface [1]<br />
** LibOs can be made portable if it is designed to interact with a low-level machine independent level to hide hardware details [1]<br />
<br />
=== Exokernel Design ===<br />
==== Design Principles ====<br />
*Securely Expose Hardware [1]<br />
** an Exokernel tries to create low level primitives that the hardware resources can be accessed from, this also includes interrupts,exceptions [1]<br />
** the exokernel also export privileged instructions to the LibOS so that traditional OS abstractions can be implemented (eg Process , address pace)[1]<br />
** Exokernels should avoid resource management except when required protection ( allocation , revocation , ownership)[1]<br />
** application based resource management is the best way to build flexible efficient flexible systems [1]<br />
*Expose allocation[1]<br />
** allow LibOs to request physical resources [1]<br />
** resource allocation should not be automatic, the LibOS should participate in every single allocation decision [1]<br />
*Expose Names[1]<br />
** Use physical name's when ever possible[3] (not to sure what physical names are, I think it is as simple as what the hardware is called)--[[User:Asoknack|Asoknack]] 20:27, 9 October 2010 (UTC)<br />
** Physical names capture useful information [3]<br />
*** safer than and less resource intensive than virtual names as no translations are needed[3]<br />
*Expose Revocation [1]<br />
** use visible revocation protocol [1]<br />
** allows well behaved LibOS to preform application level resource management [1]<br />
** Visible revocation allows the LibOS to choose what instance of the resource to release[1](Visible means that when revocation happens the exokernel tell the LibOS that resource is being revoked)<br />
''' Policy '''<br />
* LibOS handle resource policy decisions<br />
* Exokernels have a policy to decided between competing LibOS (Priority , share of resources)<br />
** it enforces this threw allocation and deallocation (every thing can achieved threw this even what block to write and such)<br />
<br />
==== Secure Bindings ====<br />
* Used by the exokernel to allow the LibOS to bind to resources [1]<br />
* Allows the separation of protection and resource use [1]<br />
* only checks authorization during bind time [1]<br />
** Application's with complex needs for resources only authorized during bind.[1]<br />
* access checking is done during access time and there is no need to understand complex resources needs during access[1]<br />
** (this means that the exokernel checks once to make sure an application has authorization once approved, when the application tries to use the resource the exokernel is only concerned about policy conflict's)--[[User:Asoknack|Asoknack]] 18:20, 9 October 2010 (UTC)<br />
** allows the kernel to protect the resources with out understanding what the resource is [1]<br />
*three way's to implement<br />
* Hardware Mechanisms [1]<br />
* Software caching [1]<br />
* Downloading application code [1]<br />
''' Downloading Code to the Kernel '''<br />
* used to implement secure bindings , and improve performance[1]<br />
** eliminate the number of kernel crossings [1]<br />
** downloaded code can be run with out the application to be scheduled [2]<br />
==== Visible Resource Revocation ====<br />
* Used for most resources [1]<br />
** allows for LibOS to help with deallocation [1]<br />
** LibOS are able to garner what resources are scare [1]<br />
* Slower than Invisible as application involvement is required [1]<br />
** ex of when invisible is used is Processor addressing-context identifiers [1]<br />
==== Abort Protocol ====<br />
* allows the exokernel to take resources away from the LibOS [1]<br />
* used when the LibOS fails to respond to the revocation request [1]<br />
* Exokernel must be careful not to delete as the LibOS might need to write some system critical data to the resource [1]<br />
<br />
== Comparisons ==<br />
====Exokernel/Microkernel====<br />
'''Similarities'''<br />
* Limited functionality in kernel<br />
** functionality in kernel to handle sharing of resources and security<br />
** avoids programming directly to hardware which creates a dependency<br />
* Additional functionality provided in user space as processes<br />
'''Differences'''<br />
* Minimal abstractions provided by the kernel<br />
** Applications given more power in exokernel<br />
<br />
====Exokernel/VM====<br />
'''Similarities'''<br />
* Idea of partitioning resources between applications/OSs<br />
* "Control" of resource given<br />
* Isolation from other applications/OSs<br />
'''Differences'''<br />
* Exokernel runs applications, VM runs OS<br />
* VM uses a hostOS and guestOSs run on top<br />
* Virtualization on VMs, Exokernel deals with real resources<br />
* VM hides a lot of information because it emulates. Exokernel does not.<br />
<br />
====Microkernel/VM====<br />
'''Differences'''<br />
* With a virtual machine, you are not virtualizing apps like with a microkernel but virtualizing an entire Operating System.<br />
* This can be costly but the benefits are that it's easier and all the standard OS features are available.<br />
<br />
== References ==<br />
[1]<nowiki> Engler, D. R., Kaashoek, M. F., and O'Toole, J. 1995. Exokernel: an operating system architecture for application-level resource management. In Proceedings of the Fifteenth ACM Symposium on Operating Systems Principles (Copper Mountain, Colorado, United States, December 03 - 06, 1995). M. B. Jones, Ed. SOSP '95. ACM, New York, NY, 251-266. DOI= http://doi.acm.org/10.1145/224056.224076 </nowiki><br />
<br />
[2]<nowiki>Engler, Dawson R. "The Exokernel Operating System Architecture." Diss. Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 1998. Web. 9 Oct. 2010. <http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.61.5054&rep=rep1&type=pdf>.</nowiki><br />
<br />
[3]<nowiki>Kaashoek, M. F., Engler, D. R., Ganger, G. R., Briceño, H. M., Hunt, R., Mazières, D., Pinckney, T., Grimm, R., Jannotti, J., and Mackenzie, K. 1997. Application performance and flexibility on exokernel systems. In Proceedings of the Sixteenth ACM Symposium on Operating Systems Principles (Saint Malo, France, October 05 - 08, 1997). W. M. Waite, Ed. SOSP '97. ACM, New York, NY, 52-65. DOI= http://doi.acm.org/10.1145/268998.266644 </nowiki><br />
<br />
[4]<nowiki>Vallee, G.; Naughton, T.; Engelmann, C.; Hong Ong; Scott, S.L.; , "System-Level Virtualization for High Performance Computing," Parallel, Distributed and Network-Based Processing, 2008. PDP 2008. 16th Euromicro Conference on , vol., no., pp.636-643, 13-15 Feb. 2008<br />
DOI= http://doi.acm.org/10.1109/PDP.2008.85 </nowiki><br />
<br />
[5]<nowiki>Goldberg, R. P. 1973. Architecture of virtual machines. In Proceedings of the Workshop on Virtual Computer Systems (Cambridge, Massachusetts, United States, March 26 - 27, 1973). ACM, New York, NY, 74-112. DOI= http://doi.acm.org/10.1145/800122.803950 </nowiki><br />
<br />
[6]<nowiki>Vallee, G., Naughton, T., and Scott, S. L. 2007. System management software for virtual environments. In Proceedings of the 4th international Conference on Computing Frontiers (Ischia, Italy, May 07 - 09, 2007). CF '07. ACM, New York, NY, 153-160. DOI= http://doi.acm.org/10.1145/1242531.1242555 </nowiki><br />
<br />
[7]<nowiki>Liedtke, J. 1995. On micro-kernel construction. In Proceedings of the Fifteenth ACM Symposium on Operating Systems Principles (Copper Mountain, Colorado, United States, December 03 - 06, 1995). M. B. Jones, Ed. SOSP '95. ACM, New York, NY, 237-250. DOI= http://doi.acm.org/10.1145/224056.224075 </nowiki><br />
<br />
== Unsorted ==<br />
Exokernel-<br />
Minimalistic abstractions for developers<br />
Exokernels can be seen as a good compromise between virtual machines and microkernels in the sense that exokernels can give that low level access to developers similar to direct access through a protected layer and at the same time can contain enough hardware abstraction to allow similar benefit of hiding the hardware resources to application programs.<br />
Exokernel – fewest hardware abstractions to developer<br />
Microkernel - is the near-minimum amount of software that can provide the mechanisms needed to implement an operating system<br />
Virtual machine is a simulation of any or devices requested by an application program<br />
Exokenel – I’ve got a sound card<br />
Virtual Machine – I’ve got the sound card you’re looking for, perfect virtual match<br />
Microkernel – I’ve got sound card that plays Khazikstan sound format only<br />
MicroKernel - Very small, very predictable, good for schedualing (QNX is a microkernel - POSIX compatable, benefits of running linux software like modern browsers) <br />
<br />
This is some ideas I've got on this question, please contribute below<br />
-Rovic<br />
<br />
Outlining some main features here as I see them.<br />
<br />
I found that the exokernel was an even lower-level design than the microkernel, closer to the hardware without abstraction. They have the same architecture with the basic functionality contained in the kernel to manage everyone. As the exokernel "gives" the resource to the application it can use the resource in isolation of other applications (until forced to shared) much like VMs receive their resources, either partitioned or virtualized, and execute as if its running on its own machine. There is this similar notion of partitioning the resources among applications/OS and allowing them to take control of what they have. <br />
<br />
I'll locate some references later on. --[[User:Slay|Slay]] 15:00, 7 October 2010 (UTC)<br />
<br />
I'm just going to post my answer for question 1 on the individuel assignment and hope it helps. --[[User:Aellebla|Aellebla]] 15:06, 12 October 2010 (UTC)<br />
<br />
The design of the micro kernel was to take everything they could out of the Kernel and put it into a process. For ex, networking would be put into a process instead of staying in the kernel. The micro kernel dev's tried to keep lots of things in user space for efficiency. But one major problem with this is there would be a large amount of moving from a process to the kernel to user space and back again and this is a costly, non efficient process.It was an application specific OS, there was no multiplexing. With a virtual machine you are not virtualizing apps like with a microkernel but virtualizing an entire Operating System. This is very heavy however but the benefits are that it‟s easy and all the standard OS features are there whereas in a microkernel setup they would not all be there and this can be seen as a compromise.<br />
<br />
Exokernels can be seen as a compromise to virtual machines and microkernels because virtual machines emulate and exokernels do not. When you emulate something you hide a lot of the actual information because you wouldn‟t be able to see the „real‟ hardware. If we look at a virtual box setup running Linux, and we go look at all the hardware, it will be displayed as fake hardware.<br />
<br />
<br />
<br />
Maybe we can have an introduction - paragraph or so on each type - then similarities - differences - and the compromise. I am going to do some research and writing this weekend and I will put some up -- Jslonosky<br />
<br />
btw in my page (i guess you can call it that) i have some resources i have found --[[User:Asoknack|Asoknack]] 15:50, 8 October 2010 (UTC)<br />
- Wow, nice man. I will go ahead and write up the descriptive paragraphs on each kernel and virtual machine if no one minds. --Jslonosky<br />
<br />
I think we should divide up the paragraphs and proofread each others instead. (Are there only 4 of us?) I don't have much time to work on this today though but I'll try to work on it tomorrow morning. - Slay<br />
<br />
Sure guy. That sounds good. There should be 5 or 6 of us though.. . Oh well. Their loss. I will do some before or after work today. Ill start with Microkernel since there is not a large amount of info here, and so we don't overlap each other - JSlonosky<br />
<br />
yeah i think there was more like 7 of us btw if any one has any more information feel free to add it would be nice if you add the references so that way citing is really easy on acm.org it will auto give you the citation info (where it says Display Formats click on ACM Ref and new window with the citation info auto pop's up) --[[User:Asoknack|Asoknack]] 02:28, 11 October 2010 (UTC)<br />
<br />
I added an outline of the similarities and differences. Add any more that I missed. These are from observations so I don't have any resources. -Slay<br />
That's probably fine. Our textbook probably outlines some of them, so I am sure we can find a few there - JSlonosky<br />
<br />
Talked to the teacher today and for VM he said we should focus on the implementation such as Xen and VMware , he also said to talk about para virtualization --[[User:Asoknack|Asoknack]] 18:42, 12 October 2010 (UTC)<br />
<br />
== The Essay ==<br />
<br />
Let's actually breakdown the essay into components then write it here.<br />
<br />
We have our intro/thesis statement<br />
<br />
<br />
<br />
...to the extent that exokernels be seen as a compromise between virtual machines and microkernels. <br />
-I'll work on the initial intro, should have it ready by tonight. -Slade<br />
<br />
3 paragraphs that prove it<br />
Explain how the key design characteristics of these three system architectures compare with each other. <br />
<br />
and conclusion</div>Asoknackhttps://homeostasis.scs.carleton.ca/wiki/index.php?title=Talk:COMP_3000_Essay_1_2010_Question_1&diff=3082Talk:COMP 3000 Essay 1 2010 Question 12010-10-12T18:43:04Z<p>Asoknack: /* Microkernel */</p>
<hr />
<div>== Microkernel == <br />
* Moving kernel functionality into processes contained in user space, e.g. file systems, drivers<br />
* Keep basic functionality in kernel to handle sharing of resources<br />
* Separation allows for manageability and security, corruption in one does not necessarily cause failure in system<br />
* Large amount of moving from a process to Kernel to user space and back again, this is a costly operation.<br />
<br />
----<br />
<br />
''' Microkernel '''<br />
* try's to minimize the amount of software that is mandatory or required [7]<br />
advantages of Microkernel<br />
* favors a modular system structure [7]<br />
* one failure of a program does not impact any other programs [7]<br />
* can support more than one api or strategies since all programs are separated [7]<br />
==== Microkernel Concepts ==== <br />
===== Address Space =====<br />
===== Thread's IPC =====<br />
===== Unique Identifiers =====<br />
<br />
== Virtual Machine ==<br />
* Partitioning or virtualizing resources among OS virtualization running on top of host OS<br />
* Virtualized OS believe running on full machine on its own<br />
<br />
----<br />
System Level Virtualization<br />
<br />
=== VMM ===<br />
* stands for Virtual Machine Monitor, also known as the hyper-visor[4]<br />
* responsible for virtualization of hardware(mapping physical to virtual) and the VM that run on top of the virtuallized hardware [4]<br />
* usually a small os with no drivers , so it is coupled with a linux distro that provides device / hardware access [4]<br />
** the os that the VMM is using for driver's is called the hostOS [6]<br />
*the hostOS provides login and physical access to the hardware as well as management for the VMM [6]<br />
=== VM ===<br />
* the OS that the vm is running is called the guestOS [6]<br />
* the guestOS only sees resources that have been allocated to the VM [6]<br />
==== three approaches ====<br />
*Type I virtualization [5]<br />
** runs off the physical hardware [4]<br />
** Isolation of the guestOs from the hardware is done threw processe level protection meachnism[6]<br />
*** ring 0 = VMM [6]<br />
*** ring 1 = VM [6]<br />
*** this means all instructions from the VM must go threw the VMM [6]<br />
** since there can be multiple VM's on a computer the scheduling is done by the VMM [6]<br />
** on boot the VMM creates a hardware platform for the VM [6]<br />
** load's the VM kernel into virtual memory and then boot's it like a regular computer [6]<br />
** ex. Xen [4]<br />
*Type II virtualization [5]<br />
** run off the host Os [4]<br />
** ex. VMware , QEMU [4]<br />
* Para-virtualization [6]<br />
** Similar to Type but use the HostOs for Device driver access [6]<br />
<br />
== Exokernel ==<br />
* Micro-kernel architecture with limited abstractions, ask for resource, get resource not resource abstraction<br />
* Less functionality provided by kernel, security and handling of resource sharing<br />
* Once application receives resource, it can use it as it wishes/in control<br />
* Keep the basic kernel to handle allocating resources and sharing rather than developing straight to the hardware<br />
<br />
----<br />
* multiplex resources securely providing protection to mutual distrustful application threw the use of secure binding's[1]<br />
* Goal of the exokernel is to give LibOS maximum freedom with out allowing them to interfere with each other. to do this the exokernel separates protection from management in doing this it provide 3 important tasks[1]<br />
** tracking ownership of resources [1]<br />
** ensuring protection by guarding all resource usage and binding points (not to shure what binding points are)[1]<br />
** revoking access to the resources [1]<br />
* LibrayOS (LibOs)<br />
** Reduces the number of kernel crossings[1]<br />
** Not trusted by the exokernel so can be trusted by the application , Example given is a bad parameter passed to the LibOs only the application is affected.[1] (So LibOs cant interact with kernel ???)<br />
** Any application running on the Exokernel can change the LibrayOs freely [1]<br />
** Application that use LibOS that implement standard interfaces (POSIX) will be portable on any system with the same interface [1]<br />
** LibOs can be made portable if it is designed to interact with a low-level machine independent level to hide hardware details [1]<br />
<br />
=== Exokernel Design ===<br />
==== Design Principles ====<br />
*Securely Expose Hardware [1]<br />
** an Exokernel tries to create low level primitives that the hardware resources can be accessed from, this also includes interrupts,exceptions [1]<br />
** the exokernel also export privileged instructions to the LibOS so that traditional OS abstractions can be implemented (eg Process , address pace)[1]<br />
** Exokernels should avoid resource management except when required protection ( allocation , revocation , ownership)[1]<br />
** application based resource management is the best way to build flexible efficient flexible systems [1]<br />
*Expose allocation[1]<br />
** allow LibOs to request physical resources [1]<br />
** resource allocation should not be automatic, the LibOS should participate in every single allocation decision [1]<br />
*Expose Names[1]<br />
** Use physical name's when ever possible[3] (not to sure what physical names are, I think it is as simple as what the hardware is called)--[[User:Asoknack|Asoknack]] 20:27, 9 October 2010 (UTC)<br />
** Physical names capture useful information [3]<br />
*** safer than and less resource intensive than virtual names as no translations are needed[3]<br />
*Expose Revocation [1]<br />
** use visible revocation protocol [1]<br />
** allows well behaved LibOS to preform application level resource management [1]<br />
** Visible revocation allows the LibOS to choose what instance of the resource to release[1](Visible means that when revocation happens the exokernel tell the LibOS that resource is being revoked)<br />
''' Policy '''<br />
* LibOS handle resource policy decisions<br />
* Exokernels have a policy to decided between competing LibOS (Priority , share of resources)<br />
** it enforces this threw allocation and deallocation (every thing can achieved threw this even what block to write and such)<br />
<br />
==== Secure Bindings ====<br />
* Used by the exokernel to allow the LibOS to bind to resources [1]<br />
* Allows the separation of protection and resource use [1]<br />
* only checks authorization during bind time [1]<br />
** Application's with complex needs for resources only authorized during bind.[1]<br />
* access checking is done during access time and there is no need to understand complex resources needs during access[1]<br />
** (this means that the exokernel checks once to make sure an application has authorization once approved, when the application tries to use the resource the exokernel is only concerned about policy conflict's)--[[User:Asoknack|Asoknack]] 18:20, 9 October 2010 (UTC)<br />
** allows the kernel to protect the resources with out understanding what the resource is [1]<br />
*three way's to implement<br />
* Hardware Mechanisms [1]<br />
* Software caching [1]<br />
* Downloading application code [1]<br />
''' Downloading Code to the Kernel '''<br />
* used to implement secure bindings , and improve performance[1]<br />
** eliminate the number of kernel crossings [1]<br />
** downloaded code can be run with out the application to be scheduled [2]<br />
==== Visible Resource Revocation ====<br />
* Used for most resources [1]<br />
** allows for LibOS to help with deallocation [1]<br />
** LibOS are able to garner what resources are scare [1]<br />
* Slower than Invisible as application involvement is required [1]<br />
** ex of when invisible is used is Processor addressing-context identifiers [1]<br />
==== Abort Protocol ====<br />
* allows the exokernel to take resources away from the LibOS [1]<br />
* used when the LibOS fails to respond to the revocation request [1]<br />
* Exokernel must be careful not to delete as the LibOS might need to write some system critical data to the resource [1]<br />
<br />
== Comparisons ==<br />
====Exokernel/Microkernel====<br />
'''Similarities'''<br />
* Limited functionality in kernel<br />
** functionality in kernel to handle sharing of resources and security<br />
** avoids programming directly to hardware which creates a dependency<br />
* Additional functionality provided in user space as processes<br />
'''Differences'''<br />
* Minimal abstractions provided by the kernel<br />
** Applications given more power in exokernel<br />
<br />
====Exokernel/VM====<br />
'''Similarities'''<br />
* Idea of partitioning resources between applications/OSs<br />
* "Control" of resource given<br />
* Isolation from other applications/OSs<br />
'''Differences'''<br />
* Exokernel runs applications, VM runs OS<br />
* VM uses a hostOS and guestOSs run on top<br />
* Virtualization on VMs, Exokernel deals with real resources<br />
* VM hides a lot of information because it emulates. Exokernel does not.<br />
<br />
====Microkernel/VM====<br />
'''Differences'''<br />
* With a virtual machine, you are not virtualizing apps like with a microkernel but virtualizing an entire Operating System.<br />
* This can be costly but the benefits are that it's easier and all the standard OS features are available.<br />
<br />
== References ==<br />
[1]<nowiki> Engler, D. R., Kaashoek, M. F., and O'Toole, J. 1995. Exokernel: an operating system architecture for application-level resource management. In Proceedings of the Fifteenth ACM Symposium on Operating Systems Principles (Copper Mountain, Colorado, United States, December 03 - 06, 1995). M. B. Jones, Ed. SOSP '95. ACM, New York, NY, 251-266. DOI= http://doi.acm.org/10.1145/224056.224076 </nowiki><br />
<br />
[2]<nowiki>Engler, Dawson R. "The Exokernel Operating System Architecture." Diss. Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 1998. Web. 9 Oct. 2010. <http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.61.5054&rep=rep1&type=pdf>.</nowiki><br />
<br />
[3]<nowiki>Kaashoek, M. F., Engler, D. R., Ganger, G. R., Briceño, H. M., Hunt, R., Mazières, D., Pinckney, T., Grimm, R., Jannotti, J., and Mackenzie, K. 1997. Application performance and flexibility on exokernel systems. In Proceedings of the Sixteenth ACM Symposium on Operating Systems Principles (Saint Malo, France, October 05 - 08, 1997). W. M. Waite, Ed. SOSP '97. ACM, New York, NY, 52-65. DOI= http://doi.acm.org/10.1145/268998.266644 </nowiki><br />
<br />
[4]<nowiki>Vallee, G.; Naughton, T.; Engelmann, C.; Hong Ong; Scott, S.L.; , "System-Level Virtualization for High Performance Computing," Parallel, Distributed and Network-Based Processing, 2008. PDP 2008. 16th Euromicro Conference on , vol., no., pp.636-643, 13-15 Feb. 2008<br />
DOI= http://doi.acm.org/10.1109/PDP.2008.85 </nowiki><br />
<br />
[5]<nowiki>Goldberg, R. P. 1973. Architecture of virtual machines. In Proceedings of the Workshop on Virtual Computer Systems (Cambridge, Massachusetts, United States, March 26 - 27, 1973). ACM, New York, NY, 74-112. DOI= http://doi.acm.org/10.1145/800122.803950 </nowiki><br />
<br />
[6]<nowiki>Vallee, G., Naughton, T., and Scott, S. L. 2007. System management software for virtual environments. In Proceedings of the 4th international Conference on Computing Frontiers (Ischia, Italy, May 07 - 09, 2007). CF '07. ACM, New York, NY, 153-160. DOI= http://doi.acm.org/10.1145/1242531.1242555 </nowiki><br />
<br />
[7]<nowiki>Liedtke, J. 1995. On micro-kernel construction. In Proceedings of the Fifteenth ACM Symposium on Operating Systems Principles (Copper Mountain, Colorado, United States, December 03 - 06, 1995). M. B. Jones, Ed. SOSP '95. ACM, New York, NY, 237-250. DOI= http://doi.acm.org/10.1145/224056.224075 </nowiki><br />
<br />
== Unsorted ==<br />
Exokernel-<br />
Minimalistic abstractions for developers<br />
Exokernels can be seen as a good compromise between virtual machines and microkernels in the sense that exokernels can give that low level access to developers similar to direct access through a protected layer and at the same time can contain enough hardware abstraction to allow similar benefit of hiding the hardware resources to application programs.<br />
Exokernel – fewest hardware abstractions to developer<br />
Microkernel - is the near-minimum amount of software that can provide the mechanisms needed to implement an operating system<br />
Virtual machine is a simulation of any or devices requested by an application program<br />
Exokenel – I’ve got a sound card<br />
Virtual Machine – I’ve got the sound card you’re looking for, perfect virtual match<br />
Microkernel – I’ve got sound card that plays Khazikstan sound format only<br />
MicroKernel - Very small, very predictable, good for schedualing (QNX is a microkernel - POSIX compatable, benefits of running linux software like modern browsers) <br />
<br />
This is some ideas I've got on this question, please contribute below<br />
-Rovic<br />
<br />
Outlining some main features here as I see them.<br />
<br />
I found that the exokernel was an even lower-level design than the microkernel, closer to the hardware without abstraction. They have the same architecture with the basic functionality contained in the kernel to manage everyone. As the exokernel "gives" the resource to the application it can use the resource in isolation of other applications (until forced to shared) much like VMs receive their resources, either partitioned or virtualized, and execute as if its running on its own machine. There is this similar notion of partitioning the resources among applications/OS and allowing them to take control of what they have. <br />
<br />
I'll locate some references later on. --[[User:Slay|Slay]] 15:00, 7 October 2010 (UTC)<br />
<br />
I'm just going to post my answer for question 1 on the individuel assignment and hope it helps. --[[User:Aellebla|Aellebla]] 15:06, 12 October 2010 (UTC)<br />
<br />
The design of the micro kernel was to take everything they could out of the Kernel and put it into a process. For ex, networking would be put into a process instead of staying in the kernel. The micro kernel dev's tried to keep lots of things in user space for efficiency. But one major problem with this is there would be a large amount of moving from a process to the kernel to user space and back again and this is a costly, non efficient process.It was an application specific OS, there was no multiplexing. With a virtual machine you are not virtualizing apps like with a microkernel but virtualizing an entire Operating System. This is very heavy however but the benefits are that it‟s easy and all the standard OS features are there whereas in a microkernel setup they would not all be there and this can be seen as a compromise.<br />
<br />
Exokernels can be seen as a compromise to virtual machines and microkernels because virtual machines emulate and exokernels do not. When you emulate something you hide a lot of the actual information because you wouldn‟t be able to see the „real‟ hardware. If we look at a virtual box setup running Linux, and we go look at all the hardware, it will be displayed as fake hardware.<br />
<br />
<br />
<br />
Maybe we can have an introduction - paragraph or so on each type - then similarities - differences - and the compromise. I am going to do some research and writing this weekend and I will put some up -- Jslonosky<br />
<br />
btw in my page (i guess you can call it that) i have some resources i have found --[[User:Asoknack|Asoknack]] 15:50, 8 October 2010 (UTC)<br />
- Wow, nice man. I will go ahead and write up the descriptive paragraphs on each kernel and virtual machine if no one minds. --Jslonosky<br />
<br />
I think we should divide up the paragraphs and proofread each others instead. (Are there only 4 of us?) I don't have much time to work on this today though but I'll try to work on it tomorrow morning. - Slay<br />
<br />
Sure guy. That sounds good. There should be 5 or 6 of us though.. . Oh well. Their loss. I will do some before or after work today. Ill start with Microkernel since there is not a large amount of info here, and so we don't overlap each other - JSlonosky<br />
<br />
yeah i think there was more like 7 of us btw if any one has any more information feel free to add it would be nice if you add the references so that way citing is really easy on acm.org it will auto give you the citation info (where it says Display Formats click on ACM Ref and new window with the citation info auto pop's up) --[[User:Asoknack|Asoknack]] 02:28, 11 October 2010 (UTC)<br />
<br />
I added an outline of the similarities and differences. Add any more that I missed. These are from observations so I don't have any resources. -Slay<br />
That's probably fine. Our textbook probably outlines some of them, so I am sure we can find a few there - JSlonosky<br />
<br />
Talked to the teacher today and for VM he said we should focus on the implementation such as Xen and VMware , he also said to talk about para virtualization --[[User:Asoknack|Asoknack]] 18:42, 12 October 2010 (UTC)<br />
<br />
== The Essay ==<br />
<br />
Let's actually breakdown the essay into components then write it here.<br />
<br />
We have our intro/thesis statement<br />
<br />
<br />
<br />
...to the extent that exokernels be seen as a compromise between virtual machines and microkernels. <br />
-I'll work on the initial intro, should have it ready by tonight. -Slade<br />
<br />
3 paragraphs that prove it<br />
Explain how the key design characteristics of these three system architectures compare with each other. <br />
<br />
and conclusion</div>Asoknackhttps://homeostasis.scs.carleton.ca/wiki/index.php?title=Talk:COMP_3000_Essay_1_2010_Question_1&diff=3081Talk:COMP 3000 Essay 1 2010 Question 12010-10-12T18:42:10Z<p>Asoknack: /* Unsorted */</p>
<hr />
<div>== Microkernel == <br />
* Moving kernel functionality into processes contained in user space, e.g. file systems, drivers<br />
* Keep basic functionality in kernel to handle sharing of resources<br />
* Separation allows for manageability and security, corruption in one does not necessarily cause failure in system<br />
* Large amount of moving from a process to Kernel to user space and back again, this is a costly operation.<br />
<br />
----<br />
<br />
''' Microkernel '''<br />
* try's to minimize the amount of software that is mandatory or required<br />
advantages of Microkernel<br />
* favors a modular system structure<br />
* one failure of a program does not impact any other programs<br />
* can support more than one api or strategies since all programs are seperated<br />
=== Microkernel Concepts === <br />
==== Address Space ====<br />
==== Thread's IPC ====<br />
==== Unique Identifiers ====<br />
<br />
== Virtual Machine ==<br />
* Partitioning or virtualizing resources among OS virtualization running on top of host OS<br />
* Virtualized OS believe running on full machine on its own<br />
<br />
----<br />
System Level Virtualization<br />
<br />
=== VMM ===<br />
* stands for Virtual Machine Monitor, also known as the hyper-visor[4]<br />
* responsible for virtualization of hardware(mapping physical to virtual) and the VM that run on top of the virtuallized hardware [4]<br />
* usually a small os with no drivers , so it is coupled with a linux distro that provides device / hardware access [4]<br />
** the os that the VMM is using for driver's is called the hostOS [6]<br />
*the hostOS provides login and physical access to the hardware as well as management for the VMM [6]<br />
=== VM ===<br />
* the OS that the vm is running is called the guestOS [6]<br />
* the guestOS only sees resources that have been allocated to the VM [6]<br />
==== three approaches ====<br />
*Type I virtualization [5]<br />
** runs off the physical hardware [4]<br />
** Isolation of the guestOs from the hardware is done threw processe level protection meachnism[6]<br />
*** ring 0 = VMM [6]<br />
*** ring 1 = VM [6]<br />
*** this means all instructions from the VM must go threw the VMM [6]<br />
** since there can be multiple VM's on a computer the scheduling is done by the VMM [6]<br />
** on boot the VMM creates a hardware platform for the VM [6]<br />
** load's the VM kernel into virtual memory and then boot's it like a regular computer [6]<br />
** ex. Xen [4]<br />
*Type II virtualization [5]<br />
** run off the host Os [4]<br />
** ex. VMware , QEMU [4]<br />
* Para-virtualization [6]<br />
** Similar to Type but use the HostOs for Device driver access [6]<br />
<br />
== Exokernel ==<br />
* Micro-kernel architecture with limited abstractions, ask for resource, get resource not resource abstraction<br />
* Less functionality provided by kernel, security and handling of resource sharing<br />
* Once application receives resource, it can use it as it wishes/in control<br />
* Keep the basic kernel to handle allocating resources and sharing rather than developing straight to the hardware<br />
<br />
----<br />
* multiplex resources securely providing protection to mutual distrustful application threw the use of secure binding's[1]<br />
* Goal of the exokernel is to give LibOS maximum freedom with out allowing them to interfere with each other. to do this the exokernel separates protection from management in doing this it provide 3 important tasks[1]<br />
** tracking ownership of resources [1]<br />
** ensuring protection by guarding all resource usage and binding points (not to shure what binding points are)[1]<br />
** revoking access to the resources [1]<br />
* LibrayOS (LibOs)<br />
** Reduces the number of kernel crossings[1]<br />
** Not trusted by the exokernel so can be trusted by the application , Example given is a bad parameter passed to the LibOs only the application is affected.[1] (So LibOs cant interact with kernel ???)<br />
** Any application running on the Exokernel can change the LibrayOs freely [1]<br />
** Application that use LibOS that implement standard interfaces (POSIX) will be portable on any system with the same interface [1]<br />
** LibOs can be made portable if it is designed to interact with a low-level machine independent level to hide hardware details [1]<br />
<br />
=== Exokernel Design ===<br />
==== Design Principles ====<br />
*Securely Expose Hardware [1]<br />
** an Exokernel tries to create low level primitives that the hardware resources can be accessed from, this also includes interrupts,exceptions [1]<br />
** the exokernel also export privileged instructions to the LibOS so that traditional OS abstractions can be implemented (eg Process , address pace)[1]<br />
** Exokernels should avoid resource management except when required protection ( allocation , revocation , ownership)[1]<br />
** application based resource management is the best way to build flexible efficient flexible systems [1]<br />
*Expose allocation[1]<br />
** allow LibOs to request physical resources [1]<br />
** resource allocation should not be automatic, the LibOS should participate in every single allocation decision [1]<br />
*Expose Names[1]<br />
** Use physical name's when ever possible[3] (not to sure what physical names are, I think it is as simple as what the hardware is called)--[[User:Asoknack|Asoknack]] 20:27, 9 October 2010 (UTC)<br />
** Physical names capture useful information [3]<br />
*** safer than and less resource intensive than virtual names as no translations are needed[3]<br />
*Expose Revocation [1]<br />
** use visible revocation protocol [1]<br />
** allows well behaved LibOS to preform application level resource management [1]<br />
** Visible revocation allows the LibOS to choose what instance of the resource to release[1](Visible means that when revocation happens the exokernel tell the LibOS that resource is being revoked)<br />
''' Policy '''<br />
* LibOS handle resource policy decisions<br />
* Exokernels have a policy to decided between competing LibOS (Priority , share of resources)<br />
** it enforces this threw allocation and deallocation (every thing can achieved threw this even what block to write and such)<br />
<br />
==== Secure Bindings ====<br />
* Used by the exokernel to allow the LibOS to bind to resources [1]<br />
* Allows the separation of protection and resource use [1]<br />
* only checks authorization during bind time [1]<br />
** Application's with complex needs for resources only authorized during bind.[1]<br />
* access checking is done during access time and there is no need to understand complex resources needs during access[1]<br />
** (this means that the exokernel checks once to make sure an application has authorization once approved, when the application tries to use the resource the exokernel is only concerned about policy conflict's)--[[User:Asoknack|Asoknack]] 18:20, 9 October 2010 (UTC)<br />
** allows the kernel to protect the resources with out understanding what the resource is [1]<br />
*three way's to implement<br />
* Hardware Mechanisms [1]<br />
* Software caching [1]<br />
* Downloading application code [1]<br />
''' Downloading Code to the Kernel '''<br />
* used to implement secure bindings , and improve performance[1]<br />
** eliminate the number of kernel crossings [1]<br />
** downloaded code can be run with out the application to be scheduled [2]<br />
==== Visible Resource Revocation ====<br />
* Used for most resources [1]<br />
** allows for LibOS to help with deallocation [1]<br />
** LibOS are able to garner what resources are scare [1]<br />
* Slower than Invisible as application involvement is required [1]<br />
** ex of when invisible is used is Processor addressing-context identifiers [1]<br />
==== Abort Protocol ====<br />
* allows the exokernel to take resources away from the LibOS [1]<br />
* used when the LibOS fails to respond to the revocation request [1]<br />
* Exokernel must be careful not to delete as the LibOS might need to write some system critical data to the resource [1]<br />
<br />
== Comparisons ==<br />
====Exokernel/Microkernel====<br />
'''Similarities'''<br />
* Limited functionality in kernel<br />
** functionality in kernel to handle sharing of resources and security<br />
** avoids programming directly to hardware which creates a dependency<br />
* Additional functionality provided in user space as processes<br />
'''Differences'''<br />
* Minimal abstractions provided by the kernel<br />
** Applications given more power in exokernel<br />
<br />
====Exokernel/VM====<br />
'''Similarities'''<br />
* Idea of partitioning resources between applications/OSs<br />
* "Control" of resource given<br />
* Isolation from other applications/OSs<br />
'''Differences'''<br />
* Exokernel runs applications, VM runs OS<br />
* VM uses a hostOS and guestOSs run on top<br />
* Virtualization on VMs, Exokernel deals with real resources<br />
* VM hides a lot of information because it emulates. Exokernel does not.<br />
<br />
====Microkernel/VM====<br />
'''Differences'''<br />
* With a virtual machine, you are not virtualizing apps like with a microkernel but virtualizing an entire Operating System.<br />
* This can be costly but the benefits are that it's easier and all the standard OS features are available.<br />
<br />
== References ==<br />
[1]<nowiki> Engler, D. R., Kaashoek, M. F., and O'Toole, J. 1995. Exokernel: an operating system architecture for application-level resource management. In Proceedings of the Fifteenth ACM Symposium on Operating Systems Principles (Copper Mountain, Colorado, United States, December 03 - 06, 1995). M. B. Jones, Ed. SOSP '95. ACM, New York, NY, 251-266. DOI= http://doi.acm.org/10.1145/224056.224076 </nowiki><br />
<br />
[2]<nowiki>Engler, Dawson R. "The Exokernel Operating System Architecture." Diss. Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 1998. Web. 9 Oct. 2010. <http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.61.5054&rep=rep1&type=pdf>.</nowiki><br />
<br />
[3]<nowiki>Kaashoek, M. F., Engler, D. R., Ganger, G. R., Briceño, H. M., Hunt, R., Mazières, D., Pinckney, T., Grimm, R., Jannotti, J., and Mackenzie, K. 1997. Application performance and flexibility on exokernel systems. In Proceedings of the Sixteenth ACM Symposium on Operating Systems Principles (Saint Malo, France, October 05 - 08, 1997). W. M. Waite, Ed. SOSP '97. ACM, New York, NY, 52-65. DOI= http://doi.acm.org/10.1145/268998.266644 </nowiki><br />
<br />
[4]<nowiki>Vallee, G.; Naughton, T.; Engelmann, C.; Hong Ong; Scott, S.L.; , "System-Level Virtualization for High Performance Computing," Parallel, Distributed and Network-Based Processing, 2008. PDP 2008. 16th Euromicro Conference on , vol., no., pp.636-643, 13-15 Feb. 2008<br />
DOI= http://doi.acm.org/10.1109/PDP.2008.85 </nowiki><br />
<br />
[5]<nowiki>Goldberg, R. P. 1973. Architecture of virtual machines. In Proceedings of the Workshop on Virtual Computer Systems (Cambridge, Massachusetts, United States, March 26 - 27, 1973). ACM, New York, NY, 74-112. DOI= http://doi.acm.org/10.1145/800122.803950 </nowiki><br />
<br />
[6]<nowiki>Vallee, G., Naughton, T., and Scott, S. L. 2007. System management software for virtual environments. In Proceedings of the 4th international Conference on Computing Frontiers (Ischia, Italy, May 07 - 09, 2007). CF '07. ACM, New York, NY, 153-160. DOI= http://doi.acm.org/10.1145/1242531.1242555 </nowiki><br />
<br />
[7]<nowiki>Liedtke, J. 1995. On micro-kernel construction. In Proceedings of the Fifteenth ACM Symposium on Operating Systems Principles (Copper Mountain, Colorado, United States, December 03 - 06, 1995). M. B. Jones, Ed. SOSP '95. ACM, New York, NY, 237-250. DOI= http://doi.acm.org/10.1145/224056.224075 </nowiki><br />
<br />
== Unsorted ==<br />
Exokernel-<br />
Minimalistic abstractions for developers<br />
Exokernels can be seen as a good compromise between virtual machines and microkernels in the sense that exokernels can give that low level access to developers similar to direct access through a protected layer and at the same time can contain enough hardware abstraction to allow similar benefit of hiding the hardware resources to application programs.<br />
Exokernel – fewest hardware abstractions to developer<br />
Microkernel - is the near-minimum amount of software that can provide the mechanisms needed to implement an operating system<br />
Virtual machine is a simulation of any or devices requested by an application program<br />
Exokenel – I’ve got a sound card<br />
Virtual Machine – I’ve got the sound card you’re looking for, perfect virtual match<br />
Microkernel – I’ve got sound card that plays Khazikstan sound format only<br />
MicroKernel - Very small, very predictable, good for schedualing (QNX is a microkernel - POSIX compatable, benefits of running linux software like modern browsers) <br />
<br />
This is some ideas I've got on this question, please contribute below<br />
-Rovic<br />
<br />
Outlining some main features here as I see them.<br />
<br />
I found that the exokernel was an even lower-level design than the microkernel, closer to the hardware without abstraction. They have the same architecture with the basic functionality contained in the kernel to manage everyone. As the exokernel "gives" the resource to the application it can use the resource in isolation of other applications (until forced to shared) much like VMs receive their resources, either partitioned or virtualized, and execute as if its running on its own machine. There is this similar notion of partitioning the resources among applications/OS and allowing them to take control of what they have. <br />
<br />
I'll locate some references later on. --[[User:Slay|Slay]] 15:00, 7 October 2010 (UTC)<br />
<br />
I'm just going to post my answer for question 1 on the individuel assignment and hope it helps. --[[User:Aellebla|Aellebla]] 15:06, 12 October 2010 (UTC)<br />
<br />
The design of the micro kernel was to take everything they could out of the Kernel and put it into a process. For ex, networking would be put into a process instead of staying in the kernel. The micro kernel dev's tried to keep lots of things in user space for efficiency. But one major problem with this is there would be a large amount of moving from a process to the kernel to user space and back again and this is a costly, non efficient process.It was an application specific OS, there was no multiplexing. With a virtual machine you are not virtualizing apps like with a microkernel but virtualizing an entire Operating System. This is very heavy however but the benefits are that it‟s easy and all the standard OS features are there whereas in a microkernel setup they would not all be there and this can be seen as a compromise.<br />
<br />
Exokernels can be seen as a compromise to virtual machines and microkernels because virtual machines emulate and exokernels do not. When you emulate something you hide a lot of the actual information because you wouldn‟t be able to see the „real‟ hardware. If we look at a virtual box setup running Linux, and we go look at all the hardware, it will be displayed as fake hardware.<br />
<br />
<br />
<br />
Maybe we can have an introduction - paragraph or so on each type - then similarities - differences - and the compromise. I am going to do some research and writing this weekend and I will put some up -- Jslonosky<br />
<br />
btw in my page (i guess you can call it that) i have some resources i have found --[[User:Asoknack|Asoknack]] 15:50, 8 October 2010 (UTC)<br />
- Wow, nice man. I will go ahead and write up the descriptive paragraphs on each kernel and virtual machine if no one minds. --Jslonosky<br />
<br />
I think we should divide up the paragraphs and proofread each others instead. (Are there only 4 of us?) I don't have much time to work on this today though but I'll try to work on it tomorrow morning. - Slay<br />
<br />
Sure guy. That sounds good. There should be 5 or 6 of us though.. . Oh well. Their loss. I will do some before or after work today. Ill start with Microkernel since there is not a large amount of info here, and so we don't overlap each other - JSlonosky<br />
<br />
yeah i think there was more like 7 of us btw if any one has any more information feel free to add it would be nice if you add the references so that way citing is really easy on acm.org it will auto give you the citation info (where it says Display Formats click on ACM Ref and new window with the citation info auto pop's up) --[[User:Asoknack|Asoknack]] 02:28, 11 October 2010 (UTC)<br />
<br />
I added an outline of the similarities and differences. Add any more that I missed. These are from observations so I don't have any resources. -Slay<br />
That's probably fine. Our textbook probably outlines some of them, so I am sure we can find a few there - JSlonosky<br />
<br />
Talked to the teacher today and for VM he said we should focus on the implementation such as Xen and VMware , he also said to talk about para virtualization --[[User:Asoknack|Asoknack]] 18:42, 12 October 2010 (UTC)<br />
<br />
== The Essay ==<br />
<br />
Let's actually breakdown the essay into components then write it here.<br />
<br />
We have our intro/thesis statement<br />
<br />
<br />
<br />
...to the extent that exokernels be seen as a compromise between virtual machines and microkernels. <br />
-I'll work on the initial intro, should have it ready by tonight. -Slade<br />
<br />
3 paragraphs that prove it<br />
Explain how the key design characteristics of these three system architectures compare with each other. <br />
<br />
and conclusion</div>Asoknackhttps://homeostasis.scs.carleton.ca/wiki/index.php?title=Talk:COMP_3000_Essay_1_2010_Question_1&diff=3080Talk:COMP 3000 Essay 1 2010 Question 12010-10-12T18:40:56Z<p>Asoknack: /* Microkernel */</p>
<hr />
<div>== Microkernel == <br />
* Moving kernel functionality into processes contained in user space, e.g. file systems, drivers<br />
* Keep basic functionality in kernel to handle sharing of resources<br />
* Separation allows for manageability and security, corruption in one does not necessarily cause failure in system<br />
* Large amount of moving from a process to Kernel to user space and back again, this is a costly operation.<br />
<br />
----<br />
<br />
''' Microkernel '''<br />
* try's to minimize the amount of software that is mandatory or required<br />
advantages of Microkernel<br />
* favors a modular system structure<br />
* one failure of a program does not impact any other programs<br />
* can support more than one api or strategies since all programs are seperated<br />
=== Microkernel Concepts === <br />
==== Address Space ====<br />
==== Thread's IPC ====<br />
==== Unique Identifiers ====<br />
<br />
== Virtual Machine ==<br />
* Partitioning or virtualizing resources among OS virtualization running on top of host OS<br />
* Virtualized OS believe running on full machine on its own<br />
<br />
----<br />
System Level Virtualization<br />
<br />
=== VMM ===<br />
* stands for Virtual Machine Monitor, also known as the hyper-visor[4]<br />
* responsible for virtualization of hardware(mapping physical to virtual) and the VM that run on top of the virtuallized hardware [4]<br />
* usually a small os with no drivers , so it is coupled with a linux distro that provides device / hardware access [4]<br />
** the os that the VMM is using for driver's is called the hostOS [6]<br />
*the hostOS provides login and physical access to the hardware as well as management for the VMM [6]<br />
=== VM ===<br />
* the OS that the vm is running is called the guestOS [6]<br />
* the guestOS only sees resources that have been allocated to the VM [6]<br />
==== three approaches ====<br />
*Type I virtualization [5]<br />
** runs off the physical hardware [4]<br />
** Isolation of the guestOs from the hardware is done threw processe level protection meachnism[6]<br />
*** ring 0 = VMM [6]<br />
*** ring 1 = VM [6]<br />
*** this means all instructions from the VM must go threw the VMM [6]<br />
** since there can be multiple VM's on a computer the scheduling is done by the VMM [6]<br />
** on boot the VMM creates a hardware platform for the VM [6]<br />
** load's the VM kernel into virtual memory and then boot's it like a regular computer [6]<br />
** ex. Xen [4]<br />
*Type II virtualization [5]<br />
** run off the host Os [4]<br />
** ex. VMware , QEMU [4]<br />
* Para-virtualization [6]<br />
** Similar to Type but use the HostOs for Device driver access [6]<br />
<br />
== Exokernel ==<br />
* Micro-kernel architecture with limited abstractions, ask for resource, get resource not resource abstraction<br />
* Less functionality provided by kernel, security and handling of resource sharing<br />
* Once application receives resource, it can use it as it wishes/in control<br />
* Keep the basic kernel to handle allocating resources and sharing rather than developing straight to the hardware<br />
<br />
----<br />
* multiplex resources securely providing protection to mutual distrustful application threw the use of secure binding's[1]<br />
* Goal of the exokernel is to give LibOS maximum freedom with out allowing them to interfere with each other. to do this the exokernel separates protection from management in doing this it provide 3 important tasks[1]<br />
** tracking ownership of resources [1]<br />
** ensuring protection by guarding all resource usage and binding points (not to shure what binding points are)[1]<br />
** revoking access to the resources [1]<br />
* LibrayOS (LibOs)<br />
** Reduces the number of kernel crossings[1]<br />
** Not trusted by the exokernel so can be trusted by the application , Example given is a bad parameter passed to the LibOs only the application is affected.[1] (So LibOs cant interact with kernel ???)<br />
** Any application running on the Exokernel can change the LibrayOs freely [1]<br />
** Application that use LibOS that implement standard interfaces (POSIX) will be portable on any system with the same interface [1]<br />
** LibOs can be made portable if it is designed to interact with a low-level machine independent level to hide hardware details [1]<br />
<br />
=== Exokernel Design ===<br />
==== Design Principles ====<br />
*Securely Expose Hardware [1]<br />
** an Exokernel tries to create low level primitives that the hardware resources can be accessed from, this also includes interrupts,exceptions [1]<br />
** the exokernel also export privileged instructions to the LibOS so that traditional OS abstractions can be implemented (eg Process , address pace)[1]<br />
** Exokernels should avoid resource management except when required protection ( allocation , revocation , ownership)[1]<br />
** application based resource management is the best way to build flexible efficient flexible systems [1]<br />
*Expose allocation[1]<br />
** allow LibOs to request physical resources [1]<br />
** resource allocation should not be automatic, the LibOS should participate in every single allocation decision [1]<br />
*Expose Names[1]<br />
** Use physical name's when ever possible[3] (not to sure what physical names are, I think it is as simple as what the hardware is called)--[[User:Asoknack|Asoknack]] 20:27, 9 October 2010 (UTC)<br />
** Physical names capture useful information [3]<br />
*** safer than and less resource intensive than virtual names as no translations are needed[3]<br />
*Expose Revocation [1]<br />
** use visible revocation protocol [1]<br />
** allows well behaved LibOS to preform application level resource management [1]<br />
** Visible revocation allows the LibOS to choose what instance of the resource to release[1](Visible means that when revocation happens the exokernel tell the LibOS that resource is being revoked)<br />
''' Policy '''<br />
* LibOS handle resource policy decisions<br />
* Exokernels have a policy to decided between competing LibOS (Priority , share of resources)<br />
** it enforces this threw allocation and deallocation (every thing can achieved threw this even what block to write and such)<br />
<br />
==== Secure Bindings ====<br />
* Used by the exokernel to allow the LibOS to bind to resources [1]<br />
* Allows the separation of protection and resource use [1]<br />
* only checks authorization during bind time [1]<br />
** Application's with complex needs for resources only authorized during bind.[1]<br />
* access checking is done during access time and there is no need to understand complex resources needs during access[1]<br />
** (this means that the exokernel checks once to make sure an application has authorization once approved, when the application tries to use the resource the exokernel is only concerned about policy conflict's)--[[User:Asoknack|Asoknack]] 18:20, 9 October 2010 (UTC)<br />
** allows the kernel to protect the resources with out understanding what the resource is [1]<br />
*three way's to implement<br />
* Hardware Mechanisms [1]<br />
* Software caching [1]<br />
* Downloading application code [1]<br />
''' Downloading Code to the Kernel '''<br />
* used to implement secure bindings , and improve performance[1]<br />
** eliminate the number of kernel crossings [1]<br />
** downloaded code can be run with out the application to be scheduled [2]<br />
==== Visible Resource Revocation ====<br />
* Used for most resources [1]<br />
** allows for LibOS to help with deallocation [1]<br />
** LibOS are able to garner what resources are scare [1]<br />
* Slower than Invisible as application involvement is required [1]<br />
** ex of when invisible is used is Processor addressing-context identifiers [1]<br />
==== Abort Protocol ====<br />
* allows the exokernel to take resources away from the LibOS [1]<br />
* used when the LibOS fails to respond to the revocation request [1]<br />
* Exokernel must be careful not to delete as the LibOS might need to write some system critical data to the resource [1]<br />
<br />
== Comparisons ==<br />
====Exokernel/Microkernel====<br />
'''Similarities'''<br />
* Limited functionality in kernel<br />
** functionality in kernel to handle sharing of resources and security<br />
** avoids programming directly to hardware which creates a dependency<br />
* Additional functionality provided in user space as processes<br />
'''Differences'''<br />
* Minimal abstractions provided by the kernel<br />
** Applications given more power in exokernel<br />
<br />
====Exokernel/VM====<br />
'''Similarities'''<br />
* Idea of partitioning resources between applications/OSs<br />
* "Control" of resource given<br />
* Isolation from other applications/OSs<br />
'''Differences'''<br />
* Exokernel runs applications, VM runs OS<br />
* VM uses a hostOS and guestOSs run on top<br />
* Virtualization on VMs, Exokernel deals with real resources<br />
* VM hides a lot of information because it emulates. Exokernel does not.<br />
<br />
====Microkernel/VM====<br />
'''Differences'''<br />
* With a virtual machine, you are not virtualizing apps like with a microkernel but virtualizing an entire Operating System.<br />
* This can be costly but the benefits are that it's easier and all the standard OS features are available.<br />
<br />
== References ==<br />
[1]<nowiki> Engler, D. R., Kaashoek, M. F., and O'Toole, J. 1995. Exokernel: an operating system architecture for application-level resource management. In Proceedings of the Fifteenth ACM Symposium on Operating Systems Principles (Copper Mountain, Colorado, United States, December 03 - 06, 1995). M. B. Jones, Ed. SOSP '95. ACM, New York, NY, 251-266. DOI= http://doi.acm.org/10.1145/224056.224076 </nowiki><br />
<br />
[2]<nowiki>Engler, Dawson R. "The Exokernel Operating System Architecture." Diss. Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 1998. Web. 9 Oct. 2010. <http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.61.5054&rep=rep1&type=pdf>.</nowiki><br />
<br />
[3]<nowiki>Kaashoek, M. F., Engler, D. R., Ganger, G. R., Briceño, H. M., Hunt, R., Mazières, D., Pinckney, T., Grimm, R., Jannotti, J., and Mackenzie, K. 1997. Application performance and flexibility on exokernel systems. In Proceedings of the Sixteenth ACM Symposium on Operating Systems Principles (Saint Malo, France, October 05 - 08, 1997). W. M. Waite, Ed. SOSP '97. ACM, New York, NY, 52-65. DOI= http://doi.acm.org/10.1145/268998.266644 </nowiki><br />
<br />
[4]<nowiki>Vallee, G.; Naughton, T.; Engelmann, C.; Hong Ong; Scott, S.L.; , "System-Level Virtualization for High Performance Computing," Parallel, Distributed and Network-Based Processing, 2008. PDP 2008. 16th Euromicro Conference on , vol., no., pp.636-643, 13-15 Feb. 2008<br />
DOI= http://doi.acm.org/10.1109/PDP.2008.85 </nowiki><br />
<br />
[5]<nowiki>Goldberg, R. P. 1973. Architecture of virtual machines. In Proceedings of the Workshop on Virtual Computer Systems (Cambridge, Massachusetts, United States, March 26 - 27, 1973). ACM, New York, NY, 74-112. DOI= http://doi.acm.org/10.1145/800122.803950 </nowiki><br />
<br />
[6]<nowiki>Vallee, G., Naughton, T., and Scott, S. L. 2007. System management software for virtual environments. In Proceedings of the 4th international Conference on Computing Frontiers (Ischia, Italy, May 07 - 09, 2007). CF '07. ACM, New York, NY, 153-160. DOI= http://doi.acm.org/10.1145/1242531.1242555 </nowiki><br />
<br />
[7]<nowiki>Liedtke, J. 1995. On micro-kernel construction. In Proceedings of the Fifteenth ACM Symposium on Operating Systems Principles (Copper Mountain, Colorado, United States, December 03 - 06, 1995). M. B. Jones, Ed. SOSP '95. ACM, New York, NY, 237-250. DOI= http://doi.acm.org/10.1145/224056.224075 </nowiki><br />
<br />
== Unsorted ==<br />
Exokernel-<br />
Minimalistic abstractions for developers<br />
Exokernels can be seen as a good compromise between virtual machines and microkernels in the sense that exokernels can give that low level access to developers similar to direct access through a protected layer and at the same time can contain enough hardware abstraction to allow similar benefit of hiding the hardware resources to application programs.<br />
Exokernel – fewest hardware abstractions to developer<br />
Microkernel - is the near-minimum amount of software that can provide the mechanisms needed to implement an operating system<br />
Virtual machine is a simulation of any or devices requested by an application program<br />
Exokenel – I’ve got a sound card<br />
Virtual Machine – I’ve got the sound card you’re looking for, perfect virtual match<br />
Microkernel – I’ve got sound card that plays Khazikstan sound format only<br />
MicroKernel - Very small, very predictable, good for schedualing (QNX is a microkernel - POSIX compatable, benefits of running linux software like modern browsers) <br />
<br />
This is some ideas I've got on this question, please contribute below<br />
-Rovic<br />
<br />
Outlining some main features here as I see them.<br />
<br />
I found that the exokernel was an even lower-level design than the microkernel, closer to the hardware without abstraction. They have the same architecture with the basic functionality contained in the kernel to manage everyone. As the exokernel "gives" the resource to the application it can use the resource in isolation of other applications (until forced to shared) much like VMs receive their resources, either partitioned or virtualized, and execute as if its running on its own machine. There is this similar notion of partitioning the resources among applications/OS and allowing them to take control of what they have. <br />
<br />
I'll locate some references later on. --[[User:Slay|Slay]] 15:00, 7 October 2010 (UTC)<br />
<br />
I'm just going to post my answer for question 1 on the individuel assignment and hope it helps. --[[User:Aellebla|Aellebla]] 15:06, 12 October 2010 (UTC)<br />
<br />
The design of the micro kernel was to take everything they could out of the Kernel and put it into a process. For ex, networking would be put into a process instead of staying in the kernel. The micro kernel dev's tried to keep lots of things in user space for efficiency. But one major problem with this is there would be a large amount of moving from a process to the kernel to user space and back again and this is a costly, non efficient process.It was an application specific OS, there was no multiplexing. With a virtual machine you are not virtualizing apps like with a microkernel but virtualizing an entire Operating System. This is very heavy however but the benefits are that it‟s easy and all the standard OS features are there whereas in a microkernel setup they would not all be there and this can be seen as a compromise.<br />
<br />
Exokernels can be seen as a compromise to virtual machines and microkernels because virtual machines emulate and exokernels do not. When you emulate something you hide a lot of the actual information because you wouldn‟t be able to see the „real‟ hardware. If we look at a virtual box setup running Linux, and we go look at all the hardware, it will be displayed as fake hardware.<br />
<br />
<br />
<br />
Maybe we can have an introduction - paragraph or so on each type - then similarities - differences - and the compromise. I am going to do some research and writing this weekend and I will put some up -- Jslonosky<br />
<br />
btw in my page (i guess you can call it that) i have some resources i have found --[[User:Asoknack|Asoknack]] 15:50, 8 October 2010 (UTC)<br />
- Wow, nice man. I will go ahead and write up the descriptive paragraphs on each kernel and virtual machine if no one minds. --Jslonosky<br />
<br />
I think we should divide up the paragraphs and proofread each others instead. (Are there only 4 of us?) I don't have much time to work on this today though but I'll try to work on it tomorrow morning. - Slay<br />
<br />
Sure guy. That sounds good. There should be 5 or 6 of us though.. . Oh well. Their loss. I will do some before or after work today. Ill start with Microkernel since there is not a large amount of info here, and so we don't overlap each other - JSlonosky<br />
<br />
yeah i think there was more like 7 of us btw if any one has any more information feel free to add it would be nice if you add the references so that way citing is really easy on acm.org it will auto give you the citation info (where it says Display Formats click on ACM Ref and new window with the citation info auto pop's up) --[[User:Asoknack|Asoknack]] 02:28, 11 October 2010 (UTC)<br />
<br />
I added an outline of the similarities and differences. Add any more that I missed. These are from observations so I don't have any resources. -Slay<br />
That's probably fine. Our textbook probably outlines some of them, so I am sure we can find a few there - JSlonosky<br />
<br />
== The Essay ==<br />
<br />
Let's actually breakdown the essay into components then write it here.<br />
<br />
We have our intro/thesis statement<br />
<br />
<br />
<br />
...to the extent that exokernels be seen as a compromise between virtual machines and microkernels. <br />
-I'll work on the initial intro, should have it ready by tonight. -Slade<br />
<br />
3 paragraphs that prove it<br />
Explain how the key design characteristics of these three system architectures compare with each other. <br />
<br />
and conclusion</div>Asoknackhttps://homeostasis.scs.carleton.ca/wiki/index.php?title=Talk:COMP_3000_Essay_1_2010_Question_1&diff=3076Talk:COMP 3000 Essay 1 2010 Question 12010-10-12T18:30:33Z<p>Asoknack: /* Virtual Machine */</p>
<hr />
<div>== Microkernel == <br />
* Moving kernel functionality into processes contained in user space, e.g. file systems, drivers<br />
* Keep basic functionality in kernel to handle sharing of resources<br />
* Separation allows for manageability and security, corruption in one does not necessarily cause failure in system<br />
* Large amount of moving from a process to Kernel to user space and back again, this is a costly operation.<br />
<br />
== Virtual Machine ==<br />
* Partitioning or virtualizing resources among OS virtualization running on top of host OS<br />
* Virtualized OS believe running on full machine on its own<br />
<br />
----<br />
System Level Virtualization<br />
<br />
=== VMM ===<br />
* stands for Virtual Machine Monitor, also known as the hyper-visor[4]<br />
* responsible for virtualization of hardware(mapping physical to virtual) and the VM that run on top of the virtuallized hardware [4]<br />
* usually a small os with no drivers , so it is coupled with a linux distro that provides device / hardware access [4]<br />
** the os that the VMM is using for driver's is called the hostOS [6]<br />
*the hostOS provides login and physical access to the hardware as well as management for the VMM [6]<br />
=== VM ===<br />
* the OS that the vm is running is called the guestOS [6]<br />
* the guestOS only sees resources that have been allocated to the VM [6]<br />
==== three approaches ====<br />
*Type I virtualization [5]<br />
** runs off the physical hardware [4]<br />
** Isolation of the guestOs from the hardware is done threw processe level protection meachnism[6]<br />
*** ring 0 = VMM [6]<br />
*** ring 1 = VM [6]<br />
*** this means all instructions from the VM must go threw the VMM [6]<br />
** since there can be multiple VM's on a computer the scheduling is done by the VMM [6]<br />
** on boot the VMM creates a hardware platform for the VM [6]<br />
** load's the VM kernel into virtual memory and then boot's it like a regular computer [6]<br />
** ex. Xen [4]<br />
*Type II virtualization [5]<br />
** run off the host Os [4]<br />
** ex. VMware , QEMU [4]<br />
* Para-virtualization [6]<br />
** Similar to Type but use the HostOs for Device driver access [6]<br />
<br />
== Exokernel ==<br />
* Micro-kernel architecture with limited abstractions, ask for resource, get resource not resource abstraction<br />
* Less functionality provided by kernel, security and handling of resource sharing<br />
* Once application receives resource, it can use it as it wishes/in control<br />
* Keep the basic kernel to handle allocating resources and sharing rather than developing straight to the hardware<br />
<br />
----<br />
* multiplex resources securely providing protection to mutual distrustful application threw the use of secure binding's[1]<br />
* Goal of the exokernel is to give LibOS maximum freedom with out allowing them to interfere with each other. to do this the exokernel separates protection from management in doing this it provide 3 important tasks[1]<br />
** tracking ownership of resources [1]<br />
** ensuring protection by guarding all resource usage and binding points (not to shure what binding points are)[1]<br />
** revoking access to the resources [1]<br />
* LibrayOS (LibOs)<br />
** Reduces the number of kernel crossings[1]<br />
** Not trusted by the exokernel so can be trusted by the application , Example given is a bad parameter passed to the LibOs only the application is affected.[1] (So LibOs cant interact with kernel ???)<br />
** Any application running on the Exokernel can change the LibrayOs freely [1]<br />
** Application that use LibOS that implement standard interfaces (POSIX) will be portable on any system with the same interface [1]<br />
** LibOs can be made portable if it is designed to interact with a low-level machine independent level to hide hardware details [1]<br />
<br />
=== Exokernel Design ===<br />
==== Design Principles ====<br />
*Securely Expose Hardware [1]<br />
** an Exokernel tries to create low level primitives that the hardware resources can be accessed from, this also includes interrupts,exceptions [1]<br />
** the exokernel also export privileged instructions to the LibOS so that traditional OS abstractions can be implemented (eg Process , address pace)[1]<br />
** Exokernels should avoid resource management except when required protection ( allocation , revocation , ownership)[1]<br />
** application based resource management is the best way to build flexible efficient flexible systems [1]<br />
*Expose allocation[1]<br />
** allow LibOs to request physical resources [1]<br />
** resource allocation should not be automatic, the LibOS should participate in every single allocation decision [1]<br />
*Expose Names[1]<br />
** Use physical name's when ever possible[3] (not to sure what physical names are, I think it is as simple as what the hardware is called)--[[User:Asoknack|Asoknack]] 20:27, 9 October 2010 (UTC)<br />
** Physical names capture useful information [3]<br />
*** safer than and less resource intensive than virtual names as no translations are needed[3]<br />
*Expose Revocation [1]<br />
** use visible revocation protocol [1]<br />
** allows well behaved LibOS to preform application level resource management [1]<br />
** Visible revocation allows the LibOS to choose what instance of the resource to release[1](Visible means that when revocation happens the exokernel tell the LibOS that resource is being revoked)<br />
''' Policy '''<br />
* LibOS handle resource policy decisions<br />
* Exokernels have a policy to decided between competing LibOS (Priority , share of resources)<br />
** it enforces this threw allocation and deallocation (every thing can achieved threw this even what block to write and such)<br />
<br />
==== Secure Bindings ====<br />
* Used by the exokernel to allow the LibOS to bind to resources [1]<br />
* Allows the separation of protection and resource use [1]<br />
* only checks authorization during bind time [1]<br />
** Application's with complex needs for resources only authorized during bind.[1]<br />
* access checking is done during access time and there is no need to understand complex resources needs during access[1]<br />
** (this means that the exokernel checks once to make sure an application has authorization once approved, when the application tries to use the resource the exokernel is only concerned about policy conflict's)--[[User:Asoknack|Asoknack]] 18:20, 9 October 2010 (UTC)<br />
** allows the kernel to protect the resources with out understanding what the resource is [1]<br />
*three way's to implement<br />
* Hardware Mechanisms [1]<br />
* Software caching [1]<br />
* Downloading application code [1]<br />
''' Downloading Code to the Kernel '''<br />
* used to implement secure bindings , and improve performance[1]<br />
** eliminate the number of kernel crossings [1]<br />
** downloaded code can be run with out the application to be scheduled [2]<br />
==== Visible Resource Revocation ====<br />
* Used for most resources [1]<br />
** allows for LibOS to help with deallocation [1]<br />
** LibOS are able to garner what resources are scare [1]<br />
* Slower than Invisible as application involvement is required [1]<br />
** ex of when invisible is used is Processor addressing-context identifiers [1]<br />
==== Abort Protocol ====<br />
* allows the exokernel to take resources away from the LibOS [1]<br />
* used when the LibOS fails to respond to the revocation request [1]<br />
* Exokernel must be careful not to delete as the LibOS might need to write some system critical data to the resource [1]<br />
<br />
== Comparisons ==<br />
====Exokernel/Microkernel====<br />
'''Similarities'''<br />
* Limited functionality in kernel<br />
** functionality in kernel to handle sharing of resources and security<br />
** avoids programming directly to hardware which creates a dependency<br />
* Additional functionality provided in user space as processes<br />
'''Differences'''<br />
* Minimal abstractions provided by the kernel<br />
** Applications given more power in exokernel<br />
<br />
====Exokernel/VM====<br />
'''Similarities'''<br />
* Idea of partitioning resources between applications/OSs<br />
* "Control" of resource given<br />
* Isolation from other applications/OSs<br />
'''Differences'''<br />
* Exokernel runs applications, VM runs OS<br />
* VM uses a hostOS and guestOSs run on top<br />
* Virtualization on VMs, Exokernel deals with real resources<br />
* VM hides a lot of information because it emulates. Exokernel does not.<br />
<br />
====Microkernel/VM====<br />
'''Differences'''<br />
* With a virtual machine, you are not virtualizing apps like with a microkernel but virtualizing an entire Operating System.<br />
* This can be costly but the benefits are that it's easier and all the standard OS features are available.<br />
<br />
== References ==<br />
[1]<nowiki> Engler, D. R., Kaashoek, M. F., and O'Toole, J. 1995. Exokernel: an operating system architecture for application-level resource management. In Proceedings of the Fifteenth ACM Symposium on Operating Systems Principles (Copper Mountain, Colorado, United States, December 03 - 06, 1995). M. B. Jones, Ed. SOSP '95. ACM, New York, NY, 251-266. DOI= http://doi.acm.org/10.1145/224056.224076 </nowiki><br />
<br />
[2]<nowiki>Engler, Dawson R. "The Exokernel Operating System Architecture." Diss. Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 1998. Web. 9 Oct. 2010. <http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.61.5054&rep=rep1&type=pdf>.</nowiki><br />
<br />
[3]<nowiki>Kaashoek, M. F., Engler, D. R., Ganger, G. R., Briceño, H. M., Hunt, R., Mazières, D., Pinckney, T., Grimm, R., Jannotti, J., and Mackenzie, K. 1997. Application performance and flexibility on exokernel systems. In Proceedings of the Sixteenth ACM Symposium on Operating Systems Principles (Saint Malo, France, October 05 - 08, 1997). W. M. Waite, Ed. SOSP '97. ACM, New York, NY, 52-65. DOI= http://doi.acm.org/10.1145/268998.266644 </nowiki><br />
<br />
[4]<nowiki>Vallee, G.; Naughton, T.; Engelmann, C.; Hong Ong; Scott, S.L.; , "System-Level Virtualization for High Performance Computing," Parallel, Distributed and Network-Based Processing, 2008. PDP 2008. 16th Euromicro Conference on , vol., no., pp.636-643, 13-15 Feb. 2008<br />
DOI= http://doi.acm.org/10.1109/PDP.2008.85 </nowiki><br />
<br />
[5]<nowiki>Goldberg, R. P. 1973. Architecture of virtual machines. In Proceedings of the Workshop on Virtual Computer Systems (Cambridge, Massachusetts, United States, March 26 - 27, 1973). ACM, New York, NY, 74-112. DOI= http://doi.acm.org/10.1145/800122.803950 </nowiki><br />
<br />
[6]<nowiki>Vallee, G., Naughton, T., and Scott, S. L. 2007. System management software for virtual environments. In Proceedings of the 4th international Conference on Computing Frontiers (Ischia, Italy, May 07 - 09, 2007). CF '07. ACM, New York, NY, 153-160. DOI= http://doi.acm.org/10.1145/1242531.1242555 </nowiki><br />
<br />
[7]<nowiki>Liedtke, J. 1995. On micro-kernel construction. In Proceedings of the Fifteenth ACM Symposium on Operating Systems Principles (Copper Mountain, Colorado, United States, December 03 - 06, 1995). M. B. Jones, Ed. SOSP '95. ACM, New York, NY, 237-250. DOI= http://doi.acm.org/10.1145/224056.224075 </nowiki><br />
<br />
== Unsorted ==<br />
Exokernel-<br />
Minimalistic abstractions for developers<br />
Exokernels can be seen as a good compromise between virtual machines and microkernels in the sense that exokernels can give that low level access to developers similar to direct access through a protected layer and at the same time can contain enough hardware abstraction to allow similar benefit of hiding the hardware resources to application programs.<br />
Exokernel – fewest hardware abstractions to developer<br />
Microkernel - is the near-minimum amount of software that can provide the mechanisms needed to implement an operating system<br />
Virtual machine is a simulation of any or devices requested by an application program<br />
Exokenel – I’ve got a sound card<br />
Virtual Machine – I’ve got the sound card you’re looking for, perfect virtual match<br />
Microkernel – I’ve got sound card that plays Khazikstan sound format only<br />
MicroKernel - Very small, very predictable, good for schedualing (QNX is a microkernel - POSIX compatable, benefits of running linux software like modern browsers) <br />
<br />
This is some ideas I've got on this question, please contribute below<br />
-Rovic<br />
<br />
Outlining some main features here as I see them.<br />
<br />
I found that the exokernel was an even lower-level design than the microkernel, closer to the hardware without abstraction. They have the same architecture with the basic functionality contained in the kernel to manage everyone. As the exokernel "gives" the resource to the application it can use the resource in isolation of other applications (until forced to shared) much like VMs receive their resources, either partitioned or virtualized, and execute as if its running on its own machine. There is this similar notion of partitioning the resources among applications/OS and allowing them to take control of what they have. <br />
<br />
I'll locate some references later on. --[[User:Slay|Slay]] 15:00, 7 October 2010 (UTC)<br />
<br />
I'm just going to post my answer for question 1 on the individuel assignment and hope it helps. --[[User:Aellebla|Aellebla]] 15:06, 12 October 2010 (UTC)<br />
<br />
The design of the micro kernel was to take everything they could out of the Kernel and put it into a process. For ex, networking would be put into a process instead of staying in the kernel. The micro kernel dev's tried to keep lots of things in user space for efficiency. But one major problem with this is there would be a large amount of moving from a process to the kernel to user space and back again and this is a costly, non efficient process.It was an application specific OS, there was no multiplexing. With a virtual machine you are not virtualizing apps like with a microkernel but virtualizing an entire Operating System. This is very heavy however but the benefits are that it‟s easy and all the standard OS features are there whereas in a microkernel setup they would not all be there and this can be seen as a compromise.<br />
<br />
Exokernels can be seen as a compromise to virtual machines and microkernels because virtual machines emulate and exokernels do not. When you emulate something you hide a lot of the actual information because you wouldn‟t be able to see the „real‟ hardware. If we look at a virtual box setup running Linux, and we go look at all the hardware, it will be displayed as fake hardware.<br />
<br />
<br />
<br />
Maybe we can have an introduction - paragraph or so on each type - then similarities - differences - and the compromise. I am going to do some research and writing this weekend and I will put some up -- Jslonosky<br />
<br />
btw in my page (i guess you can call it that) i have some resources i have found --[[User:Asoknack|Asoknack]] 15:50, 8 October 2010 (UTC)<br />
- Wow, nice man. I will go ahead and write up the descriptive paragraphs on each kernel and virtual machine if no one minds. --Jslonosky<br />
<br />
I think we should divide up the paragraphs and proofread each others instead. (Are there only 4 of us?) I don't have much time to work on this today though but I'll try to work on it tomorrow morning. - Slay<br />
<br />
Sure guy. That sounds good. There should be 5 or 6 of us though.. . Oh well. Their loss. I will do some before or after work today. Ill start with Microkernel since there is not a large amount of info here, and so we don't overlap each other - JSlonosky<br />
<br />
yeah i think there was more like 7 of us btw if any one has any more information feel free to add it would be nice if you add the references so that way citing is really easy on acm.org it will auto give you the citation info (where it says Display Formats click on ACM Ref and new window with the citation info auto pop's up) --[[User:Asoknack|Asoknack]] 02:28, 11 October 2010 (UTC)<br />
<br />
I added an outline of the similarities and differences. Add any more that I missed. These are from observations so I don't have any resources. -Slay<br />
That's probably fine. Our textbook probably outlines some of them, so I am sure we can find a few there - JSlonosky<br />
<br />
== The Essay ==<br />
<br />
Let's actually breakdown the essay into components then write it here.<br />
<br />
We have our intro/thesis statement<br />
<br />
<br />
<br />
...to the extent that exokernels be seen as a compromise between virtual machines and microkernels. <br />
-I'll work on the initial intro, should have it ready by tonight. -Slade<br />
<br />
3 paragraphs that prove it<br />
Explain how the key design characteristics of these three system architectures compare with each other. <br />
<br />
and conclusion</div>Asoknackhttps://homeostasis.scs.carleton.ca/wiki/index.php?title=Talk:COMP_3000_Essay_1_2010_Question_1&diff=2892Talk:COMP 3000 Essay 1 2010 Question 12010-10-11T02:30:17Z<p>Asoknack: /* Unsorted */</p>
<hr />
<div>== Microkernel == <br />
* Moving kernel functionality into processes contained in user space, e.g. file systems, drivers<br />
* Keep basic functionality in kernel to handle sharing of resources<br />
* Separation allows for manageability and security, corruption in one does not necessarily cause failure in system<br />
<br />
== Virtual Machine ==<br />
* Partitioning or virtualizing resources among OS virtualization running on top of host OS<br />
* Virtualized OS believe running on full machine on its own<br />
<br />
----<br />
System Level Virtualization<br />
<br />
''' VMM '''<br />
* stands for Virtual Machine Monitor, also known as the hyper-visor[4]<br />
* responsible for virtualization of hardware(mapping physical to virtual) and the VM that run on top of the virtuallized hardware [4]<br />
* usually a small os with no drivers , so it is coupled with a linux distro that provides device / hardware access [4]<br />
** the os that the VMM is using for driver's is called the hostOS [6]<br />
*the hostOS provides login and physical access to the hardware as well as management for the VMM [6]<br />
''' VM '''<br />
* the OS that the vm is running is called the guestOS [6]<br />
* the guestOS only sees resources that have been allocated to the VM [6]<br />
''' three approaches '''<br />
*Type I virtualization [5]<br />
** runs off the physical hardware [4]<br />
** Isolation of the guestOs from the hardware is done threw processe level protection meachnism[6]<br />
*** ring 0 = VMM [6]<br />
*** ring 1 = VM [6]<br />
*** this means all instructions from the VM must go threw the VMM [6]<br />
** since there can be multiple VM's on a computer the scheduling is done by the VMM [6]<br />
** on boot the VMM creates a hardware platform for the VM [6]<br />
** load's the VM kernel into virtual memory and then boot's it like a regular computer [6]<br />
** ex. Xen [4]<br />
*Type II virtualization [5]<br />
** run off the host Os [4]<br />
** ex. VMware , QEMU [4]<br />
* Para-virtualization [6]<br />
** Similar to Type but use the HostOs for Device driver access [6]<br />
<br />
== Exokernel ==<br />
* Micro-kernel architecture with limited abstractions, ask for resource, get resource not resource abstraction<br />
* Less functionality provided by kernel, security and handling of resource sharing<br />
* Once application receives resource, it can use it as it wishes/in control<br />
* Keep the basic kernel to handle allocating resources and sharing rather than developing straight to the hardware<br />
<br />
----<br />
* multiplex resources securely providing protection to mutual distrustful application threw the use of secure binding's[1]<br />
* Goal of the exokernel is to give LibOS maximum freedom with out allowing them to interfere with each other. to do this the exokernel separates protection from management in doing this it provide 3 important tasks[1]<br />
** tracking ownership of resources [1]<br />
** ensuring protection by guarding all resource usage and binding points (not to shure what binding points are)[1]<br />
** revoking access to the resources [1]<br />
* LibrayOS (LibOs)<br />
** Reduces the number of kernel crossings[1]<br />
** Not trusted by the exokernel so can be trusted by the application , Example given is a bad parameter passed to the LibOs only the application is affected.[1] (So LibOs cant interact with kernel ???)<br />
** Any application running on the Exokernel can change the LibrayOs freely [1]<br />
** Application that use LibOS that implement standard interfaces (POSIX) will be portable on any system with the same interface [1]<br />
** LibOs can be made portable if it is designed to interact with a low-level machine independent level to hide hardware details [1]<br />
<br />
=== Exokernel Design ===<br />
==== Design Principles ====<br />
*Securely Expose Hardware [1]<br />
** an Exokernel tries to create low level primitives that the hardware resources can be accessed from, this also includes interrupts,exceptions [1]<br />
** the exokernel also export privileged instructions to the LibOS so that traditional OS abstractions can be implemented (eg Process , address pace)[1]<br />
** Exokernels should avoid resource management except when required protection ( allocation , revocation , ownership)[1]<br />
** application based resource management is the best way to build flexible efficient flexible systems [1]<br />
*Expose allocation[1]<br />
** allow LibOs to request physical resources [1]<br />
** resource allocation should not be automatic, the LibOS should participate in every single allocation decision [1]<br />
*Expose Names[1]<br />
** Use physical name's when ever possible[3] (not to sure what physical names are, I think it is as simple as what the hardware is called)--[[User:Asoknack|Asoknack]] 20:27, 9 October 2010 (UTC)<br />
** Physical names capture useful information [3]<br />
*** safer than and less resource intensive than virtual names as no translations are needed[3]<br />
*Expose Revocation [1]<br />
** use visible revocation protocol [1]<br />
** allows well behaved LibOS to preform application level resource management [1]<br />
** Visible revocation allows the LibOS to choose what instance of the resource to release[1](Visible means that when revocation happens the exokernel tell the LibOS that resource is being revoked)<br />
''' Policy '''<br />
* LibOS handle resource policy decisions<br />
* Exokernels have a policy to decided between competing LibOS (Priority , share of resources)<br />
** it enforces this threw allocation and deallocation (every thing can achieved threw this even what block to write and such)<br />
<br />
==== Secure Bindings ====<br />
* Used by the exokernel to allow the LibOS to bind to resources [1]<br />
* Allows the separation of protection and resource use [1]<br />
* only checks authorization during bind time [1]<br />
** Application's with complex needs for resources only authorized during bind.[1]<br />
* access checking is done during access time and there is no need to understand complex resources needs during access[1]<br />
** (this means that the exokernel checks once to make sure an application has authorization once approved, when the application tries to use the resource the exokernel is only concerned about policy conflict's)--[[User:Asoknack|Asoknack]] 18:20, 9 October 2010 (UTC)<br />
** allows the kernel to protect the resources with out understanding what the resource is [1]<br />
*three way's to implement<br />
* Hardware Mechanisms [1]<br />
* Software caching [1]<br />
* Downloading application code [1]<br />
''' Downloading Code to the Kernel '''<br />
* used to implement secure bindings , and improve performance[1]<br />
** eliminate the number of kernel crossings [1]<br />
** downloaded code can be run with out the application to be scheduled [2]<br />
==== Visible Resource Revocation ====<br />
* Used for most resources [1]<br />
** allows for LibOS to help with deallocation [1]<br />
** LibOS are able to garner what resources are scare [1]<br />
* Slower than Invisible as application involvement is required [1]<br />
** ex of when invisible is used is Processor addressing-context identifiers [1]<br />
==== Abort Protocol ====<br />
* allows the exokernel to take resources away from the LibOS [1]<br />
* used when the LibOS fails to respond to the revocation request [1]<br />
* Exokernel must be careful not to delete as the LibOS might need to write some system critical data to the resource [1]<br />
<br />
== References ==<br />
[1]<nowiki> Engler, D. R., Kaashoek, M. F., and O'Toole, J. 1995. Exokernel: an operating system architecture for application-level resource management. In Proceedings of the Fifteenth ACM Symposium on Operating Systems Principles (Copper Mountain, Colorado, United States, December 03 - 06, 1995). M. B. Jones, Ed. SOSP '95. ACM, New York, NY, 251-266. DOI= http://doi.acm.org/10.1145/224056.224076 </nowiki><br />
<br />
[2]<nowiki>Engler, Dawson R. "The Exokernel Operating System Architecture." Diss. Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 1998. Web. 9 Oct. 2010. <http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.61.5054&rep=rep1&type=pdf>.</nowiki><br />
<br />
[3]<nowiki>Kaashoek, M. F., Engler, D. R., Ganger, G. R., Briceño, H. M., Hunt, R., Mazières, D., Pinckney, T., Grimm, R., Jannotti, J., and Mackenzie, K. 1997. Application performance and flexibility on exokernel systems. In Proceedings of the Sixteenth ACM Symposium on Operating Systems Principles (Saint Malo, France, October 05 - 08, 1997). W. M. Waite, Ed. SOSP '97. ACM, New York, NY, 52-65. DOI= http://doi.acm.org/10.1145/268998.266644 </nowiki><br />
<br />
[4]<nowiki>Vallee, G.; Naughton, T.; Engelmann, C.; Hong Ong; Scott, S.L.; , "System-Level Virtualization for High Performance Computing," Parallel, Distributed and Network-Based Processing, 2008. PDP 2008. 16th Euromicro Conference on , vol., no., pp.636-643, 13-15 Feb. 2008<br />
DOI= http://doi.acm.org/10.1109/PDP.2008.85 </nowiki><br />
<br />
[5]<nowiki>Goldberg, R. P. 1973. Architecture of virtual machines. In Proceedings of the Workshop on Virtual Computer Systems (Cambridge, Massachusetts, United States, March 26 - 27, 1973). ACM, New York, NY, 74-112. DOI= http://doi.acm.org/10.1145/800122.803950 </nowiki><br />
<br />
[6]<nowiki>Vallee, G., Naughton, T., and Scott, S. L. 2007. System management software for virtual environments. In Proceedings of the 4th international Conference on Computing Frontiers (Ischia, Italy, May 07 - 09, 2007). CF '07. ACM, New York, NY, 153-160. DOI= http://doi.acm.org/10.1145/1242531.1242555 </nowiki><br />
<br />
[7]<nowiki>Liedtke, J. 1995. On micro-kernel construction. In Proceedings of the Fifteenth ACM Symposium on Operating Systems Principles (Copper Mountain, Colorado, United States, December 03 - 06, 1995). M. B. Jones, Ed. SOSP '95. ACM, New York, NY, 237-250. DOI= http://doi.acm.org/10.1145/224056.224075 </nowiki><br />
<br />
== Unsorted ==<br />
Exokernel-<br />
Minimalistic abstractions for developers<br />
Exokernels can be seen as a good compromise between virtual machines and microkernels in the sense that exokernels can give that low level access to developers similar to direct access through a protected layer and at the same time can contain enough hardware abstraction to allow similar benefit of hiding the hardware resources to application programs.<br />
Exokernel – fewest hardware abstractions to developer<br />
Microkernel - is the near-minimum amount of software that can provide the mechanisms needed to implement an operating system<br />
Virtual machine is a simulation of any or devices requested by an application program<br />
Exokenel – I’ve got a sound card<br />
Virtual Machine – I’ve got the sound card you’re looking for, perfect virtual match<br />
Microkernel – I’ve got sound card that plays Khazikstan sound format only<br />
MicroKernel - Very small, very predictable, good for schedualing (QNX is a microkernel - POSIX compatable, benefits of running linux software like modern browsers) <br />
<br />
This is some ideas I've got on this question, please contribute below<br />
-Rovic<br />
<br />
Outlining some main features here as I see them.<br />
<br />
I found that the exokernel was an even lower-level design than the microkernel, closer to the hardware without abstraction. They have the same architecture with the basic functionality contained in the kernel to manage everyone. As the exokernel "gives" the resource to the application it can use the resource in isolation of other applications (until forced to shared) much like VMs receive their resources, either partitioned or virtualized, and execute as if its running on its own machine. There is this similar notion of partitioning the resources among applications/OS and allowing them to take control of what they have. <br />
<br />
I'll locate some references later on. --[[User:Slay|Slay]] 15:00, 7 October 2010 (UTC)<br />
<br />
<br />
Maybe we can have an introduction - paragraph or so on each type - then similarities - differences - and the compromise. I am going to do some research and writing this weekend and I will put some up -- Jslonosky<br />
<br />
btw in my page (i guess you can call it that) i have some resources i have found --[[User:Asoknack|Asoknack]] 15:50, 8 October 2010 (UTC)<br />
- Wow, nice man. I will go ahead and write up the descriptive paragraphs on each kernel and virtual machine if no one minds. --Jslonosky<br />
<br />
I think we should divide up the paragraphs and proofread each others instead. (Are there only 4 of us?) I don't have much time to work on this today though but I'll try to work on it tomorrow morning. - Slay<br />
<br />
Sure guy. That sounds good. There should be 5 or 6 of us though.. . Oh well. Their loss. I will do some before or after work today. Ill start with Microkernel since there is not a large amount of info here, and so we don't overlap each other - JSlonosky<br />
<br />
yeah i think there was more like 7 of us btw if any one has any more information feel free to add it would be nice if you add the references so that way citing is really easy on acm.org it will auto give you the citation info (where it says Display Formats click on ACM Ref and new window with the citation info auto pop's up) --[[User:Asoknack|Asoknack]] 02:28, 11 October 2010 (UTC)</div>Asoknackhttps://homeostasis.scs.carleton.ca/wiki/index.php?title=Talk:COMP_3000_Essay_1_2010_Question_1&diff=2891Talk:COMP 3000 Essay 1 2010 Question 12010-10-11T02:28:44Z<p>Asoknack: /* Unsorted */</p>
<hr />
<div>== Microkernel == <br />
* Moving kernel functionality into processes contained in user space, e.g. file systems, drivers<br />
* Keep basic functionality in kernel to handle sharing of resources<br />
* Separation allows for manageability and security, corruption in one does not necessarily cause failure in system<br />
<br />
== Virtual Machine ==<br />
* Partitioning or virtualizing resources among OS virtualization running on top of host OS<br />
* Virtualized OS believe running on full machine on its own<br />
<br />
----<br />
System Level Virtualization<br />
<br />
''' VMM '''<br />
* stands for Virtual Machine Monitor, also known as the hyper-visor[4]<br />
* responsible for virtualization of hardware(mapping physical to virtual) and the VM that run on top of the virtuallized hardware [4]<br />
* usually a small os with no drivers , so it is coupled with a linux distro that provides device / hardware access [4]<br />
** the os that the VMM is using for driver's is called the hostOS [6]<br />
*the hostOS provides login and physical access to the hardware as well as management for the VMM [6]<br />
''' VM '''<br />
* the OS that the vm is running is called the guestOS [6]<br />
* the guestOS only sees resources that have been allocated to the VM [6]<br />
''' three approaches '''<br />
*Type I virtualization [5]<br />
** runs off the physical hardware [4]<br />
** Isolation of the guestOs from the hardware is done threw processe level protection meachnism[6]<br />
*** ring 0 = VMM [6]<br />
*** ring 1 = VM [6]<br />
*** this means all instructions from the VM must go threw the VMM [6]<br />
** since there can be multiple VM's on a computer the scheduling is done by the VMM [6]<br />
** on boot the VMM creates a hardware platform for the VM [6]<br />
** load's the VM kernel into virtual memory and then boot's it like a regular computer [6]<br />
** ex. Xen [4]<br />
*Type II virtualization [5]<br />
** run off the host Os [4]<br />
** ex. VMware , QEMU [4]<br />
* Para-virtualization [6]<br />
** Similar to Type but use the HostOs for Device driver access [6]<br />
<br />
== Exokernel ==<br />
* Micro-kernel architecture with limited abstractions, ask for resource, get resource not resource abstraction<br />
* Less functionality provided by kernel, security and handling of resource sharing<br />
* Once application receives resource, it can use it as it wishes/in control<br />
* Keep the basic kernel to handle allocating resources and sharing rather than developing straight to the hardware<br />
<br />
----<br />
* multiplex resources securely providing protection to mutual distrustful application threw the use of secure binding's[1]<br />
* Goal of the exokernel is to give LibOS maximum freedom with out allowing them to interfere with each other. to do this the exokernel separates protection from management in doing this it provide 3 important tasks[1]<br />
** tracking ownership of resources [1]<br />
** ensuring protection by guarding all resource usage and binding points (not to shure what binding points are)[1]<br />
** revoking access to the resources [1]<br />
* LibrayOS (LibOs)<br />
** Reduces the number of kernel crossings[1]<br />
** Not trusted by the exokernel so can be trusted by the application , Example given is a bad parameter passed to the LibOs only the application is affected.[1] (So LibOs cant interact with kernel ???)<br />
** Any application running on the Exokernel can change the LibrayOs freely [1]<br />
** Application that use LibOS that implement standard interfaces (POSIX) will be portable on any system with the same interface [1]<br />
** LibOs can be made portable if it is designed to interact with a low-level machine independent level to hide hardware details [1]<br />
<br />
=== Exokernel Design ===<br />
==== Design Principles ====<br />
*Securely Expose Hardware [1]<br />
** an Exokernel tries to create low level primitives that the hardware resources can be accessed from, this also includes interrupts,exceptions [1]<br />
** the exokernel also export privileged instructions to the LibOS so that traditional OS abstractions can be implemented (eg Process , address pace)[1]<br />
** Exokernels should avoid resource management except when required protection ( allocation , revocation , ownership)[1]<br />
** application based resource management is the best way to build flexible efficient flexible systems [1]<br />
*Expose allocation[1]<br />
** allow LibOs to request physical resources [1]<br />
** resource allocation should not be automatic, the LibOS should participate in every single allocation decision [1]<br />
*Expose Names[1]<br />
** Use physical name's when ever possible[3] (not to sure what physical names are, I think it is as simple as what the hardware is called)--[[User:Asoknack|Asoknack]] 20:27, 9 October 2010 (UTC)<br />
** Physical names capture useful information [3]<br />
*** safer than and less resource intensive than virtual names as no translations are needed[3]<br />
*Expose Revocation [1]<br />
** use visible revocation protocol [1]<br />
** allows well behaved LibOS to preform application level resource management [1]<br />
** Visible revocation allows the LibOS to choose what instance of the resource to release[1](Visible means that when revocation happens the exokernel tell the LibOS that resource is being revoked)<br />
''' Policy '''<br />
* LibOS handle resource policy decisions<br />
* Exokernels have a policy to decided between competing LibOS (Priority , share of resources)<br />
** it enforces this threw allocation and deallocation (every thing can achieved threw this even what block to write and such)<br />
<br />
==== Secure Bindings ====<br />
* Used by the exokernel to allow the LibOS to bind to resources [1]<br />
* Allows the separation of protection and resource use [1]<br />
* only checks authorization during bind time [1]<br />
** Application's with complex needs for resources only authorized during bind.[1]<br />
* access checking is done during access time and there is no need to understand complex resources needs during access[1]<br />
** (this means that the exokernel checks once to make sure an application has authorization once approved, when the application tries to use the resource the exokernel is only concerned about policy conflict's)--[[User:Asoknack|Asoknack]] 18:20, 9 October 2010 (UTC)<br />
** allows the kernel to protect the resources with out understanding what the resource is [1]<br />
*three way's to implement<br />
* Hardware Mechanisms [1]<br />
* Software caching [1]<br />
* Downloading application code [1]<br />
''' Downloading Code to the Kernel '''<br />
* used to implement secure bindings , and improve performance[1]<br />
** eliminate the number of kernel crossings [1]<br />
** downloaded code can be run with out the application to be scheduled [2]<br />
==== Visible Resource Revocation ====<br />
* Used for most resources [1]<br />
** allows for LibOS to help with deallocation [1]<br />
** LibOS are able to garner what resources are scare [1]<br />
* Slower than Invisible as application involvement is required [1]<br />
** ex of when invisible is used is Processor addressing-context identifiers [1]<br />
==== Abort Protocol ====<br />
* allows the exokernel to take resources away from the LibOS [1]<br />
* used when the LibOS fails to respond to the revocation request [1]<br />
* Exokernel must be careful not to delete as the LibOS might need to write some system critical data to the resource [1]<br />
<br />
== References ==<br />
[1]<nowiki> Engler, D. R., Kaashoek, M. F., and O'Toole, J. 1995. Exokernel: an operating system architecture for application-level resource management. In Proceedings of the Fifteenth ACM Symposium on Operating Systems Principles (Copper Mountain, Colorado, United States, December 03 - 06, 1995). M. B. Jones, Ed. SOSP '95. ACM, New York, NY, 251-266. DOI= http://doi.acm.org/10.1145/224056.224076 </nowiki><br />
<br />
[2]<nowiki>Engler, Dawson R. "The Exokernel Operating System Architecture." Diss. Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 1998. Web. 9 Oct. 2010. <http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.61.5054&rep=rep1&type=pdf>.</nowiki><br />
<br />
[3]<nowiki>Kaashoek, M. F., Engler, D. R., Ganger, G. R., Briceño, H. M., Hunt, R., Mazières, D., Pinckney, T., Grimm, R., Jannotti, J., and Mackenzie, K. 1997. Application performance and flexibility on exokernel systems. In Proceedings of the Sixteenth ACM Symposium on Operating Systems Principles (Saint Malo, France, October 05 - 08, 1997). W. M. Waite, Ed. SOSP '97. ACM, New York, NY, 52-65. DOI= http://doi.acm.org/10.1145/268998.266644 </nowiki><br />
<br />
[4]<nowiki>Vallee, G.; Naughton, T.; Engelmann, C.; Hong Ong; Scott, S.L.; , "System-Level Virtualization for High Performance Computing," Parallel, Distributed and Network-Based Processing, 2008. PDP 2008. 16th Euromicro Conference on , vol., no., pp.636-643, 13-15 Feb. 2008<br />
DOI= http://doi.acm.org/10.1109/PDP.2008.85 </nowiki><br />
<br />
[5]<nowiki>Goldberg, R. P. 1973. Architecture of virtual machines. In Proceedings of the Workshop on Virtual Computer Systems (Cambridge, Massachusetts, United States, March 26 - 27, 1973). ACM, New York, NY, 74-112. DOI= http://doi.acm.org/10.1145/800122.803950 </nowiki><br />
<br />
[6]<nowiki>Vallee, G., Naughton, T., and Scott, S. L. 2007. System management software for virtual environments. In Proceedings of the 4th international Conference on Computing Frontiers (Ischia, Italy, May 07 - 09, 2007). CF '07. ACM, New York, NY, 153-160. DOI= http://doi.acm.org/10.1145/1242531.1242555 </nowiki><br />
<br />
[7]<nowiki>Liedtke, J. 1995. On micro-kernel construction. In Proceedings of the Fifteenth ACM Symposium on Operating Systems Principles (Copper Mountain, Colorado, United States, December 03 - 06, 1995). M. B. Jones, Ed. SOSP '95. ACM, New York, NY, 237-250. DOI= http://doi.acm.org/10.1145/224056.224075 </nowiki><br />
<br />
== Unsorted ==<br />
Exokernel-<br />
Minimalistic abstractions for developers<br />
Exokernels can be seen as a good compromise between virtual machines and microkernels in the sense that exokernels can give that low level access to developers similar to direct access through a protected layer and at the same time can contain enough hardware abstraction to allow similar benefit of hiding the hardware resources to application programs.<br />
Exokernel – fewest hardware abstractions to developer<br />
Microkernel - is the near-minimum amount of software that can provide the mechanisms needed to implement an operating system<br />
Virtual machine is a simulation of any or devices requested by an application program<br />
Exokenel – I’ve got a sound card<br />
Virtual Machine – I’ve got the sound card you’re looking for, perfect virtual match<br />
Microkernel – I’ve got sound card that plays Khazikstan sound format only<br />
MicroKernel - Very small, very predictable, good for schedualing (QNX is a microkernel - POSIX compatable, benefits of running linux software like modern browsers) <br />
<br />
This is some ideas I've got on this question, please contribute below<br />
-Rovic<br />
<br />
Outlining some main features here as I see them.<br />
<br />
I found that the exokernel was an even lower-level design than the microkernel, closer to the hardware without abstraction. They have the same architecture with the basic functionality contained in the kernel to manage everyone. As the exokernel "gives" the resource to the application it can use the resource in isolation of other applications (until forced to shared) much like VMs receive their resources, either partitioned or virtualized, and execute as if its running on its own machine. There is this similar notion of partitioning the resources among applications/OS and allowing them to take control of what they have. <br />
<br />
I'll locate some references later on. --[[User:Slay|Slay]] 15:00, 7 October 2010 (UTC)<br />
<br />
<br />
Maybe we can have an introduction - paragraph or so on each type - then similarities - differences - and the compromise. I am going to do some research and writing this weekend and I will put some up -- Jslonosky<br />
<br />
btw in my page (i guess you can call it that) i have some resources i have found --[[User:Asoknack|Asoknack]] 15:50, 8 October 2010 (UTC)<br />
- Wow, nice man. I will go ahead and write up the descriptive paragraphs on each kernel and virtual machine if no one minds. --Jslonosky<br />
<br />
I think we should divide up the paragraphs and proofread each others instead. (Are there only 4 of us?) I don't have much time to work on this today though but I'll try to work on it tomorrow morning. - Slay<br />
<br />
Sure guy. That sounds good. There should be 5 or 6 of us though.. . Oh well. Their loss. I will do some before or after work today. Ill start with Microkernel since there is not a large amount of info here, and so we don't overlap each other - JSlonosky<br />
<br />
yeah i think there was more like 7 of us btw if any one has any more information feel free to add it would be nice if you add the references so that way citing is really easy on acm.org it will auto give you the citation info --02:28, 11 October 2010 (UTC)</div>Asoknackhttps://homeostasis.scs.carleton.ca/wiki/index.php?title=Template:Reflist&diff=2718Template:Reflist2010-10-09T22:51:49Z<p>Asoknack: Created page with '<div class="references-small {{#if: {{{colwidth|}}} | references-column-width | {{#iferror: {{#ifexpr: {{{1|1}}}>1 | references-column-count references-column-count-{{{1}}} }} }}…'</p>
<hr />
<div><div class="references-small {{#if: {{{colwidth|}}} | references-column-width | {{#iferror: {{#ifexpr: {{{1|1}}}>1 | references-column-count references-column-count-{{{1}}} }} }} }}" {{#if: {{{colwidth|}}}| style="-moz-column-width:{{{colwidth}}}; column-width:{{{colwidth}}};" | {{#if: {{{1|}}}| style="-moz-column-count:{{{1}}}; column-count:{{{1}}};" }} }}><br />
{{#tag:references||group={{{group|}}}}}</div><noinclude>[[Category:Citation templates|{{PAGENAME}}]]</noinclude></div>Asoknackhttps://homeostasis.scs.carleton.ca/wiki/index.php?title=Talk:COMP_3000_Essay_1_2010_Question_1&diff=2717Talk:COMP 3000 Essay 1 2010 Question 12010-10-09T22:30:45Z<p>Asoknack: Spell check</p>
<hr />
<div>== Microkernel == <br />
* Moving kernel functionality into processes contained in user space, e.g. file systems, drivers<br />
* Keep basic functionality in kernel to handle sharing of resources<br />
* Separation allows for manageability and security, corruption in one does not necessarily cause failure in system<br />
<br />
== Virtual Machine ==<br />
* Partitioning or virtualizing resources among OS virtualization running on top of host OS<br />
* Virtualized OS believe running on full machine on its own<br />
<br />
----<br />
System Level Virtualization<br />
<br />
''' VMM '''<br />
* stands for Virtual Machine Monitor, also known as the hyper-visor[4]<br />
* responsible for virtualization of hardware(mapping physical to virtual) and the VM that run on top of the virtuallized hardware [4]<br />
* usually a small os with no drivers , so it is coupled with a linux distro that provides device / hardware access [4]<br />
** the os that the VMM is using for driver's is called the hostOS [6]<br />
*the hostOS provides login and physical access to the hardware as well as management for the VMM [6]<br />
''' VM '''<br />
* the OS that the vm is running is called the guestOS [6]<br />
* the guestOS only sees resources that have been allocated to the VM [6]<br />
''' three approaches '''<br />
*Type I virtualization [5]<br />
** runs off the physical hardware [4]<br />
** Isolation of the guestOs from the hardware is done threw processe level protection meachnism[6]<br />
*** ring 0 = VMM [6]<br />
*** ring 1 = VM [6]<br />
*** this means all instructions from the VM must go threw the VMM [6]<br />
** since there can be multiple VM's on a computer the scheduling is done by the VMM [6]<br />
** on boot the VMM creates a hardware platform for the VM [6]<br />
** load's the VM kernel into virtual memory and then boot's it like a regular computer [6]<br />
** ex. Xen [4]<br />
*Type II virtualization [5]<br />
** run off the host Os [4]<br />
** ex. VMware , QEMU [4]<br />
* Para-virtualization [6]<br />
** Similar to Type but use the HostOs for Device driver access [6]<br />
<br />
== Exokernel ==<br />
* Micro-kernel architecture with limited abstractions, ask for resource, get resource not resource abstraction<br />
* Less functionality provided by kernel, security and handling of resource sharing<br />
* Once application receives resource, it can use it as it wishes/in control<br />
* Keep the basic kernel to handle allocating resources and sharing rather than developing straight to the hardware<br />
<br />
----<br />
* multiplex resources securely providing protection to mutual distrustful application threw the use of secure binding's[1]<br />
* Goal of the exokernel is to give LibOS maximum freedom with out allowing them to interfere with each other. to do this the exokernel separates protection from management in doing this it provide 3 important tasks[1]<br />
** tracking ownership of resources [1]<br />
** ensuring protection by guarding all resource usage and binding points (not to shure what binding points are)[1]<br />
** revoking access to the resources [1]<br />
* LibrayOS (LibOs)<br />
** Reduces the number of kernel crossings[1]<br />
** Not trusted by the exokernel so can be trusted by the application , Example given is a bad parameter passed to the LibOs only the application is affected.[1] (So LibOs cant interact with kernel ???)<br />
** Any application running on the Exokernel can change the LibrayOs freely [1]<br />
** Application that use LibOS that implement standard interfaces (POSIX) will be portable on any system with the same interface [1]<br />
** LibOs can be made portable if it is designed to interact with a low-level machine independent level to hide hardware details [1]<br />
<br />
=== Exokernel Design ===<br />
==== Design Principles ====<br />
*Securely Expose Hardware [1]<br />
** an Exokernel tries to create low level primitives that the hardware resources can be accessed from, this also includes interrupts,exceptions [1]<br />
** the exokernel also export privileged instructions to the LibOS so that traditional OS abstractions can be implemented (eg Process , address pace)[1]<br />
** Exokernels should avoid resource management except when required protection ( allocation , revocation , ownership)[1]<br />
** application based resource management is the best way to build flexible efficient flexible systems [1]<br />
*Expose allocation[1]<br />
** allow LibOs to request physical resources [1]<br />
** resource allocation should not be automatic, the LibOS should participate in every single allocation decision [1]<br />
*Expose Names[1]<br />
** Use physical name's when ever possible[3] (not to sure what physical names are, I think it is as simple as what the hardware is called)--[[User:Asoknack|Asoknack]] 20:27, 9 October 2010 (UTC)<br />
** Physical names capture useful information [3]<br />
*** safer than and less resource intensive than virtual names as no translations are needed[3]<br />
*Expose Revocation [1]<br />
** use visible revocation protocol [1]<br />
** allows well behaved LibOS to preform application level resource management [1]<br />
** Visible revocation allows the LibOS to choose what instance of the resource to release[1](Visible means that when revocation happens the exokernel tell the LibOS that resource is being revoked)<br />
''' Policy '''<br />
* LibOS handle resource policy decisions<br />
* Exokernels have a policy to decided between competing LibOS (Priority , share of resources)<br />
** it enforces this threw allocation and deallocation (every thing can achieved threw this even what block to write and such)<br />
<br />
==== Secure Bindings ====<br />
* Used by the exokernel to allow the LibOS to bind to resources [1]<br />
* Allows the separation of protection and resource use [1]<br />
* only checks authorization during bind time [1]<br />
** Application's with complex needs for resources only authorized during bind.[1]<br />
* access checking is done during access time and there is no need to understand complex resources needs during access[1]<br />
** (this means that the exokernel checks once to make sure an application has authorization once approved, when the application tries to use the resource the exokernel is only concerned about policy conflict's)--[[User:Asoknack|Asoknack]] 18:20, 9 October 2010 (UTC)<br />
** allows the kernel to protect the resources with out understanding what the resource is [1]<br />
*three way's to implement<br />
* Hardware Mechanisms [1]<br />
* Software caching [1]<br />
* Downloading application code [1]<br />
''' Downloading Code to the Kernel '''<br />
* used to implement secure bindings , and improve performance[1]<br />
** eliminate the number of kernel crossings [1]<br />
** downloaded code can be run with out the application to be scheduled [2]<br />
==== Visible Resource Revocation ====<br />
* Used for most resources [1]<br />
** allows for LibOS to help with deallocation [1]<br />
** LibOS are able to garner what resources are scare [1]<br />
* Slower than Invisible as application involvement is required [1]<br />
** ex of when invisible is used is Processor addressing-context identifiers [1]<br />
==== Abort Protocol ====<br />
* allows the exokernel to take resources away from the LibOS [1]<br />
* used when the LibOS fails to respond to the revocation request [1]<br />
* Exokernel must be careful not to delete as the LibOS might need to write some system critical data to the resource [1]<br />
<br />
== References ==<br />
[1]<nowiki> Engler, D. R., Kaashoek, M. F., and O'Toole, J. 1995. Exokernel: an operating system architecture for application-level resource management. In Proceedings of the Fifteenth ACM Symposium on Operating Systems Principles (Copper Mountain, Colorado, United States, December 03 - 06, 1995). M. B. Jones, Ed. SOSP '95. ACM, New York, NY, 251-266. DOI= http://doi.acm.org/10.1145/224056.224076 </nowiki><br />
<br />
[2]<nowiki>Engler, Dawson R. "The Exokernel Operating System Architecture." Diss. Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 1998. Web. 9 Oct. 2010. <http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.61.5054&rep=rep1&type=pdf>.</nowiki><br />
<br />
[3]<nowiki>Kaashoek, M. F., Engler, D. R., Ganger, G. R., Briceño, H. M., Hunt, R., Mazières, D., Pinckney, T., Grimm, R., Jannotti, J., and Mackenzie, K. 1997. Application performance and flexibility on exokernel systems. In Proceedings of the Sixteenth ACM Symposium on Operating Systems Principles (Saint Malo, France, October 05 - 08, 1997). W. M. Waite, Ed. SOSP '97. ACM, New York, NY, 52-65. DOI= http://doi.acm.org/10.1145/268998.266644 </nowiki><br />
<br />
[4]<nowiki>Vallee, G.; Naughton, T.; Engelmann, C.; Hong Ong; Scott, S.L.; , "System-Level Virtualization for High Performance Computing," Parallel, Distributed and Network-Based Processing, 2008. PDP 2008. 16th Euromicro Conference on , vol., no., pp.636-643, 13-15 Feb. 2008<br />
DOI= http://doi.acm.org/10.1109/PDP.2008.85 </nowiki><br />
<br />
[5]<nowiki>Goldberg, R. P. 1973. Architecture of virtual machines. In Proceedings of the Workshop on Virtual Computer Systems (Cambridge, Massachusetts, United States, March 26 - 27, 1973). ACM, New York, NY, 74-112. DOI= http://doi.acm.org/10.1145/800122.803950 </nowiki><br />
<br />
[6]<nowiki>Vallee, G., Naughton, T., and Scott, S. L. 2007. System management software for virtual environments. In Proceedings of the 4th international Conference on Computing Frontiers (Ischia, Italy, May 07 - 09, 2007). CF '07. ACM, New York, NY, 153-160. DOI= http://doi.acm.org/10.1145/1242531.1242555 </nowiki><br />
<br />
[7]<nowiki>Liedtke, J. 1995. On micro-kernel construction. In Proceedings of the Fifteenth ACM Symposium on Operating Systems Principles (Copper Mountain, Colorado, United States, December 03 - 06, 1995). M. B. Jones, Ed. SOSP '95. ACM, New York, NY, 237-250. DOI= http://doi.acm.org/10.1145/224056.224075 </nowiki><br />
<br />
== Unsorted ==<br />
Exokernel-<br />
Minimalistic abstractions for developers<br />
Exokernels can be seen as a good compromise between virtual machines and microkernels in the sense that exokernels can give that low level access to developers similar to direct access through a protected layer and at the same time can contain enough hardware abstraction to allow similar benefit of hiding the hardware resources to application programs.<br />
Exokernel – fewest hardware abstractions to developer<br />
Microkernel - is the near-minimum amount of software that can provide the mechanisms needed to implement an operating system<br />
Virtual machine is a simulation of any or devices requested by an application program<br />
Exokenel – I’ve got a sound card<br />
Virtual Machine – I’ve got the sound card you’re looking for, perfect virtual match<br />
Microkernel – I’ve got sound card that plays Khazikstan sound format only<br />
MicroKernel - Very small, very predictable, good for schedualing (QNX is a microkernel - POSIX compatable, benefits of running linux software like modern browsers) <br />
<br />
This is some ideas I've got on this question, please contribute below<br />
-Rovic<br />
<br />
Outlining some main features here as I see them.<br />
<br />
I found that the exokernel was an even lower-level design than the microkernel, closer to the hardware without abstraction. They have the same architecture with the basic functionality contained in the kernel to manage everyone. As the exokernel "gives" the resource to the application it can use the resource in isolation of other applications (until forced to shared) much like VMs receive their resources, either partitioned or virtualized, and execute as if its running on its own machine. There is this similar notion of partitioning the resources among applications/OS and allowing them to take control of what they have. <br />
<br />
I'll locate some references later on. --[[User:Slay|Slay]] 15:00, 7 October 2010 (UTC)<br />
<br />
<br />
Maybe we can have an introduction - paragraph or so on each type - then similarities - differences - and the compromise. I am going to do some research and writing this weekend and I will put some up -- Jslonosky<br />
<br />
btw in my page (i guess you can call it that) i have some resources i have found --[[User:Asoknack|Asoknack]] 15:50, 8 October 2010 (UTC)<br />
- Wow, nice man. I will go ahead and write up the descriptive paragraphs on each kernel and virtual machine if no one minds. --Jslonosky</div>Asoknackhttps://homeostasis.scs.carleton.ca/wiki/index.php?title=Talk:COMP_3000_Essay_1_2010_Question_1&diff=2716Talk:COMP 3000 Essay 1 2010 Question 12010-10-09T22:17:29Z<p>Asoknack: /* References */</p>
<hr />
<div>== Microkernel == <br />
* Moving kernel functionality into processes contained in user space, e.g. file systems, drivers<br />
* Keep basic functionality in kernel to handle sharing of resources<br />
* Separation allows for manageability and security, corruption in one does not necessarily cause failure in system<br />
<br />
== Virtual Machine ==<br />
* Partitioning or virtualizing resources among OS virtualization running on top of host OS<br />
* Virtualized OS believe running on full machine on its own<br />
<br />
----<br />
System Level Virtualization<br />
<br />
''' VMM '''<br />
* stands for Virtual Machine Monitor, also known as the hypervisor[4]<br />
* responsible for virtualization of hardware(mapping physical to virtual) and the VM that run on top of the virtualized hardware [4]<br />
* usualy a small os with no drivers , so it is coupled with a linux distro that provides device / hardware acces [4]<br />
** the os that the VMM is using for driver's is called the hostOS [6]<br />
*the hostOS provide's login and physical acces to the hardware as well as managment for the VMM [6]<br />
''' VM '''<br />
* the OS that the vm is running is called the guestOS [6]<br />
* the guestOS only see's resources that have been allocated to the VM [6]<br />
''' three approaches '''<br />
*Type I virtualization [5]<br />
** run's off the physical hardware [4]<br />
** Isolation of the guestOs from the hardware is done threw processe level protection meachnism[6]<br />
*** ring 0 = VMM [6]<br />
*** ring 1 = VM [6]<br />
*** this mean's all instructions from the VM must go threw the VMM [6]<br />
** since there can be multiple VM's on a computer the schedualing is done by the VMM [6]<br />
** on boot the VMM create's a hardware platform for the VM [6]<br />
** load's the VM kernel into virtual memory and then boot's it like a regular computer [6]<br />
** ex. Xen [4]<br />
*Type II virtualization [5]<br />
** run off the host Os [4]<br />
** ex. VMware , QEMU [4]<br />
* Para-virtualization [6]<br />
** Similar to Type but use the HostOs for Device driver acces [6]<br />
<br />
== Exokernel ==<br />
* Microkernel architecture with limited abstractions, ask for resource, get resource not resource abstraction<br />
* Less functionality provided by kernel, security and handling of resource sharing<br />
* Once application receives resource, it can use it as it wishes/in control<br />
* Keep the basic kernel to handle allocating resources and sharing rather than developing straight to the hardware<br />
* multiplex resources securly providing protection to mutualy distrustfull application threw the use of secure binding's<br />
<br />
----<br />
<br />
* Goal of the exokernel is to give LibOS maximum freedom with out allowing them to interfere with each other. to do this the exokernel seperates protection from managment in doing this it provide 3 important tasks[1]<br />
** tracking ownership of resources [1]<br />
** ensuring protection by guarding all resource usage and binding points (not to shure what binding points are)[1]<br />
** revoking acces to the resources [1]<br />
* LibrayOS (LibOs)<br />
** Reduces the numbrt of kernel crossings[1]<br />
** Not trusted by the exokernel so can be trusted by the application , Example given is a bad pramater passed to the LibOs only the application is affected.[1] (So LibOs cant interact with kernel ???)<br />
** Any application running on the Exokernel can change the LibrayOs freely [1]<br />
** Application that use LibOS that implement standard interfaces (POSIX) will be portable on any system with the same interface [1]<br />
** LibOs can be made portable if it is desgined to interact with a low-level machine independant level to hide hardware details [1]<br />
<br />
=== Exokernel Design ===<br />
==== Design Principles ====<br />
*Securely Expose Hardware [1]<br />
** an Exokernel tries to creat low level primatives that the hardware resources can be accesse from, this allso includes interrupt's,exceptions [1]<br />
** the exokernel also export priviledged instructions to the LibOS so that traditional OS abstractions can be implemented (eg Process , address pace)[1]<br />
** Exokernels should avoid resource managment except when required protection ( allocation , revocation , ownership)[1]<br />
** application based resource managment is the best way to build fexible efficient flexible systems [1]<br />
*Expose allocation[1]<br />
** allow LibOs to request physical resources [1]<br />
** resource allocation should not be automatic, the LibOS should participate in every single allocation decision [1]<br />
*Expose Names[1]<br />
** Use physical name's when ever possible[3] (not to shure what physical names are, i think it is as simple as what the hardware is called)--[[User:Asoknack|Asoknack]] 20:27, 9 October 2010 (UTC)<br />
** Physical names capture usefull information [3]<br />
*** safer than and less resource intesive than vitual names as no translations are needed[3]<br />
*Expose Revocation [1]<br />
** use visible revocation protocol [1]<br />
** allows well behaved LibOS to preform application level resource managment [1]<br />
** Visible revocation allows the LibOS to choose what instance of the resource to release[1](Visible means that when revocation happen's the exokernel tell the LibOS that resource is being revoked)<br />
''' Policy '''<br />
* LibOS handle resource policy decisions<br />
* Exokernels have a policy to decided between competeing LibOS (Priority , share of resources)<br />
** it enforces this threw allocation and deallocation (every thing can achived threw this even what block to write and such)<br />
<br />
==== Secure Bindings ====<br />
* Used by the exokernel to allow the LibOS to bind to resources [1]<br />
* Allow's the seperation of protection and resource use [1]<br />
* only checks authorization durning bind time [1]<br />
** Application's with complex need's for resources only authorized durining bind.[1]<br />
* acces checking is done during acces time and there is no need to understand complex accese need's during acces[1]<br />
** (this mean's that the exokernel check's once to make shure an application has authorization once approved, when the application tries to use the resource the exokernel is only concerned about policy conflict's)--[[User:Asoknack|Asoknack]] 18:20, 9 October 2010 (UTC)<br />
** alow's the kernel to protect the resources with out understanding what the resource is [1]<br />
*three way's to implement<br />
* Hardware Mechanisms [1]<br />
* Software caching [1]<br />
* Downloading application code [1]<br />
''' Downloading Code to the Kernel '''<br />
* used to implement secure bindings , and improve preformance[1]<br />
** eleminate the number of kernel crossings [1]<br />
** downloaded code can be run with out the application to be schedualed [2]<br />
==== Visible Resource Revocation ====<br />
* Used for most resources [1]<br />
** allow's for LibOS to help with deallocation [1]<br />
** LibOS are able to garnner what resources are scare [1]<br />
* Slower than Invisible as application involment is required [1]<br />
** ex of when invisible is used is Processor addressing-context identifiers [1]<br />
==== Abort Protocol ====<br />
* allow's the exokernel to take resources away from the LibOS [1]<br />
* used when the LibOS fail's to respond to the revocation request [1]<br />
* Exokernel must be careful not to delete as the LibOS might need to write some system critical data to the resource [1]<br />
<br />
== References ==<br />
[1]<nowiki> Engler, D. R., Kaashoek, M. F., and O'Toole, J. 1995. Exokernel: an operating system architecture for application-level resource management. In Proceedings of the Fifteenth ACM Symposium on Operating Systems Principles (Copper Mountain, Colorado, United States, December 03 - 06, 1995). M. B. Jones, Ed. SOSP '95. ACM, New York, NY, 251-266. DOI= http://doi.acm.org/10.1145/224056.224076 </nowiki><br />
<br />
[2]<nowiki>Engler, Dawson R. "The Exokernel Operating System Architecture." Diss. Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 1998. Web. 9 Oct. 2010. <http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.61.5054&rep=rep1&type=pdf>.</nowiki><br />
<br />
[3]<nowiki>Kaashoek, M. F., Engler, D. R., Ganger, G. R., Briceño, H. M., Hunt, R., Mazières, D., Pinckney, T., Grimm, R., Jannotti, J., and Mackenzie, K. 1997. Application performance and flexibility on exokernel systems. In Proceedings of the Sixteenth ACM Symposium on Operating Systems Principles (Saint Malo, France, October 05 - 08, 1997). W. M. Waite, Ed. SOSP '97. ACM, New York, NY, 52-65. DOI= http://doi.acm.org/10.1145/268998.266644 </nowiki><br />
<br />
[4]<nowiki>Vallee, G.; Naughton, T.; Engelmann, C.; Hong Ong; Scott, S.L.; , "System-Level Virtualization for High Performance Computing," Parallel, Distributed and Network-Based Processing, 2008. PDP 2008. 16th Euromicro Conference on , vol., no., pp.636-643, 13-15 Feb. 2008<br />
DOI= http://doi.acm.org/10.1109/PDP.2008.85 </nowiki><br />
<br />
[5]<nowiki>Goldberg, R. P. 1973. Architecture of virtual machines. In Proceedings of the Workshop on Virtual Computer Systems (Cambridge, Massachusetts, United States, March 26 - 27, 1973). ACM, New York, NY, 74-112. DOI= http://doi.acm.org/10.1145/800122.803950 </nowiki><br />
<br />
[6]<nowiki>Vallee, G., Naughton, T., and Scott, S. L. 2007. System management software for virtual environments. In Proceedings of the 4th international Conference on Computing Frontiers (Ischia, Italy, May 07 - 09, 2007). CF '07. ACM, New York, NY, 153-160. DOI= http://doi.acm.org/10.1145/1242531.1242555 </nowiki><br />
<br />
[7]<nowiki>Liedtke, J. 1995. On micro-kernel construction. In Proceedings of the Fifteenth ACM Symposium on Operating Systems Principles (Copper Mountain, Colorado, United States, December 03 - 06, 1995). M. B. Jones, Ed. SOSP '95. ACM, New York, NY, 237-250. DOI= http://doi.acm.org/10.1145/224056.224075 </nowiki><br />
<br />
== Unsorted ==<br />
Exokernel-<br />
Minimalistic abstractions for developers<br />
Exokernels can be seen as a good compromise between virtual machines and microkernels in the sense that exokernels can give that low level access to developers similar to direct access through a protected layer and at the same time can contain enough hardware abstraction to allow similar benefit of hiding the hardware resources to application programs.<br />
Exokernel – fewest hardware abstractions to developer<br />
Microkernel - is the near-minimum amount of software that can provide the mechanisms needed to implement an operating system<br />
Virtual machine is a simulation of any or devices requested by an application program<br />
Exokenel – I’ve got a sound card<br />
Virtual Machine – I’ve got the sound card you’re looking for, perfect virtual match<br />
Microkernel – I’ve got sound card that plays Khazikstan sound format only<br />
MicroKernel - Very small, very predictable, good for schedualing (QNX is a microkernel - POSIX compatable, benefits of running linux software like modern browsers) <br />
<br />
This is some ideas I've got on this question, please contribute below<br />
-Rovic<br />
<br />
Outlining some main features here as I see them.<br />
<br />
I found that the exokernel was an even lower-level design than the microkernel, closer to the hardware without abstraction. They have the same architecture with the basic functionality contained in the kernel to manage everyone. As the exokernel "gives" the resource to the application it can use the resource in isolation of other applications (until forced to shared) much like VMs receive their resources, either partitioned or virtualized, and execute as if its running on its own machine. There is this similar notion of partitioning the resources among applications/OS and allowing them to take control of what they have. <br />
<br />
I'll locate some references later on. --[[User:Slay|Slay]] 15:00, 7 October 2010 (UTC)<br />
<br />
<br />
Maybe we can have an introduction - paragraph or so on each type - then similarities - differences - and the compromise. I am going to do some research and writing this weekend and I will put some up -- Jslonosky<br />
<br />
btw in my page (i guess you can call it that) i have some resources i have found --[[User:Asoknack|Asoknack]] 15:50, 8 October 2010 (UTC)<br />
- Wow, nice man. I will go ahead and write up the descriptive paragraphs on each kernel and virtual machine if no one minds. --Jslonosky</div>Asoknackhttps://homeostasis.scs.carleton.ca/wiki/index.php?title=Talk:COMP_3000_Essay_1_2010_Question_1&diff=2715Talk:COMP 3000 Essay 1 2010 Question 12010-10-09T21:35:36Z<p>Asoknack: /* Virtual Machine */</p>
<hr />
<div>== Microkernel == <br />
* Moving kernel functionality into processes contained in user space, e.g. file systems, drivers<br />
* Keep basic functionality in kernel to handle sharing of resources<br />
* Separation allows for manageability and security, corruption in one does not necessarily cause failure in system<br />
<br />
== Virtual Machine ==<br />
* Partitioning or virtualizing resources among OS virtualization running on top of host OS<br />
* Virtualized OS believe running on full machine on its own<br />
<br />
----<br />
System Level Virtualization<br />
<br />
''' VMM '''<br />
* stands for Virtual Machine Monitor, also known as the hypervisor[4]<br />
* responsible for virtualization of hardware(mapping physical to virtual) and the VM that run on top of the virtualized hardware [4]<br />
* usualy a small os with no drivers , so it is coupled with a linux distro that provides device / hardware acces [4]<br />
** the os that the VMM is using for driver's is called the hostOS [6]<br />
*the hostOS provide's login and physical acces to the hardware as well as managment for the VMM [6]<br />
''' VM '''<br />
* the OS that the vm is running is called the guestOS [6]<br />
* the guestOS only see's resources that have been allocated to the VM [6]<br />
''' three approaches '''<br />
*Type I virtualization [5]<br />
** run's off the physical hardware [4]<br />
** Isolation of the guestOs from the hardware is done threw processe level protection meachnism[6]<br />
*** ring 0 = VMM [6]<br />
*** ring 1 = VM [6]<br />
*** this mean's all instructions from the VM must go threw the VMM [6]<br />
** since there can be multiple VM's on a computer the schedualing is done by the VMM [6]<br />
** on boot the VMM create's a hardware platform for the VM [6]<br />
** load's the VM kernel into virtual memory and then boot's it like a regular computer [6]<br />
** ex. Xen [4]<br />
*Type II virtualization [5]<br />
** run off the host Os [4]<br />
** ex. VMware , QEMU [4]<br />
* Para-virtualization [6]<br />
** Similar to Type but use the HostOs for Device driver acces [6]<br />
<br />
== Exokernel ==<br />
* Microkernel architecture with limited abstractions, ask for resource, get resource not resource abstraction<br />
* Less functionality provided by kernel, security and handling of resource sharing<br />
* Once application receives resource, it can use it as it wishes/in control<br />
* Keep the basic kernel to handle allocating resources and sharing rather than developing straight to the hardware<br />
* multiplex resources securly providing protection to mutualy distrustfull application threw the use of secure binding's<br />
<br />
----<br />
<br />
* Goal of the exokernel is to give LibOS maximum freedom with out allowing them to interfere with each other. to do this the exokernel seperates protection from managment in doing this it provide 3 important tasks[1]<br />
** tracking ownership of resources [1]<br />
** ensuring protection by guarding all resource usage and binding points (not to shure what binding points are)[1]<br />
** revoking acces to the resources [1]<br />
* LibrayOS (LibOs)<br />
** Reduces the numbrt of kernel crossings[1]<br />
** Not trusted by the exokernel so can be trusted by the application , Example given is a bad pramater passed to the LibOs only the application is affected.[1] (So LibOs cant interact with kernel ???)<br />
** Any application running on the Exokernel can change the LibrayOs freely [1]<br />
** Application that use LibOS that implement standard interfaces (POSIX) will be portable on any system with the same interface [1]<br />
** LibOs can be made portable if it is desgined to interact with a low-level machine independant level to hide hardware details [1]<br />
<br />
=== Exokernel Design ===<br />
==== Design Principles ====<br />
*Securely Expose Hardware [1]<br />
** an Exokernel tries to creat low level primatives that the hardware resources can be accesse from, this allso includes interrupt's,exceptions [1]<br />
** the exokernel also export priviledged instructions to the LibOS so that traditional OS abstractions can be implemented (eg Process , address pace)[1]<br />
** Exokernels should avoid resource managment except when required protection ( allocation , revocation , ownership)[1]<br />
** application based resource managment is the best way to build fexible efficient flexible systems [1]<br />
*Expose allocation[1]<br />
** allow LibOs to request physical resources [1]<br />
** resource allocation should not be automatic, the LibOS should participate in every single allocation decision [1]<br />
*Expose Names[1]<br />
** Use physical name's when ever possible[3] (not to shure what physical names are, i think it is as simple as what the hardware is called)--[[User:Asoknack|Asoknack]] 20:27, 9 October 2010 (UTC)<br />
** Physical names capture usefull information [3]<br />
*** safer than and less resource intesive than vitual names as no translations are needed[3]<br />
*Expose Revocation [1]<br />
** use visible revocation protocol [1]<br />
** allows well behaved LibOS to preform application level resource managment [1]<br />
** Visible revocation allows the LibOS to choose what instance of the resource to release[1](Visible means that when revocation happen's the exokernel tell the LibOS that resource is being revoked)<br />
''' Policy '''<br />
* LibOS handle resource policy decisions<br />
* Exokernels have a policy to decided between competeing LibOS (Priority , share of resources)<br />
** it enforces this threw allocation and deallocation (every thing can achived threw this even what block to write and such)<br />
<br />
==== Secure Bindings ====<br />
* Used by the exokernel to allow the LibOS to bind to resources [1]<br />
* Allow's the seperation of protection and resource use [1]<br />
* only checks authorization durning bind time [1]<br />
** Application's with complex need's for resources only authorized durining bind.[1]<br />
* acces checking is done during acces time and there is no need to understand complex accese need's during acces[1]<br />
** (this mean's that the exokernel check's once to make shure an application has authorization once approved, when the application tries to use the resource the exokernel is only concerned about policy conflict's)--[[User:Asoknack|Asoknack]] 18:20, 9 October 2010 (UTC)<br />
** alow's the kernel to protect the resources with out understanding what the resource is [1]<br />
*three way's to implement<br />
* Hardware Mechanisms [1]<br />
* Software caching [1]<br />
* Downloading application code [1]<br />
''' Downloading Code to the Kernel '''<br />
* used to implement secure bindings , and improve preformance[1]<br />
** eleminate the number of kernel crossings [1]<br />
** downloaded code can be run with out the application to be schedualed [2]<br />
==== Visible Resource Revocation ====<br />
* Used for most resources [1]<br />
** allow's for LibOS to help with deallocation [1]<br />
** LibOS are able to garnner what resources are scare [1]<br />
* Slower than Invisible as application involment is required [1]<br />
** ex of when invisible is used is Processor addressing-context identifiers [1]<br />
==== Abort Protocol ====<br />
* allow's the exokernel to take resources away from the LibOS [1]<br />
* used when the LibOS fail's to respond to the revocation request [1]<br />
* Exokernel must be careful not to delete as the LibOS might need to write some system critical data to the resource [1]<br />
<br />
== References ==<br />
[1]<nowiki> Engler, D. R., Kaashoek, M. F., and O'Toole, J. 1995. Exokernel: an operating system architecture for application-level resource management. In Proceedings of the Fifteenth ACM Symposium on Operating Systems Principles (Copper Mountain, Colorado, United States, December 03 - 06, 1995). M. B. Jones, Ed. SOSP '95. ACM, New York, NY, 251-266. DOI= http://doi.acm.org/10.1145/224056.224076 </nowiki><br />
<br />
[2]<nowiki>Engler, Dawson R. "The Exokernel Operating System Architecture." Diss. Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 1998. Web. 9 Oct. 2010. <http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.61.5054&rep=rep1&type=pdf>.</nowiki><br />
<br />
[3]<nowiki>Kaashoek, M. F., Engler, D. R., Ganger, G. R., Briceño, H. M., Hunt, R., Mazières, D., Pinckney, T., Grimm, R., Jannotti, J., and Mackenzie, K. 1997. Application performance and flexibility on exokernel systems. In Proceedings of the Sixteenth ACM Symposium on Operating Systems Principles (Saint Malo, France, October 05 - 08, 1997). W. M. Waite, Ed. SOSP '97. ACM, New York, NY, 52-65. DOI= http://doi.acm.org/10.1145/268998.266644 </nowiki><br />
<br />
[4]<nowiki>Vallee, G.; Naughton, T.; Engelmann, C.; Hong Ong; Scott, S.L.; , "System-Level Virtualization for High Performance Computing," Parallel, Distributed and Network-Based Processing, 2008. PDP 2008. 16th Euromicro Conference on , vol., no., pp.636-643, 13-15 Feb. 2008<br />
DOI= http://doi.acm.org/10.1109/PDP.2008.85 </nowiki><br />
<br />
[5]<nowiki>Goldberg, R. P. 1973. Architecture of virtual machines. In Proceedings of the Workshop on Virtual Computer Systems (Cambridge, Massachusetts, United States, March 26 - 27, 1973). ACM, New York, NY, 74-112. DOI= http://doi.acm.org/10.1145/800122.803950 </nowiki><br />
<br />
[6]<nowiki>Vallee, G., Naughton, T., and Scott, S. L. 2007. System management software for virtual environments. In Proceedings of the 4th international Conference on Computing Frontiers (Ischia, Italy, May 07 - 09, 2007). CF '07. ACM, New York, NY, 153-160. DOI= http://doi.acm.org/10.1145/1242531.1242555 </nowiki><br />
<br />
== Unsorted ==<br />
Exokernel-<br />
Minimalistic abstractions for developers<br />
Exokernels can be seen as a good compromise between virtual machines and microkernels in the sense that exokernels can give that low level access to developers similar to direct access through a protected layer and at the same time can contain enough hardware abstraction to allow similar benefit of hiding the hardware resources to application programs.<br />
Exokernel – fewest hardware abstractions to developer<br />
Microkernel - is the near-minimum amount of software that can provide the mechanisms needed to implement an operating system<br />
Virtual machine is a simulation of any or devices requested by an application program<br />
Exokenel – I’ve got a sound card<br />
Virtual Machine – I’ve got the sound card you’re looking for, perfect virtual match<br />
Microkernel – I’ve got sound card that plays Khazikstan sound format only<br />
MicroKernel - Very small, very predictable, good for schedualing (QNX is a microkernel - POSIX compatable, benefits of running linux software like modern browsers) <br />
<br />
This is some ideas I've got on this question, please contribute below<br />
-Rovic<br />
<br />
Outlining some main features here as I see them.<br />
<br />
I found that the exokernel was an even lower-level design than the microkernel, closer to the hardware without abstraction. They have the same architecture with the basic functionality contained in the kernel to manage everyone. As the exokernel "gives" the resource to the application it can use the resource in isolation of other applications (until forced to shared) much like VMs receive their resources, either partitioned or virtualized, and execute as if its running on its own machine. There is this similar notion of partitioning the resources among applications/OS and allowing them to take control of what they have. <br />
<br />
I'll locate some references later on. --[[User:Slay|Slay]] 15:00, 7 October 2010 (UTC)<br />
<br />
<br />
Maybe we can have an introduction - paragraph or so on each type - then similarities - differences - and the compromise. I am going to do some research and writing this weekend and I will put some up -- Jslonosky<br />
<br />
btw in my page (i guess you can call it that) i have some resources i have found --[[User:Asoknack|Asoknack]] 15:50, 8 October 2010 (UTC)<br />
- Wow, nice man. I will go ahead and write up the descriptive paragraphs on each kernel and virtual machine if no one minds. --Jslonosky</div>Asoknackhttps://homeostasis.scs.carleton.ca/wiki/index.php?title=Talk:COMP_3000_Essay_1_2010_Question_1&diff=2713Talk:COMP 3000 Essay 1 2010 Question 12010-10-09T21:28:03Z<p>Asoknack: /* Virtual Machine */</p>
<hr />
<div>== Microkernel == <br />
* Moving kernel functionality into processes contained in user space, e.g. file systems, drivers<br />
* Keep basic functionality in kernel to handle sharing of resources<br />
* Separation allows for manageability and security, corruption in one does not necessarily cause failure in system<br />
<br />
== Virtual Machine ==<br />
* Partitioning or virtualizing resources among OS virtualization running on top of host OS<br />
* Virtualized OS believe running on full machine on its own<br />
<br />
----<br />
System Level Virtualization<br />
<br />
''' VMM '''<br />
* stands for Virtual Machine Monitor, also known as the hypervisor[4]<br />
* responsible for virtualization of hardware(mapping physical to virtual) and the VM that run on top of the virtualized hardware [4]<br />
* usualy a small os with no drivers , so it is coupled with a linux distro that provides device / hardware acces [4]<br />
** the os that the VMM is using for driver's is called the hostOS [6]<br />
*the hostOS provide's login and physical acces to the hardware as well as managment for the VMM [6]<br />
''' VM '''<br />
* the OS that the vm is running is called the guestOS [6]<br />
* the guestOS only see's resources that have been allocated to the VM [6]<br />
''' three approaches '''<br />
*Type I virtualization [5]<br />
** run's off the physical hardware [4]<br />
** Isolation of the guestOs from the hardware is done threw processe level protection meachnism[6]<br />
*** ring 0 = VMM [6]<br />
*** ring 1 = VM [6]<br />
*** this mean's all instructions from the VM must go threw the VMM [6]<br />
** ex. Xen [4]<br />
*Type II virtualization [5]<br />
** run off the host Os [4]<br />
** ex. VMware , QEMU [4]<br />
* Para-virtualization [6]<br />
** Similar to Type but use the HostOs for Device driver acces [6]<br />
<br />
== Exokernel ==<br />
* Microkernel architecture with limited abstractions, ask for resource, get resource not resource abstraction<br />
* Less functionality provided by kernel, security and handling of resource sharing<br />
* Once application receives resource, it can use it as it wishes/in control<br />
* Keep the basic kernel to handle allocating resources and sharing rather than developing straight to the hardware<br />
* multiplex resources securly providing protection to mutualy distrustfull application threw the use of secure binding's<br />
<br />
----<br />
<br />
* Goal of the exokernel is to give LibOS maximum freedom with out allowing them to interfere with each other. to do this the exokernel seperates protection from managment in doing this it provide 3 important tasks[1]<br />
** tracking ownership of resources [1]<br />
** ensuring protection by guarding all resource usage and binding points (not to shure what binding points are)[1]<br />
** revoking acces to the resources [1]<br />
* LibrayOS (LibOs)<br />
** Reduces the numbrt of kernel crossings[1]<br />
** Not trusted by the exokernel so can be trusted by the application , Example given is a bad pramater passed to the LibOs only the application is affected.[1] (So LibOs cant interact with kernel ???)<br />
** Any application running on the Exokernel can change the LibrayOs freely [1]<br />
** Application that use LibOS that implement standard interfaces (POSIX) will be portable on any system with the same interface [1]<br />
** LibOs can be made portable if it is desgined to interact with a low-level machine independant level to hide hardware details [1]<br />
<br />
=== Exokernel Design ===<br />
==== Design Principles ====<br />
*Securely Expose Hardware [1]<br />
** an Exokernel tries to creat low level primatives that the hardware resources can be accesse from, this allso includes interrupt's,exceptions [1]<br />
** the exokernel also export priviledged instructions to the LibOS so that traditional OS abstractions can be implemented (eg Process , address pace)[1]<br />
** Exokernels should avoid resource managment except when required protection ( allocation , revocation , ownership)[1]<br />
** application based resource managment is the best way to build fexible efficient flexible systems [1]<br />
*Expose allocation[1]<br />
** allow LibOs to request physical resources [1]<br />
** resource allocation should not be automatic, the LibOS should participate in every single allocation decision [1]<br />
*Expose Names[1]<br />
** Use physical name's when ever possible[3] (not to shure what physical names are, i think it is as simple as what the hardware is called)--[[User:Asoknack|Asoknack]] 20:27, 9 October 2010 (UTC)<br />
** Physical names capture usefull information [3]<br />
*** safer than and less resource intesive than vitual names as no translations are needed[3]<br />
*Expose Revocation [1]<br />
** use visible revocation protocol [1]<br />
** allows well behaved LibOS to preform application level resource managment [1]<br />
** Visible revocation allows the LibOS to choose what instance of the resource to release[1](Visible means that when revocation happen's the exokernel tell the LibOS that resource is being revoked)<br />
''' Policy '''<br />
* LibOS handle resource policy decisions<br />
* Exokernels have a policy to decided between competeing LibOS (Priority , share of resources)<br />
** it enforces this threw allocation and deallocation (every thing can achived threw this even what block to write and such)<br />
<br />
==== Secure Bindings ====<br />
* Used by the exokernel to allow the LibOS to bind to resources [1]<br />
* Allow's the seperation of protection and resource use [1]<br />
* only checks authorization durning bind time [1]<br />
** Application's with complex need's for resources only authorized durining bind.[1]<br />
* acces checking is done during acces time and there is no need to understand complex accese need's during acces[1]<br />
** (this mean's that the exokernel check's once to make shure an application has authorization once approved, when the application tries to use the resource the exokernel is only concerned about policy conflict's)--[[User:Asoknack|Asoknack]] 18:20, 9 October 2010 (UTC)<br />
** alow's the kernel to protect the resources with out understanding what the resource is [1]<br />
*three way's to implement<br />
* Hardware Mechanisms [1]<br />
* Software caching [1]<br />
* Downloading application code [1]<br />
''' Downloading Code to the Kernel '''<br />
* used to implement secure bindings , and improve preformance[1]<br />
** eleminate the number of kernel crossings [1]<br />
** downloaded code can be run with out the application to be schedualed [2]<br />
==== Visible Resource Revocation ====<br />
* Used for most resources [1]<br />
** allow's for LibOS to help with deallocation [1]<br />
** LibOS are able to garnner what resources are scare [1]<br />
* Slower than Invisible as application involment is required [1]<br />
** ex of when invisible is used is Processor addressing-context identifiers [1]<br />
==== Abort Protocol ====<br />
* allow's the exokernel to take resources away from the LibOS [1]<br />
* used when the LibOS fail's to respond to the revocation request [1]<br />
* Exokernel must be careful not to delete as the LibOS might need to write some system critical data to the resource [1]<br />
<br />
== References ==<br />
[1]<nowiki> Engler, D. R., Kaashoek, M. F., and O'Toole, J. 1995. Exokernel: an operating system architecture for application-level resource management. In Proceedings of the Fifteenth ACM Symposium on Operating Systems Principles (Copper Mountain, Colorado, United States, December 03 - 06, 1995). M. B. Jones, Ed. SOSP '95. ACM, New York, NY, 251-266. DOI= http://doi.acm.org/10.1145/224056.224076 </nowiki><br />
<br />
[2]<nowiki>Engler, Dawson R. "The Exokernel Operating System Architecture." Diss. Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 1998. Web. 9 Oct. 2010. <http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.61.5054&rep=rep1&type=pdf>.</nowiki><br />
<br />
[3]<nowiki>Kaashoek, M. F., Engler, D. R., Ganger, G. R., Briceño, H. M., Hunt, R., Mazières, D., Pinckney, T., Grimm, R., Jannotti, J., and Mackenzie, K. 1997. Application performance and flexibility on exokernel systems. In Proceedings of the Sixteenth ACM Symposium on Operating Systems Principles (Saint Malo, France, October 05 - 08, 1997). W. M. Waite, Ed. SOSP '97. ACM, New York, NY, 52-65. DOI= http://doi.acm.org/10.1145/268998.266644 </nowiki><br />
<br />
[4]<nowiki>Vallee, G.; Naughton, T.; Engelmann, C.; Hong Ong; Scott, S.L.; , "System-Level Virtualization for High Performance Computing," Parallel, Distributed and Network-Based Processing, 2008. PDP 2008. 16th Euromicro Conference on , vol., no., pp.636-643, 13-15 Feb. 2008<br />
DOI= http://doi.acm.org/10.1109/PDP.2008.85 </nowiki><br />
<br />
[5]<nowiki>Goldberg, R. P. 1973. Architecture of virtual machines. In Proceedings of the Workshop on Virtual Computer Systems (Cambridge, Massachusetts, United States, March 26 - 27, 1973). ACM, New York, NY, 74-112. DOI= http://doi.acm.org/10.1145/800122.803950 </nowiki><br />
<br />
[6]<nowiki>Vallee, G., Naughton, T., and Scott, S. L. 2007. System management software for virtual environments. In Proceedings of the 4th international Conference on Computing Frontiers (Ischia, Italy, May 07 - 09, 2007). CF '07. ACM, New York, NY, 153-160. DOI= http://doi.acm.org/10.1145/1242531.1242555 </nowiki><br />
<br />
== Unsorted ==<br />
Exokernel-<br />
Minimalistic abstractions for developers<br />
Exokernels can be seen as a good compromise between virtual machines and microkernels in the sense that exokernels can give that low level access to developers similar to direct access through a protected layer and at the same time can contain enough hardware abstraction to allow similar benefit of hiding the hardware resources to application programs.<br />
Exokernel – fewest hardware abstractions to developer<br />
Microkernel - is the near-minimum amount of software that can provide the mechanisms needed to implement an operating system<br />
Virtual machine is a simulation of any or devices requested by an application program<br />
Exokenel – I’ve got a sound card<br />
Virtual Machine – I’ve got the sound card you’re looking for, perfect virtual match<br />
Microkernel – I’ve got sound card that plays Khazikstan sound format only<br />
MicroKernel - Very small, very predictable, good for schedualing (QNX is a microkernel - POSIX compatable, benefits of running linux software like modern browsers) <br />
<br />
This is some ideas I've got on this question, please contribute below<br />
-Rovic<br />
<br />
Outlining some main features here as I see them.<br />
<br />
I found that the exokernel was an even lower-level design than the microkernel, closer to the hardware without abstraction. They have the same architecture with the basic functionality contained in the kernel to manage everyone. As the exokernel "gives" the resource to the application it can use the resource in isolation of other applications (until forced to shared) much like VMs receive their resources, either partitioned or virtualized, and execute as if its running on its own machine. There is this similar notion of partitioning the resources among applications/OS and allowing them to take control of what they have. <br />
<br />
I'll locate some references later on. --[[User:Slay|Slay]] 15:00, 7 October 2010 (UTC)<br />
<br />
<br />
Maybe we can have an introduction - paragraph or so on each type - then similarities - differences - and the compromise. I am going to do some research and writing this weekend and I will put some up -- Jslonosky<br />
<br />
btw in my page (i guess you can call it that) i have some resources i have found --[[User:Asoknack|Asoknack]] 15:50, 8 October 2010 (UTC)<br />
- Wow, nice man. I will go ahead and write up the descriptive paragraphs on each kernel and virtual machine if no one minds. --Jslonosky</div>Asoknackhttps://homeostasis.scs.carleton.ca/wiki/index.php?title=Talk:COMP_3000_Essay_1_2010_Question_1&diff=2712Talk:COMP 3000 Essay 1 2010 Question 12010-10-09T21:07:42Z<p>Asoknack: /* References */</p>
<hr />
<div>== Microkernel == <br />
* Moving kernel functionality into processes contained in user space, e.g. file systems, drivers<br />
* Keep basic functionality in kernel to handle sharing of resources<br />
* Separation allows for manageability and security, corruption in one does not necessarily cause failure in system<br />
<br />
== Virtual Machine ==<br />
* Partitioning or virtualizing resources among OS virtualization running on top of host OS<br />
* Virtualized OS believe running on full machine on its own<br />
<br />
----<br />
System Level Virtualization<br />
<br />
''' VMM '''<br />
* stands for Virtual Machine Monitor, also known as the hypervisor[4]<br />
* responsible for virtualization of hardware(mapping physical to virtual) and the VM that run on top of the virtualized hardware [4]<br />
* usualy a small os with no drivers , so it is coupled with a linux distro that provides device / hardware acces [4]<br />
''' VM '''<br />
<br />
*two approaches<br />
*Type I virtualization<br />
** run's off the physical hardware [4]<br />
** Xen [4]<br />
*Type II virtualization<br />
** run off the host Os [4]<br />
** VMware , QEMU [4]<br />
<br />
== Exokernel ==<br />
* Microkernel architecture with limited abstractions, ask for resource, get resource not resource abstraction<br />
* Less functionality provided by kernel, security and handling of resource sharing<br />
* Once application receives resource, it can use it as it wishes/in control<br />
* Keep the basic kernel to handle allocating resources and sharing rather than developing straight to the hardware<br />
* multiplex resources securly providing protection to mutualy distrustfull application threw the use of secure binding's<br />
<br />
----<br />
<br />
* Goal of the exokernel is to give LibOS maximum freedom with out allowing them to interfere with each other. to do this the exokernel seperates protection from managment in doing this it provide 3 important tasks[1]<br />
** tracking ownership of resources [1]<br />
** ensuring protection by guarding all resource usage and binding points (not to shure what binding points are)[1]<br />
** revoking acces to the resources [1]<br />
* LibrayOS (LibOs)<br />
** Reduces the numbrt of kernel crossings[1]<br />
** Not trusted by the exokernel so can be trusted by the application , Example given is a bad pramater passed to the LibOs only the application is affected.[1] (So LibOs cant interact with kernel ???)<br />
** Any application running on the Exokernel can change the LibrayOs freely [1]<br />
** Application that use LibOS that implement standard interfaces (POSIX) will be portable on any system with the same interface [1]<br />
** LibOs can be made portable if it is desgined to interact with a low-level machine independant level to hide hardware details [1]<br />
<br />
=== Exokernel Design ===<br />
==== Design Principles ====<br />
*Securely Expose Hardware [1]<br />
** an Exokernel tries to creat low level primatives that the hardware resources can be accesse from, this allso includes interrupt's,exceptions [1]<br />
** the exokernel also export priviledged instructions to the LibOS so that traditional OS abstractions can be implemented (eg Process , address pace)[1]<br />
** Exokernels should avoid resource managment except when required protection ( allocation , revocation , ownership)[1]<br />
** application based resource managment is the best way to build fexible efficient flexible systems [1]<br />
*Expose allocation[1]<br />
** allow LibOs to request physical resources [1]<br />
** resource allocation should not be automatic, the LibOS should participate in every single allocation decision [1]<br />
*Expose Names[1]<br />
** Use physical name's when ever possible[3] (not to shure what physical names are, i think it is as simple as what the hardware is called)--[[User:Asoknack|Asoknack]] 20:27, 9 October 2010 (UTC)<br />
** Physical names capture usefull information [3]<br />
*** safer than and less resource intesive than vitual names as no translations are needed[3]<br />
*Expose Revocation [1]<br />
** use visible revocation protocol [1]<br />
** allows well behaved LibOS to preform application level resource managment [1]<br />
** Visible revocation allows the LibOS to choose what instance of the resource to release[1](Visible means that when revocation happen's the exokernel tell the LibOS that resource is being revoked)<br />
''' Policy '''<br />
* LibOS handle resource policy decisions<br />
* Exokernels have a policy to decided between competeing LibOS (Priority , share of resources)<br />
** it enforces this threw allocation and deallocation (every thing can achived threw this even what block to write and such)<br />
<br />
==== Secure Bindings ====<br />
* Used by the exokernel to allow the LibOS to bind to resources [1]<br />
* Allow's the seperation of protection and resource use [1]<br />
* only checks authorization durning bind time [1]<br />
** Application's with complex need's for resources only authorized durining bind.[1]<br />
* acces checking is done during acces time and there is no need to understand complex accese need's during acces[1]<br />
** (this mean's that the exokernel check's once to make shure an application has authorization once approved, when the application tries to use the resource the exokernel is only concerned about policy conflict's)--[[User:Asoknack|Asoknack]] 18:20, 9 October 2010 (UTC)<br />
** alow's the kernel to protect the resources with out understanding what the resource is [1]<br />
*three way's to implement<br />
* Hardware Mechanisms [1]<br />
* Software caching [1]<br />
* Downloading application code [1]<br />
''' Downloading Code to the Kernel '''<br />
* used to implement secure bindings , and improve preformance[1]<br />
** eleminate the number of kernel crossings [1]<br />
** downloaded code can be run with out the application to be schedualed [2]<br />
==== Visible Resource Revocation ====<br />
* Used for most resources [1]<br />
** allow's for LibOS to help with deallocation [1]<br />
** LibOS are able to garnner what resources are scare [1]<br />
* Slower than Invisible as application involment is required [1]<br />
** ex of when invisible is used is Processor addressing-context identifiers [1]<br />
==== Abort Protocol ====<br />
* allow's the exokernel to take resources away from the LibOS [1]<br />
* used when the LibOS fail's to respond to the revocation request [1]<br />
* Exokernel must be careful not to delete as the LibOS might need to write some system critical data to the resource [1]<br />
<br />
== References ==<br />
[1]<nowiki> Engler, D. R., Kaashoek, M. F., and O'Toole, J. 1995. Exokernel: an operating system architecture for application-level resource management. In Proceedings of the Fifteenth ACM Symposium on Operating Systems Principles (Copper Mountain, Colorado, United States, December 03 - 06, 1995). M. B. Jones, Ed. SOSP '95. ACM, New York, NY, 251-266. DOI= http://doi.acm.org/10.1145/224056.224076 </nowiki><br />
<br />
[2]<nowiki>Engler, Dawson R. "The Exokernel Operating System Architecture." Diss. Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 1998. Web. 9 Oct. 2010. <http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.61.5054&rep=rep1&type=pdf>.</nowiki><br />
<br />
[3]<nowiki>Kaashoek, M. F., Engler, D. R., Ganger, G. R., Briceño, H. M., Hunt, R., Mazières, D., Pinckney, T., Grimm, R., Jannotti, J., and Mackenzie, K. 1997. Application performance and flexibility on exokernel systems. In Proceedings of the Sixteenth ACM Symposium on Operating Systems Principles (Saint Malo, France, October 05 - 08, 1997). W. M. Waite, Ed. SOSP '97. ACM, New York, NY, 52-65. DOI= http://doi.acm.org/10.1145/268998.266644 </nowiki><br />
<br />
[4]<nowiki>Vallee, G.; Naughton, T.; Engelmann, C.; Hong Ong; Scott, S.L.; , "System-Level Virtualization for High Performance Computing," Parallel, Distributed and Network-Based Processing, 2008. PDP 2008. 16th Euromicro Conference on , vol., no., pp.636-643, 13-15 Feb. 2008<br />
DOI= http://doi.acm.org/10.1109/PDP.2008.85 </nowiki><br />
<br />
[5]<nowiki>Goldberg, R. P. 1973. Architecture of virtual machines. In Proceedings of the Workshop on Virtual Computer Systems (Cambridge, Massachusetts, United States, March 26 - 27, 1973). ACM, New York, NY, 74-112. DOI= http://doi.acm.org/10.1145/800122.803950 </nowiki><br />
<br />
[6]<nowiki>Vallee, G., Naughton, T., and Scott, S. L. 2007. System management software for virtual environments. In Proceedings of the 4th international Conference on Computing Frontiers (Ischia, Italy, May 07 - 09, 2007). CF '07. ACM, New York, NY, 153-160. DOI= http://doi.acm.org/10.1145/1242531.1242555 </nowiki><br />
<br />
== Unsorted ==<br />
Exokernel-<br />
Minimalistic abstractions for developers<br />
Exokernels can be seen as a good compromise between virtual machines and microkernels in the sense that exokernels can give that low level access to developers similar to direct access through a protected layer and at the same time can contain enough hardware abstraction to allow similar benefit of hiding the hardware resources to application programs.<br />
Exokernel – fewest hardware abstractions to developer<br />
Microkernel - is the near-minimum amount of software that can provide the mechanisms needed to implement an operating system<br />
Virtual machine is a simulation of any or devices requested by an application program<br />
Exokenel – I’ve got a sound card<br />
Virtual Machine – I’ve got the sound card you’re looking for, perfect virtual match<br />
Microkernel – I’ve got sound card that plays Khazikstan sound format only<br />
MicroKernel - Very small, very predictable, good for schedualing (QNX is a microkernel - POSIX compatable, benefits of running linux software like modern browsers) <br />
<br />
This is some ideas I've got on this question, please contribute below<br />
-Rovic<br />
<br />
Outlining some main features here as I see them.<br />
<br />
I found that the exokernel was an even lower-level design than the microkernel, closer to the hardware without abstraction. They have the same architecture with the basic functionality contained in the kernel to manage everyone. As the exokernel "gives" the resource to the application it can use the resource in isolation of other applications (until forced to shared) much like VMs receive their resources, either partitioned or virtualized, and execute as if its running on its own machine. There is this similar notion of partitioning the resources among applications/OS and allowing them to take control of what they have. <br />
<br />
I'll locate some references later on. --[[User:Slay|Slay]] 15:00, 7 October 2010 (UTC)<br />
<br />
<br />
Maybe we can have an introduction - paragraph or so on each type - then similarities - differences - and the compromise. I am going to do some research and writing this weekend and I will put some up -- Jslonosky<br />
<br />
btw in my page (i guess you can call it that) i have some resources i have found --[[User:Asoknack|Asoknack]] 15:50, 8 October 2010 (UTC)<br />
- Wow, nice man. I will go ahead and write up the descriptive paragraphs on each kernel and virtual machine if no one minds. --Jslonosky</div>Asoknackhttps://homeostasis.scs.carleton.ca/wiki/index.php?title=Talk:COMP_3000_Essay_1_2010_Question_1&diff=2710Talk:COMP 3000 Essay 1 2010 Question 12010-10-09T21:06:38Z<p>Asoknack: /* Virtual Machine */</p>
<hr />
<div>== Microkernel == <br />
* Moving kernel functionality into processes contained in user space, e.g. file systems, drivers<br />
* Keep basic functionality in kernel to handle sharing of resources<br />
* Separation allows for manageability and security, corruption in one does not necessarily cause failure in system<br />
<br />
== Virtual Machine ==<br />
* Partitioning or virtualizing resources among OS virtualization running on top of host OS<br />
* Virtualized OS believe running on full machine on its own<br />
<br />
----<br />
System Level Virtualization<br />
<br />
''' VMM '''<br />
* stands for Virtual Machine Monitor, also known as the hypervisor[4]<br />
* responsible for virtualization of hardware(mapping physical to virtual) and the VM that run on top of the virtualized hardware [4]<br />
* usualy a small os with no drivers , so it is coupled with a linux distro that provides device / hardware acces [4]<br />
''' VM '''<br />
<br />
*two approaches<br />
*Type I virtualization<br />
** run's off the physical hardware [4]<br />
** Xen [4]<br />
*Type II virtualization<br />
** run off the host Os [4]<br />
** VMware , QEMU [4]<br />
<br />
== Exokernel ==<br />
* Microkernel architecture with limited abstractions, ask for resource, get resource not resource abstraction<br />
* Less functionality provided by kernel, security and handling of resource sharing<br />
* Once application receives resource, it can use it as it wishes/in control<br />
* Keep the basic kernel to handle allocating resources and sharing rather than developing straight to the hardware<br />
* multiplex resources securly providing protection to mutualy distrustfull application threw the use of secure binding's<br />
<br />
----<br />
<br />
* Goal of the exokernel is to give LibOS maximum freedom with out allowing them to interfere with each other. to do this the exokernel seperates protection from managment in doing this it provide 3 important tasks[1]<br />
** tracking ownership of resources [1]<br />
** ensuring protection by guarding all resource usage and binding points (not to shure what binding points are)[1]<br />
** revoking acces to the resources [1]<br />
* LibrayOS (LibOs)<br />
** Reduces the numbrt of kernel crossings[1]<br />
** Not trusted by the exokernel so can be trusted by the application , Example given is a bad pramater passed to the LibOs only the application is affected.[1] (So LibOs cant interact with kernel ???)<br />
** Any application running on the Exokernel can change the LibrayOs freely [1]<br />
** Application that use LibOS that implement standard interfaces (POSIX) will be portable on any system with the same interface [1]<br />
** LibOs can be made portable if it is desgined to interact with a low-level machine independant level to hide hardware details [1]<br />
<br />
=== Exokernel Design ===<br />
==== Design Principles ====<br />
*Securely Expose Hardware [1]<br />
** an Exokernel tries to creat low level primatives that the hardware resources can be accesse from, this allso includes interrupt's,exceptions [1]<br />
** the exokernel also export priviledged instructions to the LibOS so that traditional OS abstractions can be implemented (eg Process , address pace)[1]<br />
** Exokernels should avoid resource managment except when required protection ( allocation , revocation , ownership)[1]<br />
** application based resource managment is the best way to build fexible efficient flexible systems [1]<br />
*Expose allocation[1]<br />
** allow LibOs to request physical resources [1]<br />
** resource allocation should not be automatic, the LibOS should participate in every single allocation decision [1]<br />
*Expose Names[1]<br />
** Use physical name's when ever possible[3] (not to shure what physical names are, i think it is as simple as what the hardware is called)--[[User:Asoknack|Asoknack]] 20:27, 9 October 2010 (UTC)<br />
** Physical names capture usefull information [3]<br />
*** safer than and less resource intesive than vitual names as no translations are needed[3]<br />
*Expose Revocation [1]<br />
** use visible revocation protocol [1]<br />
** allows well behaved LibOS to preform application level resource managment [1]<br />
** Visible revocation allows the LibOS to choose what instance of the resource to release[1](Visible means that when revocation happen's the exokernel tell the LibOS that resource is being revoked)<br />
''' Policy '''<br />
* LibOS handle resource policy decisions<br />
* Exokernels have a policy to decided between competeing LibOS (Priority , share of resources)<br />
** it enforces this threw allocation and deallocation (every thing can achived threw this even what block to write and such)<br />
<br />
==== Secure Bindings ====<br />
* Used by the exokernel to allow the LibOS to bind to resources [1]<br />
* Allow's the seperation of protection and resource use [1]<br />
* only checks authorization durning bind time [1]<br />
** Application's with complex need's for resources only authorized durining bind.[1]<br />
* acces checking is done during acces time and there is no need to understand complex accese need's during acces[1]<br />
** (this mean's that the exokernel check's once to make shure an application has authorization once approved, when the application tries to use the resource the exokernel is only concerned about policy conflict's)--[[User:Asoknack|Asoknack]] 18:20, 9 October 2010 (UTC)<br />
** alow's the kernel to protect the resources with out understanding what the resource is [1]<br />
*three way's to implement<br />
* Hardware Mechanisms [1]<br />
* Software caching [1]<br />
* Downloading application code [1]<br />
''' Downloading Code to the Kernel '''<br />
* used to implement secure bindings , and improve preformance[1]<br />
** eleminate the number of kernel crossings [1]<br />
** downloaded code can be run with out the application to be schedualed [2]<br />
==== Visible Resource Revocation ====<br />
* Used for most resources [1]<br />
** allow's for LibOS to help with deallocation [1]<br />
** LibOS are able to garnner what resources are scare [1]<br />
* Slower than Invisible as application involment is required [1]<br />
** ex of when invisible is used is Processor addressing-context identifiers [1]<br />
==== Abort Protocol ====<br />
* allow's the exokernel to take resources away from the LibOS [1]<br />
* used when the LibOS fail's to respond to the revocation request [1]<br />
* Exokernel must be careful not to delete as the LibOS might need to write some system critical data to the resource [1]<br />
<br />
== References ==<br />
[1]<nowiki> Engler, D. R., Kaashoek, M. F., and O'Toole, J. 1995. Exokernel: an operating system architecture for application-level resource management. In Proceedings of the Fifteenth ACM Symposium on Operating Systems Principles (Copper Mountain, Colorado, United States, December 03 - 06, 1995). M. B. Jones, Ed. SOSP '95. ACM, New York, NY, 251-266. DOI= http://doi.acm.org/10.1145/224056.224076 </nowiki><br />
<br />
[2]<nowiki>Engler, Dawson R. "The Exokernel Operating System Architecture." Diss. Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 1998. Web. 9 Oct. 2010. <http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.61.5054&rep=rep1&type=pdf>.</nowiki><br />
<br />
[3]<nowiki>Kaashoek, M. F., Engler, D. R., Ganger, G. R., Briceño, H. M., Hunt, R., Mazières, D., Pinckney, T., Grimm, R., Jannotti, J., and Mackenzie, K. 1997. Application performance and flexibility on exokernel systems. In Proceedings of the Sixteenth ACM Symposium on Operating Systems Principles (Saint Malo, France, October 05 - 08, 1997). W. M. Waite, Ed. SOSP '97. ACM, New York, NY, 52-65. DOI= http://doi.acm.org/10.1145/268998.266644 </nowiki><br />
<br />
[4]<nowiki>Vallee, G.; Naughton, T.; Engelmann, C.; Hong Ong; Scott, S.L.; , "System-Level Virtualization for High Performance Computing," Parallel, Distributed and Network-Based Processing, 2008. PDP 2008. 16th Euromicro Conference on , vol., no., pp.636-643, 13-15 Feb. 2008<br />
DOI= http://doi.acm.org/10.1109/PDP.2008.85 </nowiki><br />
<br />
[5]<nowiki>Goldberg, R. P. 1973. Architecture of virtual machines. In Proceedings of the Workshop on Virtual Computer Systems (Cambridge, Massachusetts, United States, March 26 - 27, 1973). ACM, New York, NY, 74-112. DOI= http://doi.acm.org/10.1145/800122.803950 </nowiki><br />
<br />
== Unsorted ==<br />
Exokernel-<br />
Minimalistic abstractions for developers<br />
Exokernels can be seen as a good compromise between virtual machines and microkernels in the sense that exokernels can give that low level access to developers similar to direct access through a protected layer and at the same time can contain enough hardware abstraction to allow similar benefit of hiding the hardware resources to application programs.<br />
Exokernel – fewest hardware abstractions to developer<br />
Microkernel - is the near-minimum amount of software that can provide the mechanisms needed to implement an operating system<br />
Virtual machine is a simulation of any or devices requested by an application program<br />
Exokenel – I’ve got a sound card<br />
Virtual Machine – I’ve got the sound card you’re looking for, perfect virtual match<br />
Microkernel – I’ve got sound card that plays Khazikstan sound format only<br />
MicroKernel - Very small, very predictable, good for schedualing (QNX is a microkernel - POSIX compatable, benefits of running linux software like modern browsers) <br />
<br />
This is some ideas I've got on this question, please contribute below<br />
-Rovic<br />
<br />
Outlining some main features here as I see them.<br />
<br />
I found that the exokernel was an even lower-level design than the microkernel, closer to the hardware without abstraction. They have the same architecture with the basic functionality contained in the kernel to manage everyone. As the exokernel "gives" the resource to the application it can use the resource in isolation of other applications (until forced to shared) much like VMs receive their resources, either partitioned or virtualized, and execute as if its running on its own machine. There is this similar notion of partitioning the resources among applications/OS and allowing them to take control of what they have. <br />
<br />
I'll locate some references later on. --[[User:Slay|Slay]] 15:00, 7 October 2010 (UTC)<br />
<br />
<br />
Maybe we can have an introduction - paragraph or so on each type - then similarities - differences - and the compromise. I am going to do some research and writing this weekend and I will put some up -- Jslonosky<br />
<br />
btw in my page (i guess you can call it that) i have some resources i have found --[[User:Asoknack|Asoknack]] 15:50, 8 October 2010 (UTC)<br />
- Wow, nice man. I will go ahead and write up the descriptive paragraphs on each kernel and virtual machine if no one minds. --Jslonosky</div>Asoknackhttps://homeostasis.scs.carleton.ca/wiki/index.php?title=Talk:COMP_3000_Essay_1_2010_Question_1&diff=2707Talk:COMP 3000 Essay 1 2010 Question 12010-10-09T20:56:53Z<p>Asoknack: /* References */</p>
<hr />
<div>== Microkernel == <br />
* Moving kernel functionality into processes contained in user space, e.g. file systems, drivers<br />
* Keep basic functionality in kernel to handle sharing of resources<br />
* Separation allows for manageability and security, corruption in one does not necessarily cause failure in system<br />
<br />
== Virtual Machine ==<br />
* Partitioning or virtualizing resources among OS virtualization running on top of host OS<br />
* Virtualized OS believe running on full machine on its own<br />
<br />
----<br />
System Level Virtualization<br />
''' VMM '''<br />
* stands for Virtual Machine Monitor, also known as the hypervisor[4]<br />
* responsible for virtualization of hardware and the VM that run on top of the virtualized hardware [4]<br />
* usualy a small os with no drivers , so it is coupled with a linux distro that provides device / hardware acces [4]<br />
''' VM '''<br />
<br />
*two approaches<br />
*Type I virtualization<br />
** run's off the physical hardware [4]<br />
** Xen [4]<br />
*Type II virtualization<br />
** run off the host Os [4]<br />
** VMware , QEMU [4]<br />
<br />
== Exokernel ==<br />
* Microkernel architecture with limited abstractions, ask for resource, get resource not resource abstraction<br />
* Less functionality provided by kernel, security and handling of resource sharing<br />
* Once application receives resource, it can use it as it wishes/in control<br />
* Keep the basic kernel to handle allocating resources and sharing rather than developing straight to the hardware<br />
* multiplex resources securly providing protection to mutualy distrustfull application threw the use of secure binding's<br />
<br />
----<br />
<br />
* Goal of the exokernel is to give LibOS maximum freedom with out allowing them to interfere with each other. to do this the exokernel seperates protection from managment in doing this it provide 3 important tasks[1]<br />
** tracking ownership of resources [1]<br />
** ensuring protection by guarding all resource usage and binding points (not to shure what binding points are)[1]<br />
** revoking acces to the resources [1]<br />
* LibrayOS (LibOs)<br />
** Reduces the numbrt of kernel crossings[1]<br />
** Not trusted by the exokernel so can be trusted by the application , Example given is a bad pramater passed to the LibOs only the application is affected.[1] (So LibOs cant interact with kernel ???)<br />
** Any application running on the Exokernel can change the LibrayOs freely [1]<br />
** Application that use LibOS that implement standard interfaces (POSIX) will be portable on any system with the same interface [1]<br />
** LibOs can be made portable if it is desgined to interact with a low-level machine independant level to hide hardware details [1]<br />
<br />
=== Exokernel Design ===<br />
==== Design Principles ====<br />
*Securely Expose Hardware [1]<br />
** an Exokernel tries to creat low level primatives that the hardware resources can be accesse from, this allso includes interrupt's,exceptions [1]<br />
** the exokernel also export priviledged instructions to the LibOS so that traditional OS abstractions can be implemented (eg Process , address pace)[1]<br />
** Exokernels should avoid resource managment except when required protection ( allocation , revocation , ownership)[1]<br />
** application based resource managment is the best way to build fexible efficient flexible systems [1]<br />
*Expose allocation[1]<br />
** allow LibOs to request physical resources [1]<br />
** resource allocation should not be automatic, the LibOS should participate in every single allocation decision [1]<br />
*Expose Names[1]<br />
** Use physical name's when ever possible[3] (not to shure what physical names are, i think it is as simple as what the hardware is called)--[[User:Asoknack|Asoknack]] 20:27, 9 October 2010 (UTC)<br />
** Physical names capture usefull information [3]<br />
*** safer than and less resource intesive than vitual names as no translations are needed[3]<br />
*Expose Revocation [1]<br />
** use visible revocation protocol [1]<br />
** allows well behaved LibOS to preform application level resource managment [1]<br />
** Visible revocation allows the LibOS to choose what instance of the resource to release[1](Visible means that when revocation happen's the exokernel tell the LibOS that resource is being revoked)<br />
''' Policy '''<br />
* LibOS handle resource policy decisions<br />
* Exokernels have a policy to decided between competeing LibOS (Priority , share of resources)<br />
** it enforces this threw allocation and deallocation (every thing can achived threw this even what block to write and such)<br />
<br />
==== Secure Bindings ====<br />
* Used by the exokernel to allow the LibOS to bind to resources [1]<br />
* Allow's the seperation of protection and resource use [1]<br />
* only checks authorization durning bind time [1]<br />
** Application's with complex need's for resources only authorized durining bind.[1]<br />
* acces checking is done during acces time and there is no need to understand complex accese need's during acces[1]<br />
** (this mean's that the exokernel check's once to make shure an application has authorization once approved, when the application tries to use the resource the exokernel is only concerned about policy conflict's)--[[User:Asoknack|Asoknack]] 18:20, 9 October 2010 (UTC)<br />
** alow's the kernel to protect the resources with out understanding what the resource is [1]<br />
*three way's to implement<br />
* Hardware Mechanisms [1]<br />
* Software caching [1]<br />
* Downloading application code [1]<br />
''' Downloading Code to the Kernel '''<br />
* used to implement secure bindings , and improve preformance[1]<br />
** eleminate the number of kernel crossings [1]<br />
** downloaded code can be run with out the application to be schedualed [2]<br />
==== Visible Resource Revocation ====<br />
* Used for most resources [1]<br />
** allow's for LibOS to help with deallocation [1]<br />
** LibOS are able to garnner what resources are scare [1]<br />
* Slower than Invisible as application involment is required [1]<br />
** ex of when invisible is used is Processor addressing-context identifiers [1]<br />
==== Abort Protocol ====<br />
* allow's the exokernel to take resources away from the LibOS [1]<br />
* used when the LibOS fail's to respond to the revocation request [1]<br />
* Exokernel must be careful not to delete as the LibOS might need to write some system critical data to the resource [1]<br />
<br />
== References ==<br />
[1]<nowiki> Engler, D. R., Kaashoek, M. F., and O'Toole, J. 1995. Exokernel: an operating system architecture for application-level resource management. In Proceedings of the Fifteenth ACM Symposium on Operating Systems Principles (Copper Mountain, Colorado, United States, December 03 - 06, 1995). M. B. Jones, Ed. SOSP '95. ACM, New York, NY, 251-266. DOI= http://doi.acm.org/10.1145/224056.224076 </nowiki><br />
<br />
[2]<nowiki>Engler, Dawson R. "The Exokernel Operating System Architecture." Diss. Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 1998. Web. 9 Oct. 2010. <http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.61.5054&rep=rep1&type=pdf>.</nowiki><br />
<br />
[3]<nowiki>Kaashoek, M. F., Engler, D. R., Ganger, G. R., Briceño, H. M., Hunt, R., Mazières, D., Pinckney, T., Grimm, R., Jannotti, J., and Mackenzie, K. 1997. Application performance and flexibility on exokernel systems. In Proceedings of the Sixteenth ACM Symposium on Operating Systems Principles (Saint Malo, France, October 05 - 08, 1997). W. M. Waite, Ed. SOSP '97. ACM, New York, NY, 52-65. DOI= http://doi.acm.org/10.1145/268998.266644 </nowiki><br />
<br />
[4]<nowiki>Vallee, G.; Naughton, T.; Engelmann, C.; Hong Ong; Scott, S.L.; , "System-Level Virtualization for High Performance Computing," Parallel, Distributed and Network-Based Processing, 2008. PDP 2008. 16th Euromicro Conference on , vol., no., pp.636-643, 13-15 Feb. 2008<br />
DOI= http://doi.acm.org/10.1109/PDP.2008.85 </nowiki><br />
<br />
[5]<nowiki>Goldberg, R. P. 1973. Architecture of virtual machines. In Proceedings of the Workshop on Virtual Computer Systems (Cambridge, Massachusetts, United States, March 26 - 27, 1973). ACM, New York, NY, 74-112. DOI= http://doi.acm.org/10.1145/800122.803950 </nowiki><br />
<br />
== Unsorted ==<br />
Exokernel-<br />
Minimalistic abstractions for developers<br />
Exokernels can be seen as a good compromise between virtual machines and microkernels in the sense that exokernels can give that low level access to developers similar to direct access through a protected layer and at the same time can contain enough hardware abstraction to allow similar benefit of hiding the hardware resources to application programs.<br />
Exokernel – fewest hardware abstractions to developer<br />
Microkernel - is the near-minimum amount of software that can provide the mechanisms needed to implement an operating system<br />
Virtual machine is a simulation of any or devices requested by an application program<br />
Exokenel – I’ve got a sound card<br />
Virtual Machine – I’ve got the sound card you’re looking for, perfect virtual match<br />
Microkernel – I’ve got sound card that plays Khazikstan sound format only<br />
MicroKernel - Very small, very predictable, good for schedualing (QNX is a microkernel - POSIX compatable, benefits of running linux software like modern browsers) <br />
<br />
This is some ideas I've got on this question, please contribute below<br />
-Rovic<br />
<br />
Outlining some main features here as I see them.<br />
<br />
I found that the exokernel was an even lower-level design than the microkernel, closer to the hardware without abstraction. They have the same architecture with the basic functionality contained in the kernel to manage everyone. As the exokernel "gives" the resource to the application it can use the resource in isolation of other applications (until forced to shared) much like VMs receive their resources, either partitioned or virtualized, and execute as if its running on its own machine. There is this similar notion of partitioning the resources among applications/OS and allowing them to take control of what they have. <br />
<br />
I'll locate some references later on. --[[User:Slay|Slay]] 15:00, 7 October 2010 (UTC)<br />
<br />
<br />
Maybe we can have an introduction - paragraph or so on each type - then similarities - differences - and the compromise. I am going to do some research and writing this weekend and I will put some up -- Jslonosky<br />
<br />
btw in my page (i guess you can call it that) i have some resources i have found --[[User:Asoknack|Asoknack]] 15:50, 8 October 2010 (UTC)<br />
- Wow, nice man. I will go ahead and write up the descriptive paragraphs on each kernel and virtual machine if no one minds. --Jslonosky</div>Asoknackhttps://homeostasis.scs.carleton.ca/wiki/index.php?title=Talk:COMP_3000_Essay_1_2010_Question_1&diff=2706Talk:COMP 3000 Essay 1 2010 Question 12010-10-09T20:56:18Z<p>Asoknack: /* Virtual Machine */</p>
<hr />
<div>== Microkernel == <br />
* Moving kernel functionality into processes contained in user space, e.g. file systems, drivers<br />
* Keep basic functionality in kernel to handle sharing of resources<br />
* Separation allows for manageability and security, corruption in one does not necessarily cause failure in system<br />
<br />
== Virtual Machine ==<br />
* Partitioning or virtualizing resources among OS virtualization running on top of host OS<br />
* Virtualized OS believe running on full machine on its own<br />
<br />
----<br />
System Level Virtualization<br />
''' VMM '''<br />
* stands for Virtual Machine Monitor, also known as the hypervisor[4]<br />
* responsible for virtualization of hardware and the VM that run on top of the virtualized hardware [4]<br />
* usualy a small os with no drivers , so it is coupled with a linux distro that provides device / hardware acces [4]<br />
''' VM '''<br />
<br />
*two approaches<br />
*Type I virtualization<br />
** run's off the physical hardware [4]<br />
** Xen [4]<br />
*Type II virtualization<br />
** run off the host Os [4]<br />
** VMware , QEMU [4]<br />
<br />
== Exokernel ==<br />
* Microkernel architecture with limited abstractions, ask for resource, get resource not resource abstraction<br />
* Less functionality provided by kernel, security and handling of resource sharing<br />
* Once application receives resource, it can use it as it wishes/in control<br />
* Keep the basic kernel to handle allocating resources and sharing rather than developing straight to the hardware<br />
* multiplex resources securly providing protection to mutualy distrustfull application threw the use of secure binding's<br />
<br />
----<br />
<br />
* Goal of the exokernel is to give LibOS maximum freedom with out allowing them to interfere with each other. to do this the exokernel seperates protection from managment in doing this it provide 3 important tasks[1]<br />
** tracking ownership of resources [1]<br />
** ensuring protection by guarding all resource usage and binding points (not to shure what binding points are)[1]<br />
** revoking acces to the resources [1]<br />
* LibrayOS (LibOs)<br />
** Reduces the numbrt of kernel crossings[1]<br />
** Not trusted by the exokernel so can be trusted by the application , Example given is a bad pramater passed to the LibOs only the application is affected.[1] (So LibOs cant interact with kernel ???)<br />
** Any application running on the Exokernel can change the LibrayOs freely [1]<br />
** Application that use LibOS that implement standard interfaces (POSIX) will be portable on any system with the same interface [1]<br />
** LibOs can be made portable if it is desgined to interact with a low-level machine independant level to hide hardware details [1]<br />
<br />
=== Exokernel Design ===<br />
==== Design Principles ====<br />
*Securely Expose Hardware [1]<br />
** an Exokernel tries to creat low level primatives that the hardware resources can be accesse from, this allso includes interrupt's,exceptions [1]<br />
** the exokernel also export priviledged instructions to the LibOS so that traditional OS abstractions can be implemented (eg Process , address pace)[1]<br />
** Exokernels should avoid resource managment except when required protection ( allocation , revocation , ownership)[1]<br />
** application based resource managment is the best way to build fexible efficient flexible systems [1]<br />
*Expose allocation[1]<br />
** allow LibOs to request physical resources [1]<br />
** resource allocation should not be automatic, the LibOS should participate in every single allocation decision [1]<br />
*Expose Names[1]<br />
** Use physical name's when ever possible[3] (not to shure what physical names are, i think it is as simple as what the hardware is called)--[[User:Asoknack|Asoknack]] 20:27, 9 October 2010 (UTC)<br />
** Physical names capture usefull information [3]<br />
*** safer than and less resource intesive than vitual names as no translations are needed[3]<br />
*Expose Revocation [1]<br />
** use visible revocation protocol [1]<br />
** allows well behaved LibOS to preform application level resource managment [1]<br />
** Visible revocation allows the LibOS to choose what instance of the resource to release[1](Visible means that when revocation happen's the exokernel tell the LibOS that resource is being revoked)<br />
''' Policy '''<br />
* LibOS handle resource policy decisions<br />
* Exokernels have a policy to decided between competeing LibOS (Priority , share of resources)<br />
** it enforces this threw allocation and deallocation (every thing can achived threw this even what block to write and such)<br />
<br />
==== Secure Bindings ====<br />
* Used by the exokernel to allow the LibOS to bind to resources [1]<br />
* Allow's the seperation of protection and resource use [1]<br />
* only checks authorization durning bind time [1]<br />
** Application's with complex need's for resources only authorized durining bind.[1]<br />
* acces checking is done during acces time and there is no need to understand complex accese need's during acces[1]<br />
** (this mean's that the exokernel check's once to make shure an application has authorization once approved, when the application tries to use the resource the exokernel is only concerned about policy conflict's)--[[User:Asoknack|Asoknack]] 18:20, 9 October 2010 (UTC)<br />
** alow's the kernel to protect the resources with out understanding what the resource is [1]<br />
*three way's to implement<br />
* Hardware Mechanisms [1]<br />
* Software caching [1]<br />
* Downloading application code [1]<br />
''' Downloading Code to the Kernel '''<br />
* used to implement secure bindings , and improve preformance[1]<br />
** eleminate the number of kernel crossings [1]<br />
** downloaded code can be run with out the application to be schedualed [2]<br />
==== Visible Resource Revocation ====<br />
* Used for most resources [1]<br />
** allow's for LibOS to help with deallocation [1]<br />
** LibOS are able to garnner what resources are scare [1]<br />
* Slower than Invisible as application involment is required [1]<br />
** ex of when invisible is used is Processor addressing-context identifiers [1]<br />
==== Abort Protocol ====<br />
* allow's the exokernel to take resources away from the LibOS [1]<br />
* used when the LibOS fail's to respond to the revocation request [1]<br />
* Exokernel must be careful not to delete as the LibOS might need to write some system critical data to the resource [1]<br />
<br />
== References ==<br />
[1]<nowiki> Engler, D. R., Kaashoek, M. F., and O'Toole, J. 1995. Exokernel: an operating system architecture for application-level resource management. In Proceedings of the Fifteenth ACM Symposium on Operating Systems Principles (Copper Mountain, Colorado, United States, December 03 - 06, 1995). M. B. Jones, Ed. SOSP '95. ACM, New York, NY, 251-266. DOI= http://doi.acm.org/10.1145/224056.224076 </nowiki><br />
<br />
[2]<nowiki>Engler, Dawson R. "The Exokernel Operating System Architecture." Diss. Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 1998. Web. 9 Oct. 2010. <http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.61.5054&rep=rep1&type=pdf>.</nowiki><br />
<br />
[3]<nowiki>Kaashoek, M. F., Engler, D. R., Ganger, G. R., Briceño, H. M., Hunt, R., Mazières, D., Pinckney, T., Grimm, R., Jannotti, J., and Mackenzie, K. 1997. Application performance and flexibility on exokernel systems. In Proceedings of the Sixteenth ACM Symposium on Operating Systems Principles (Saint Malo, France, October 05 - 08, 1997). W. M. Waite, Ed. SOSP '97. ACM, New York, NY, 52-65. DOI= http://doi.acm.org/10.1145/268998.266644 </nowiki><br />
<br />
[4]<nowiki>Vallee, G.; Naughton, T.; Engelmann, C.; Hong Ong; Scott, S.L.; , "System-Level Virtualization for High Performance Computing," Parallel, Distributed and Network-Based Processing, 2008. PDP 2008. 16th Euromicro Conference on , vol., no., pp.636-643, 13-15 Feb. 2008<br />
DOI= http://doi.acm.org/10.1109/PDP.2008.85 </nowiki><br />
<br />
== Unsorted ==<br />
Exokernel-<br />
Minimalistic abstractions for developers<br />
Exokernels can be seen as a good compromise between virtual machines and microkernels in the sense that exokernels can give that low level access to developers similar to direct access through a protected layer and at the same time can contain enough hardware abstraction to allow similar benefit of hiding the hardware resources to application programs.<br />
Exokernel – fewest hardware abstractions to developer<br />
Microkernel - is the near-minimum amount of software that can provide the mechanisms needed to implement an operating system<br />
Virtual machine is a simulation of any or devices requested by an application program<br />
Exokenel – I’ve got a sound card<br />
Virtual Machine – I’ve got the sound card you’re looking for, perfect virtual match<br />
Microkernel – I’ve got sound card that plays Khazikstan sound format only<br />
MicroKernel - Very small, very predictable, good for schedualing (QNX is a microkernel - POSIX compatable, benefits of running linux software like modern browsers) <br />
<br />
This is some ideas I've got on this question, please contribute below<br />
-Rovic<br />
<br />
Outlining some main features here as I see them.<br />
<br />
I found that the exokernel was an even lower-level design than the microkernel, closer to the hardware without abstraction. They have the same architecture with the basic functionality contained in the kernel to manage everyone. As the exokernel "gives" the resource to the application it can use the resource in isolation of other applications (until forced to shared) much like VMs receive their resources, either partitioned or virtualized, and execute as if its running on its own machine. There is this similar notion of partitioning the resources among applications/OS and allowing them to take control of what they have. <br />
<br />
I'll locate some references later on. --[[User:Slay|Slay]] 15:00, 7 October 2010 (UTC)<br />
<br />
<br />
Maybe we can have an introduction - paragraph or so on each type - then similarities - differences - and the compromise. I am going to do some research and writing this weekend and I will put some up -- Jslonosky<br />
<br />
btw in my page (i guess you can call it that) i have some resources i have found --[[User:Asoknack|Asoknack]] 15:50, 8 October 2010 (UTC)<br />
- Wow, nice man. I will go ahead and write up the descriptive paragraphs on each kernel and virtual machine if no one minds. --Jslonosky</div>Asoknackhttps://homeostasis.scs.carleton.ca/wiki/index.php?title=Talk:COMP_3000_Essay_1_2010_Question_1&diff=2705Talk:COMP 3000 Essay 1 2010 Question 12010-10-09T20:38:13Z<p>Asoknack: /* Exokernel */</p>
<hr />
<div>== Microkernel == <br />
* Moving kernel functionality into processes contained in user space, e.g. file systems, drivers<br />
* Keep basic functionality in kernel to handle sharing of resources<br />
* Separation allows for manageability and security, corruption in one does not necessarily cause failure in system<br />
<br />
== Virtual Machine ==<br />
* Partitioning or virtualizing resources among OS virtualization running on top of host OS<br />
* Virtualized OS believe running on full machine on its own<br />
<br />
== Exokernel ==<br />
* Microkernel architecture with limited abstractions, ask for resource, get resource not resource abstraction<br />
* Less functionality provided by kernel, security and handling of resource sharing<br />
* Once application receives resource, it can use it as it wishes/in control<br />
* Keep the basic kernel to handle allocating resources and sharing rather than developing straight to the hardware<br />
* multiplex resources securly providing protection to mutualy distrustfull application threw the use of secure binding's<br />
<br />
----<br />
<br />
* Goal of the exokernel is to give LibOS maximum freedom with out allowing them to interfere with each other. to do this the exokernel seperates protection from managment in doing this it provide 3 important tasks[1]<br />
** tracking ownership of resources [1]<br />
** ensuring protection by guarding all resource usage and binding points (not to shure what binding points are)[1]<br />
** revoking acces to the resources [1]<br />
* LibrayOS (LibOs)<br />
** Reduces the numbrt of kernel crossings[1]<br />
** Not trusted by the exokernel so can be trusted by the application , Example given is a bad pramater passed to the LibOs only the application is affected.[1] (So LibOs cant interact with kernel ???)<br />
** Any application running on the Exokernel can change the LibrayOs freely [1]<br />
** Application that use LibOS that implement standard interfaces (POSIX) will be portable on any system with the same interface [1]<br />
** LibOs can be made portable if it is desgined to interact with a low-level machine independant level to hide hardware details [1]<br />
<br />
=== Exokernel Design ===<br />
==== Design Principles ====<br />
*Securely Expose Hardware [1]<br />
** an Exokernel tries to creat low level primatives that the hardware resources can be accesse from, this allso includes interrupt's,exceptions [1]<br />
** the exokernel also export priviledged instructions to the LibOS so that traditional OS abstractions can be implemented (eg Process , address pace)[1]<br />
** Exokernels should avoid resource managment except when required protection ( allocation , revocation , ownership)[1]<br />
** application based resource managment is the best way to build fexible efficient flexible systems [1]<br />
*Expose allocation[1]<br />
** allow LibOs to request physical resources [1]<br />
** resource allocation should not be automatic, the LibOS should participate in every single allocation decision [1]<br />
*Expose Names[1]<br />
** Use physical name's when ever possible[3] (not to shure what physical names are, i think it is as simple as what the hardware is called)--[[User:Asoknack|Asoknack]] 20:27, 9 October 2010 (UTC)<br />
** Physical names capture usefull information [3]<br />
*** safer than and less resource intesive than vitual names as no translations are needed[3]<br />
*Expose Revocation [1]<br />
** use visible revocation protocol [1]<br />
** allows well behaved LibOS to preform application level resource managment [1]<br />
** Visible revocation allows the LibOS to choose what instance of the resource to release[1](Visible means that when revocation happen's the exokernel tell the LibOS that resource is being revoked)<br />
''' Policy '''<br />
* LibOS handle resource policy decisions<br />
* Exokernels have a policy to decided between competeing LibOS (Priority , share of resources)<br />
** it enforces this threw allocation and deallocation (every thing can achived threw this even what block to write and such)<br />
<br />
==== Secure Bindings ====<br />
* Used by the exokernel to allow the LibOS to bind to resources [1]<br />
* Allow's the seperation of protection and resource use [1]<br />
* only checks authorization durning bind time [1]<br />
** Application's with complex need's for resources only authorized durining bind.[1]<br />
* acces checking is done during acces time and there is no need to understand complex accese need's during acces[1]<br />
** (this mean's that the exokernel check's once to make shure an application has authorization once approved, when the application tries to use the resource the exokernel is only concerned about policy conflict's)--[[User:Asoknack|Asoknack]] 18:20, 9 October 2010 (UTC)<br />
** alow's the kernel to protect the resources with out understanding what the resource is [1]<br />
*three way's to implement<br />
* Hardware Mechanisms [1]<br />
* Software caching [1]<br />
* Downloading application code [1]<br />
''' Downloading Code to the Kernel '''<br />
* used to implement secure bindings , and improve preformance[1]<br />
** eleminate the number of kernel crossings [1]<br />
** downloaded code can be run with out the application to be schedualed [2]<br />
==== Visible Resource Revocation ====<br />
* Used for most resources [1]<br />
** allow's for LibOS to help with deallocation [1]<br />
** LibOS are able to garnner what resources are scare [1]<br />
* Slower than Invisible as application involment is required [1]<br />
** ex of when invisible is used is Processor addressing-context identifiers [1]<br />
==== Abort Protocol ====<br />
* allow's the exokernel to take resources away from the LibOS [1]<br />
* used when the LibOS fail's to respond to the revocation request [1]<br />
* Exokernel must be careful not to delete as the LibOS might need to write some system critical data to the resource [1]<br />
<br />
== References ==<br />
[1]<nowiki> Engler, D. R., Kaashoek, M. F., and O'Toole, J. 1995. Exokernel: an operating system architecture for application-level resource management. In Proceedings of the Fifteenth ACM Symposium on Operating Systems Principles (Copper Mountain, Colorado, United States, December 03 - 06, 1995). M. B. Jones, Ed. SOSP '95. ACM, New York, NY, 251-266. DOI= http://doi.acm.org/10.1145/224056.224076 </nowiki><br />
<br />
[2]<nowiki>Engler, Dawson R. "The Exokernel Operating System Architecture." Diss. Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 1998. Web. 9 Oct. 2010. <http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.61.5054&rep=rep1&type=pdf>.</nowiki><br />
<br />
[3]<nowiki>Kaashoek, M. F., Engler, D. R., Ganger, G. R., Briceño, H. M., Hunt, R., Mazières, D., Pinckney, T., Grimm, R., Jannotti, J., and Mackenzie, K. 1997. Application performance and flexibility on exokernel systems. In Proceedings of the Sixteenth ACM Symposium on Operating Systems Principles (Saint Malo, France, October 05 - 08, 1997). W. M. Waite, Ed. SOSP '97. ACM, New York, NY, 52-65. DOI= http://doi.acm.org/10.1145/268998.266644 </nowiki><br />
<br />
[4]<nowiki>Vallee, G.; Naughton, T.; Engelmann, C.; Hong Ong; Scott, S.L.; , "System-Level Virtualization for High Performance Computing," Parallel, Distributed and Network-Based Processing, 2008. PDP 2008. 16th Euromicro Conference on , vol., no., pp.636-643, 13-15 Feb. 2008<br />
DOI= http://doi.acm.org/10.1109/PDP.2008.85 </nowiki><br />
<br />
== Unsorted ==<br />
Exokernel-<br />
Minimalistic abstractions for developers<br />
Exokernels can be seen as a good compromise between virtual machines and microkernels in the sense that exokernels can give that low level access to developers similar to direct access through a protected layer and at the same time can contain enough hardware abstraction to allow similar benefit of hiding the hardware resources to application programs.<br />
Exokernel – fewest hardware abstractions to developer<br />
Microkernel - is the near-minimum amount of software that can provide the mechanisms needed to implement an operating system<br />
Virtual machine is a simulation of any or devices requested by an application program<br />
Exokenel – I’ve got a sound card<br />
Virtual Machine – I’ve got the sound card you’re looking for, perfect virtual match<br />
Microkernel – I’ve got sound card that plays Khazikstan sound format only<br />
MicroKernel - Very small, very predictable, good for schedualing (QNX is a microkernel - POSIX compatable, benefits of running linux software like modern browsers) <br />
<br />
This is some ideas I've got on this question, please contribute below<br />
-Rovic<br />
<br />
Outlining some main features here as I see them.<br />
<br />
I found that the exokernel was an even lower-level design than the microkernel, closer to the hardware without abstraction. They have the same architecture with the basic functionality contained in the kernel to manage everyone. As the exokernel "gives" the resource to the application it can use the resource in isolation of other applications (until forced to shared) much like VMs receive their resources, either partitioned or virtualized, and execute as if its running on its own machine. There is this similar notion of partitioning the resources among applications/OS and allowing them to take control of what they have. <br />
<br />
I'll locate some references later on. --[[User:Slay|Slay]] 15:00, 7 October 2010 (UTC)<br />
<br />
<br />
Maybe we can have an introduction - paragraph or so on each type - then similarities - differences - and the compromise. I am going to do some research and writing this weekend and I will put some up -- Jslonosky<br />
<br />
btw in my page (i guess you can call it that) i have some resources i have found --[[User:Asoknack|Asoknack]] 15:50, 8 October 2010 (UTC)<br />
- Wow, nice man. I will go ahead and write up the descriptive paragraphs on each kernel and virtual machine if no one minds. --Jslonosky</div>Asoknackhttps://homeostasis.scs.carleton.ca/wiki/index.php?title=Talk:COMP_3000_Essay_1_2010_Question_1&diff=2704Talk:COMP 3000 Essay 1 2010 Question 12010-10-09T20:36:29Z<p>Asoknack: /* References */</p>
<hr />
<div>== Microkernel == <br />
* Moving kernel functionality into processes contained in user space, e.g. file systems, drivers<br />
* Keep basic functionality in kernel to handle sharing of resources<br />
* Separation allows for manageability and security, corruption in one does not necessarily cause failure in system<br />
<br />
== Virtual Machine ==<br />
* Partitioning or virtualizing resources among OS virtualization running on top of host OS<br />
* Virtualized OS believe running on full machine on its own<br />
<br />
== Exokernel ==<br />
* Microkernel architecture with limited abstractions, ask for resource, get resource not resource abstraction<br />
* Less functionality provided by kernel, security and handling of resource sharing<br />
* Once application receives resource, it can use it as it wishes/in control<br />
* Keep the basic kernel to handle allocating resources and sharing rather than developing straight to the hardware<br />
* multiplex resources securly providing protection to mutualy distrustfull application threw the use of secure binding's<br />
* Goal of the exokernel is to give LibOS maximum freedom with out allowing them to interfere with each other. to do this the exokernel seperates protection from managment in doing this it provide 3 important tasks[1]<br />
** tracking ownership of resources [1]<br />
** ensuring protection by guarding all resource usage and binding points (not to shure what binding points are)[1]<br />
** revoking acces to the resources [1]<br />
* LibrayOS (LibOs)<br />
** Reduces the numbrt of kernel crossings[1]<br />
** Not trusted by the exokernel so can be trusted by the application , Example given is a bad pramater passed to the LibOs only the application is affected.[1] (So LibOs cant interact with kernel ???)<br />
** Any application running on the Exokernel can change the LibrayOs freely [1]<br />
** Application that use LibOS that implement standard interfaces (POSIX) will be portable on any system with the same interface [1]<br />
** LibOs can be made portable if it is desgined to interact with a low-level machine independant level to hide hardware details [1]<br />
<br />
=== Exokernel Design ===<br />
==== Design Principles ====<br />
*Securely Expose Hardware [1]<br />
** an Exokernel tries to creat low level primatives that the hardware resources can be accesse from, this allso includes interrupt's,exceptions [1]<br />
** the exokernel also export priviledged instructions to the LibOS so that traditional OS abstractions can be implemented (eg Process , address pace)[1]<br />
** Exokernels should avoid resource managment except when required protection ( allocation , revocation , ownership)[1]<br />
** application based resource managment is the best way to build fexible efficient flexible systems [1]<br />
*Expose allocation[1]<br />
** allow LibOs to request physical resources [1]<br />
** resource allocation should not be automatic, the LibOS should participate in every single allocation decision [1]<br />
*Expose Names[1]<br />
** Use physical name's when ever possible[3] (not to shure what physical names are, i think it is as simple as what the hardware is called)--[[User:Asoknack|Asoknack]] 20:27, 9 October 2010 (UTC)<br />
** Physical names capture usefull information [3]<br />
*** safer than and less resource intesive than vitual names as no translations are needed[3]<br />
*Expose Revocation [1]<br />
** use visible revocation protocol [1]<br />
** allows well behaved LibOS to preform application level resource managment [1]<br />
** Visible revocation allows the LibOS to choose what instance of the resource to release[1](Visible means that when revocation happen's the exokernel tell the LibOS that resource is being revoked)<br />
''' Policy '''<br />
* LibOS handle resource policy decisions<br />
* Exokernels have a policy to decided between competeing LibOS (Priority , share of resources)<br />
** it enforces this threw allocation and deallocation (every thing can achived threw this even what block to write and such)<br />
<br />
==== Secure Bindings ====<br />
* Used by the exokernel to allow the LibOS to bind to resources [1]<br />
* Allow's the seperation of protection and resource use [1]<br />
* only checks authorization durning bind time [1]<br />
** Application's with complex need's for resources only authorized durining bind.[1]<br />
* acces checking is done during acces time and there is no need to understand complex accese need's during acces[1]<br />
** (this mean's that the exokernel check's once to make shure an application has authorization once approved, when the application tries to use the resource the exokernel is only concerned about policy conflict's)--[[User:Asoknack|Asoknack]] 18:20, 9 October 2010 (UTC)<br />
** alow's the kernel to protect the resources with out understanding what the resource is [1]<br />
*three way's to implement<br />
* Hardware Mechanisms [1]<br />
* Software caching [1]<br />
* Downloading application code [1]<br />
''' Downloading Code to the Kernel '''<br />
* used to implement secure bindings , and improve preformance[1]<br />
** eleminate the number of kernel crossings [1]<br />
** downloaded code can be run with out the application to be schedualed [2]<br />
==== Visible Resource Revocation ====<br />
* Used for most resources [1]<br />
** allow's for LibOS to help with deallocation [1]<br />
** LibOS are able to garnner what resources are scare [1]<br />
* Slower than Invisible as application involment is required [1]<br />
** ex of when invisible is used is Processor addressing-context identifiers [1]<br />
==== Abort Protocol ====<br />
* allow's the exokernel to take resources away from the LibOS [1]<br />
* used when the LibOS fail's to respond to the revocation request [1]<br />
* Exokernel must be careful not to delete as the LibOS might need to write some system critical data to the resource [1]<br />
<br />
== References ==<br />
[1]<nowiki> Engler, D. R., Kaashoek, M. F., and O'Toole, J. 1995. Exokernel: an operating system architecture for application-level resource management. In Proceedings of the Fifteenth ACM Symposium on Operating Systems Principles (Copper Mountain, Colorado, United States, December 03 - 06, 1995). M. B. Jones, Ed. SOSP '95. ACM, New York, NY, 251-266. DOI= http://doi.acm.org/10.1145/224056.224076 </nowiki><br />
<br />
[2]<nowiki>Engler, Dawson R. "The Exokernel Operating System Architecture." Diss. Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 1998. Web. 9 Oct. 2010. <http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.61.5054&rep=rep1&type=pdf>.</nowiki><br />
<br />
[3]<nowiki>Kaashoek, M. F., Engler, D. R., Ganger, G. R., Briceño, H. M., Hunt, R., Mazières, D., Pinckney, T., Grimm, R., Jannotti, J., and Mackenzie, K. 1997. Application performance and flexibility on exokernel systems. In Proceedings of the Sixteenth ACM Symposium on Operating Systems Principles (Saint Malo, France, October 05 - 08, 1997). W. M. Waite, Ed. SOSP '97. ACM, New York, NY, 52-65. DOI= http://doi.acm.org/10.1145/268998.266644 </nowiki><br />
<br />
[4]<nowiki>Vallee, G.; Naughton, T.; Engelmann, C.; Hong Ong; Scott, S.L.; , "System-Level Virtualization for High Performance Computing," Parallel, Distributed and Network-Based Processing, 2008. PDP 2008. 16th Euromicro Conference on , vol., no., pp.636-643, 13-15 Feb. 2008<br />
DOI= http://doi.acm.org/10.1109/PDP.2008.85 </nowiki><br />
<br />
== Unsorted ==<br />
Exokernel-<br />
Minimalistic abstractions for developers<br />
Exokernels can be seen as a good compromise between virtual machines and microkernels in the sense that exokernels can give that low level access to developers similar to direct access through a protected layer and at the same time can contain enough hardware abstraction to allow similar benefit of hiding the hardware resources to application programs.<br />
Exokernel – fewest hardware abstractions to developer<br />
Microkernel - is the near-minimum amount of software that can provide the mechanisms needed to implement an operating system<br />
Virtual machine is a simulation of any or devices requested by an application program<br />
Exokenel – I’ve got a sound card<br />
Virtual Machine – I’ve got the sound card you’re looking for, perfect virtual match<br />
Microkernel – I’ve got sound card that plays Khazikstan sound format only<br />
MicroKernel - Very small, very predictable, good for schedualing (QNX is a microkernel - POSIX compatable, benefits of running linux software like modern browsers) <br />
<br />
This is some ideas I've got on this question, please contribute below<br />
-Rovic<br />
<br />
Outlining some main features here as I see them.<br />
<br />
I found that the exokernel was an even lower-level design than the microkernel, closer to the hardware without abstraction. They have the same architecture with the basic functionality contained in the kernel to manage everyone. As the exokernel "gives" the resource to the application it can use the resource in isolation of other applications (until forced to shared) much like VMs receive their resources, either partitioned or virtualized, and execute as if its running on its own machine. There is this similar notion of partitioning the resources among applications/OS and allowing them to take control of what they have. <br />
<br />
I'll locate some references later on. --[[User:Slay|Slay]] 15:00, 7 October 2010 (UTC)<br />
<br />
<br />
Maybe we can have an introduction - paragraph or so on each type - then similarities - differences - and the compromise. I am going to do some research and writing this weekend and I will put some up -- Jslonosky<br />
<br />
btw in my page (i guess you can call it that) i have some resources i have found --[[User:Asoknack|Asoknack]] 15:50, 8 October 2010 (UTC)<br />
- Wow, nice man. I will go ahead and write up the descriptive paragraphs on each kernel and virtual machine if no one minds. --Jslonosky</div>Asoknackhttps://homeostasis.scs.carleton.ca/wiki/index.php?title=Talk:COMP_3000_Essay_1_2010_Question_1&diff=2703Talk:COMP 3000 Essay 1 2010 Question 12010-10-09T20:27:39Z<p>Asoknack: /* Exokernel */</p>
<hr />
<div>== Microkernel == <br />
* Moving kernel functionality into processes contained in user space, e.g. file systems, drivers<br />
* Keep basic functionality in kernel to handle sharing of resources<br />
* Separation allows for manageability and security, corruption in one does not necessarily cause failure in system<br />
<br />
== Virtual Machine ==<br />
* Partitioning or virtualizing resources among OS virtualization running on top of host OS<br />
* Virtualized OS believe running on full machine on its own<br />
<br />
== Exokernel ==<br />
* Microkernel architecture with limited abstractions, ask for resource, get resource not resource abstraction<br />
* Less functionality provided by kernel, security and handling of resource sharing<br />
* Once application receives resource, it can use it as it wishes/in control<br />
* Keep the basic kernel to handle allocating resources and sharing rather than developing straight to the hardware<br />
* multiplex resources securly providing protection to mutualy distrustfull application threw the use of secure binding's<br />
* Goal of the exokernel is to give LibOS maximum freedom with out allowing them to interfere with each other. to do this the exokernel seperates protection from managment in doing this it provide 3 important tasks[1]<br />
** tracking ownership of resources [1]<br />
** ensuring protection by guarding all resource usage and binding points (not to shure what binding points are)[1]<br />
** revoking acces to the resources [1]<br />
* LibrayOS (LibOs)<br />
** Reduces the numbrt of kernel crossings[1]<br />
** Not trusted by the exokernel so can be trusted by the application , Example given is a bad pramater passed to the LibOs only the application is affected.[1] (So LibOs cant interact with kernel ???)<br />
** Any application running on the Exokernel can change the LibrayOs freely [1]<br />
** Application that use LibOS that implement standard interfaces (POSIX) will be portable on any system with the same interface [1]<br />
** LibOs can be made portable if it is desgined to interact with a low-level machine independant level to hide hardware details [1]<br />
<br />
=== Exokernel Design ===<br />
==== Design Principles ====<br />
*Securely Expose Hardware [1]<br />
** an Exokernel tries to creat low level primatives that the hardware resources can be accesse from, this allso includes interrupt's,exceptions [1]<br />
** the exokernel also export priviledged instructions to the LibOS so that traditional OS abstractions can be implemented (eg Process , address pace)[1]<br />
** Exokernels should avoid resource managment except when required protection ( allocation , revocation , ownership)[1]<br />
** application based resource managment is the best way to build fexible efficient flexible systems [1]<br />
*Expose allocation[1]<br />
** allow LibOs to request physical resources [1]<br />
** resource allocation should not be automatic, the LibOS should participate in every single allocation decision [1]<br />
*Expose Names[1]<br />
** Use physical name's when ever possible[3] (not to shure what physical names are, i think it is as simple as what the hardware is called)--[[User:Asoknack|Asoknack]] 20:27, 9 October 2010 (UTC)<br />
** Physical names capture usefull information [3]<br />
*** safer than and less resource intesive than vitual names as no translations are needed[3]<br />
*Expose Revocation [1]<br />
** use visible revocation protocol [1]<br />
** allows well behaved LibOS to preform application level resource managment [1]<br />
** Visible revocation allows the LibOS to choose what instance of the resource to release[1](Visible means that when revocation happen's the exokernel tell the LibOS that resource is being revoked)<br />
''' Policy '''<br />
* LibOS handle resource policy decisions<br />
* Exokernels have a policy to decided between competeing LibOS (Priority , share of resources)<br />
** it enforces this threw allocation and deallocation (every thing can achived threw this even what block to write and such)<br />
<br />
==== Secure Bindings ====<br />
* Used by the exokernel to allow the LibOS to bind to resources [1]<br />
* Allow's the seperation of protection and resource use [1]<br />
* only checks authorization durning bind time [1]<br />
** Application's with complex need's for resources only authorized durining bind.[1]<br />
* acces checking is done during acces time and there is no need to understand complex accese need's during acces[1]<br />
** (this mean's that the exokernel check's once to make shure an application has authorization once approved, when the application tries to use the resource the exokernel is only concerned about policy conflict's)--[[User:Asoknack|Asoknack]] 18:20, 9 October 2010 (UTC)<br />
** alow's the kernel to protect the resources with out understanding what the resource is [1]<br />
*three way's to implement<br />
* Hardware Mechanisms [1]<br />
* Software caching [1]<br />
* Downloading application code [1]<br />
''' Downloading Code to the Kernel '''<br />
* used to implement secure bindings , and improve preformance[1]<br />
** eleminate the number of kernel crossings [1]<br />
** downloaded code can be run with out the application to be schedualed [2]<br />
==== Visible Resource Revocation ====<br />
* Used for most resources [1]<br />
** allow's for LibOS to help with deallocation [1]<br />
** LibOS are able to garnner what resources are scare [1]<br />
* Slower than Invisible as application involment is required [1]<br />
** ex of when invisible is used is Processor addressing-context identifiers [1]<br />
==== Abort Protocol ====<br />
* allow's the exokernel to take resources away from the LibOS [1]<br />
* used when the LibOS fail's to respond to the revocation request [1]<br />
* Exokernel must be careful not to delete as the LibOS might need to write some system critical data to the resource [1]<br />
<br />
== References ==<br />
[1]<nowiki> Engler, D. R., Kaashoek, M. F., and O'Toole, J. 1995. Exokernel: an operating system architecture for application-level resource management. In Proceedings of the Fifteenth ACM Symposium on Operating Systems Principles (Copper Mountain, Colorado, United States, December 03 - 06, 1995). M. B. Jones, Ed. SOSP '95. ACM, New York, NY, 251-266. DOI= http://doi.acm.org/10.1145/224056.224076 </nowiki><br />
<br />
[2]<nowiki>Engler, Dawson R. "The Exokernel Operating System Architecture." Diss. Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 1998. Web. 9 Oct. 2010. <http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.61.5054&rep=rep1&type=pdf>.</nowiki><br />
<br />
[3]<nowiki>Kaashoek, M. F., Engler, D. R., Ganger, G. R., Briceño, H. M., Hunt, R., Mazières, D., Pinckney, T., Grimm, R., Jannotti, J., and Mackenzie, K. 1997. Application performance and flexibility on exokernel systems. In Proceedings of the Sixteenth ACM Symposium on Operating Systems Principles (Saint Malo, France, October 05 - 08, 1997). W. M. Waite, Ed. SOSP '97. ACM, New York, NY, 52-65. DOI= http://doi.acm.org/10.1145/268998.266644 </nowiki><br />
<br />
== Unsorted ==<br />
Exokernel-<br />
Minimalistic abstractions for developers<br />
Exokernels can be seen as a good compromise between virtual machines and microkernels in the sense that exokernels can give that low level access to developers similar to direct access through a protected layer and at the same time can contain enough hardware abstraction to allow similar benefit of hiding the hardware resources to application programs.<br />
Exokernel – fewest hardware abstractions to developer<br />
Microkernel - is the near-minimum amount of software that can provide the mechanisms needed to implement an operating system<br />
Virtual machine is a simulation of any or devices requested by an application program<br />
Exokenel – I’ve got a sound card<br />
Virtual Machine – I’ve got the sound card you’re looking for, perfect virtual match<br />
Microkernel – I’ve got sound card that plays Khazikstan sound format only<br />
MicroKernel - Very small, very predictable, good for schedualing (QNX is a microkernel - POSIX compatable, benefits of running linux software like modern browsers) <br />
<br />
This is some ideas I've got on this question, please contribute below<br />
-Rovic<br />
<br />
Outlining some main features here as I see them.<br />
<br />
I found that the exokernel was an even lower-level design than the microkernel, closer to the hardware without abstraction. They have the same architecture with the basic functionality contained in the kernel to manage everyone. As the exokernel "gives" the resource to the application it can use the resource in isolation of other applications (until forced to shared) much like VMs receive their resources, either partitioned or virtualized, and execute as if its running on its own machine. There is this similar notion of partitioning the resources among applications/OS and allowing them to take control of what they have. <br />
<br />
I'll locate some references later on. --[[User:Slay|Slay]] 15:00, 7 October 2010 (UTC)<br />
<br />
<br />
Maybe we can have an introduction - paragraph or so on each type - then similarities - differences - and the compromise. I am going to do some research and writing this weekend and I will put some up -- Jslonosky<br />
<br />
btw in my page (i guess you can call it that) i have some resources i have found --[[User:Asoknack|Asoknack]] 15:50, 8 October 2010 (UTC)<br />
- Wow, nice man. I will go ahead and write up the descriptive paragraphs on each kernel and virtual machine if no one minds. --Jslonosky</div>Asoknackhttps://homeostasis.scs.carleton.ca/wiki/index.php?title=Talk:COMP_3000_Essay_1_2010_Question_1&diff=2702Talk:COMP 3000 Essay 1 2010 Question 12010-10-09T20:18:03Z<p>Asoknack: /* References */</p>
<hr />
<div>== Microkernel == <br />
* Moving kernel functionality into processes contained in user space, e.g. file systems, drivers<br />
* Keep basic functionality in kernel to handle sharing of resources<br />
* Separation allows for manageability and security, corruption in one does not necessarily cause failure in system<br />
<br />
== Virtual Machine ==<br />
* Partitioning or virtualizing resources among OS virtualization running on top of host OS<br />
* Virtualized OS believe running on full machine on its own<br />
<br />
== Exokernel ==<br />
* Microkernel architecture with limited abstractions, ask for resource, get resource not resource abstraction<br />
* Less functionality provided by kernel, security and handling of resource sharing<br />
* Once application receives resource, it can use it as it wishes/in control<br />
* Keep the basic kernel to handle allocating resources and sharing rather than developing straight to the hardware<br />
* multiplex resources securly providing protection to mutualy distrustfull application threw the use of secure binding's<br />
* Goal of the exokernel is to give LibOS maximum freedom with out allowing them to interfere with each other. to do this the exokernel seperates protection from managment in doing this it provide 3 important tasks[1]<br />
** tracking ownership of resources [1]<br />
** ensuring protection by guarding all resource usage and binding points (not to shure what binding points are)[1]<br />
** revoking acces to the resources [1]<br />
* LibrayOS (LibOs)<br />
** Reduces the numbrt of kernel crossings[1]<br />
** Not trusted by the exokernel so can be trusted by the application , Example given is a bad pramater passed to the LibOs only the application is affected.[1] (So LibOs cant interact with kernel ???)<br />
** Any application running on the Exokernel can change the LibrayOs freely [1]<br />
** Application that use LibOS that implement standard interfaces (POSIX) will be portable on any system with the same interface [1]<br />
** LibOs can be made portable if it is desgined to interact with a low-level machine independant level to hide hardware details [1]<br />
<br />
=== Exokernel Design ===<br />
==== Design Principles ====<br />
*Securely Expose Hardware [1]<br />
** an Exokernel tries to creat low level primatives that the hardware resources can be accesse from, this allso includes interrupt's,exceptions [1]<br />
** the exokernel also export priviledged instructions to the LibOS so that traditional OS abstractions can be implemented (eg Process , address pace)[1]<br />
** Exokernels should avoid resource managment except when required protection ( allocation , revocation , ownership)[1]<br />
** application based resource managment is the best way to build fexible efficient flexible systems [1]<br />
*Expose allocation[1]<br />
** allow LibOs to request physical resources [1]<br />
** resource allocation should not be automatic, the LibOS should participate in every single allocation decision [1]<br />
*Expose Names[1]<br />
<pre><br />
An exokernel should export physical names.<br />
Physical names are efficient, since they remove a level of indirection<br />
otherwise required to translate between virtual and physical names.<br />
Physical names also encode useful resource attributes. For example,<br />
in a system with physically-indexed direct-mapped caches, the name<br />
of a physical page (i. e., its page number) determines which pages<br />
it conflicts with. Additionally, an exokemel should export bookkeeping<br />
data structures such as freelists, disk arm positions, and<br />
cached TLB entries so that applications can tailor their allocation<br />
requests to available resources,<br />
</pre> (copy and pasted from [1]) any one under stand what this mean's ? --[[User:Asoknack|Asoknack]] 03:35, 9 October 2010 (UTC)<br />
*Expose Revocation [1]<br />
** use visible revocation protocol [1]<br />
** allows well behaved LibOS to preform application level resource managment [1]<br />
** Visible revocation allows the LibOS to choose what instance of the resource to release[1](Visible means that when revocation happen's the exokernel tell the LibOS that resource is being revoked)<br />
''' Policy '''<br />
* LibOS handle resource policy decisions<br />
* Exokernels have a policy to decided between competeing LibOS (Priority , share of resources)<br />
** it enforces this threw allocation and deallocation (every thing can achived threw this even what block to write and such)<br />
<br />
==== Secure Bindings ====<br />
* Used by the exokernel to allow the LibOS to bind to resources [1]<br />
* Allow's the seperation of protection and resource use [1]<br />
* only checks authorization durning bind time [1]<br />
** Application's with complex need's for resources only authorized durining bind.[1]<br />
* acces checking is done during acces time and there is no need to understand complex accese need's during acces[1]<br />
** (this mean's that the exokernel check's once to make shure an application has authorization once approved, when the application tries to use the resource the exokernel is only concerned about policy conflict's)--[[User:Asoknack|Asoknack]] 18:20, 9 October 2010 (UTC)<br />
** alow's the kernel to protect the resources with out understanding what the resource is [1]<br />
*three way's to implement<br />
* Hardware Mechanisms [1]<br />
* Software caching [1]<br />
* Downloading application code [1]<br />
''' Downloading Code to the Kernel '''<br />
* used to implement secure bindings , and improve preformance[1]<br />
** eleminate the number of kernel crossings [1]<br />
** downloaded code can be run with out the application to be schedualed [2]<br />
==== Visible Resource Revocation ====<br />
* Used for most resources [1]<br />
** allow's for LibOS to help with deallocation [1]<br />
** LibOS are able to garnner what resources are scare [1]<br />
* Slower than Invisible as application involment is required [1]<br />
** ex of when invisible is used is Processor addressing-context identifiers [1]<br />
==== Abort Protocol ====<br />
* allow's the exokernel to take resources away from the LibOS [1]<br />
* used when the LibOS fail's to respond to the revocation request [1]<br />
* Exokernel must be careful not to delete as the LibOS might need to write some system critical data to the resource [1]<br />
<br />
== References ==<br />
[1]<nowiki> Engler, D. R., Kaashoek, M. F., and O'Toole, J. 1995. Exokernel: an operating system architecture for application-level resource management. In Proceedings of the Fifteenth ACM Symposium on Operating Systems Principles (Copper Mountain, Colorado, United States, December 03 - 06, 1995). M. B. Jones, Ed. SOSP '95. ACM, New York, NY, 251-266. DOI= http://doi.acm.org/10.1145/224056.224076 </nowiki><br />
<br />
[2]<nowiki>Engler, Dawson R. "The Exokernel Operating System Architecture." Diss. Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 1998. Web. 9 Oct. 2010. <http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.61.5054&rep=rep1&type=pdf>.</nowiki><br />
<br />
[3]<nowiki>Kaashoek, M. F., Engler, D. R., Ganger, G. R., Briceño, H. M., Hunt, R., Mazières, D., Pinckney, T., Grimm, R., Jannotti, J., and Mackenzie, K. 1997. Application performance and flexibility on exokernel systems. In Proceedings of the Sixteenth ACM Symposium on Operating Systems Principles (Saint Malo, France, October 05 - 08, 1997). W. M. Waite, Ed. SOSP '97. ACM, New York, NY, 52-65. DOI= http://doi.acm.org/10.1145/268998.266644 </nowiki><br />
<br />
== Unsorted ==<br />
Exokernel-<br />
Minimalistic abstractions for developers<br />
Exokernels can be seen as a good compromise between virtual machines and microkernels in the sense that exokernels can give that low level access to developers similar to direct access through a protected layer and at the same time can contain enough hardware abstraction to allow similar benefit of hiding the hardware resources to application programs.<br />
Exokernel – fewest hardware abstractions to developer<br />
Microkernel - is the near-minimum amount of software that can provide the mechanisms needed to implement an operating system<br />
Virtual machine is a simulation of any or devices requested by an application program<br />
Exokenel – I’ve got a sound card<br />
Virtual Machine – I’ve got the sound card you’re looking for, perfect virtual match<br />
Microkernel – I’ve got sound card that plays Khazikstan sound format only<br />
MicroKernel - Very small, very predictable, good for schedualing (QNX is a microkernel - POSIX compatable, benefits of running linux software like modern browsers) <br />
<br />
This is some ideas I've got on this question, please contribute below<br />
-Rovic<br />
<br />
Outlining some main features here as I see them.<br />
<br />
I found that the exokernel was an even lower-level design than the microkernel, closer to the hardware without abstraction. They have the same architecture with the basic functionality contained in the kernel to manage everyone. As the exokernel "gives" the resource to the application it can use the resource in isolation of other applications (until forced to shared) much like VMs receive their resources, either partitioned or virtualized, and execute as if its running on its own machine. There is this similar notion of partitioning the resources among applications/OS and allowing them to take control of what they have. <br />
<br />
I'll locate some references later on. --[[User:Slay|Slay]] 15:00, 7 October 2010 (UTC)<br />
<br />
<br />
Maybe we can have an introduction - paragraph or so on each type - then similarities - differences - and the compromise. I am going to do some research and writing this weekend and I will put some up -- Jslonosky<br />
<br />
btw in my page (i guess you can call it that) i have some resources i have found --[[User:Asoknack|Asoknack]] 15:50, 8 October 2010 (UTC)<br />
- Wow, nice man. I will go ahead and write up the descriptive paragraphs on each kernel and virtual machine if no one minds. --Jslonosky</div>Asoknackhttps://homeostasis.scs.carleton.ca/wiki/index.php?title=User:Asoknack&diff=2701User:Asoknack2010-10-09T20:09:51Z<p>Asoknack: </p>
<hr />
<div>http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.120.4319&rep=rep1&type=pdf <br><br />
http://portal.acm.org/citation.cfm?id=219284 <br><br />
http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.61.5054&rep=rep1&type=pdf <br><br />
http://portal.acm.org/citation.cfm?id=224076 <br><br />
http://portal.acm.org/citation.cfm?id=268998.266644&coll=GUIDE&dl=GUIDE&CFID=104701711&CFTOKEN=65527198 <br></div>Asoknackhttps://homeostasis.scs.carleton.ca/wiki/index.php?title=Talk:COMP_3000_Essay_1_2010_Question_1&diff=2700Talk:COMP 3000 Essay 1 2010 Question 12010-10-09T20:08:21Z<p>Asoknack: /* Exokernel Design */</p>
<hr />
<div>== Microkernel == <br />
* Moving kernel functionality into processes contained in user space, e.g. file systems, drivers<br />
* Keep basic functionality in kernel to handle sharing of resources<br />
* Separation allows for manageability and security, corruption in one does not necessarily cause failure in system<br />
<br />
== Virtual Machine ==<br />
* Partitioning or virtualizing resources among OS virtualization running on top of host OS<br />
* Virtualized OS believe running on full machine on its own<br />
<br />
== Exokernel ==<br />
* Microkernel architecture with limited abstractions, ask for resource, get resource not resource abstraction<br />
* Less functionality provided by kernel, security and handling of resource sharing<br />
* Once application receives resource, it can use it as it wishes/in control<br />
* Keep the basic kernel to handle allocating resources and sharing rather than developing straight to the hardware<br />
* multiplex resources securly providing protection to mutualy distrustfull application threw the use of secure binding's<br />
* Goal of the exokernel is to give LibOS maximum freedom with out allowing them to interfere with each other. to do this the exokernel seperates protection from managment in doing this it provide 3 important tasks[1]<br />
** tracking ownership of resources [1]<br />
** ensuring protection by guarding all resource usage and binding points (not to shure what binding points are)[1]<br />
** revoking acces to the resources [1]<br />
* LibrayOS (LibOs)<br />
** Reduces the numbrt of kernel crossings[1]<br />
** Not trusted by the exokernel so can be trusted by the application , Example given is a bad pramater passed to the LibOs only the application is affected.[1] (So LibOs cant interact with kernel ???)<br />
** Any application running on the Exokernel can change the LibrayOs freely [1]<br />
** Application that use LibOS that implement standard interfaces (POSIX) will be portable on any system with the same interface [1]<br />
** LibOs can be made portable if it is desgined to interact with a low-level machine independant level to hide hardware details [1]<br />
<br />
=== Exokernel Design ===<br />
==== Design Principles ====<br />
*Securely Expose Hardware [1]<br />
** an Exokernel tries to creat low level primatives that the hardware resources can be accesse from, this allso includes interrupt's,exceptions [1]<br />
** the exokernel also export priviledged instructions to the LibOS so that traditional OS abstractions can be implemented (eg Process , address pace)[1]<br />
** Exokernels should avoid resource managment except when required protection ( allocation , revocation , ownership)[1]<br />
** application based resource managment is the best way to build fexible efficient flexible systems [1]<br />
*Expose allocation[1]<br />
** allow LibOs to request physical resources [1]<br />
** resource allocation should not be automatic, the LibOS should participate in every single allocation decision [1]<br />
*Expose Names[1]<br />
<pre><br />
An exokernel should export physical names.<br />
Physical names are efficient, since they remove a level of indirection<br />
otherwise required to translate between virtual and physical names.<br />
Physical names also encode useful resource attributes. For example,<br />
in a system with physically-indexed direct-mapped caches, the name<br />
of a physical page (i. e., its page number) determines which pages<br />
it conflicts with. Additionally, an exokemel should export bookkeeping<br />
data structures such as freelists, disk arm positions, and<br />
cached TLB entries so that applications can tailor their allocation<br />
requests to available resources,<br />
</pre> (copy and pasted from [1]) any one under stand what this mean's ? --[[User:Asoknack|Asoknack]] 03:35, 9 October 2010 (UTC)<br />
*Expose Revocation [1]<br />
** use visible revocation protocol [1]<br />
** allows well behaved LibOS to preform application level resource managment [1]<br />
** Visible revocation allows the LibOS to choose what instance of the resource to release[1](Visible means that when revocation happen's the exokernel tell the LibOS that resource is being revoked)<br />
''' Policy '''<br />
* LibOS handle resource policy decisions<br />
* Exokernels have a policy to decided between competeing LibOS (Priority , share of resources)<br />
** it enforces this threw allocation and deallocation (every thing can achived threw this even what block to write and such)<br />
<br />
==== Secure Bindings ====<br />
* Used by the exokernel to allow the LibOS to bind to resources [1]<br />
* Allow's the seperation of protection and resource use [1]<br />
* only checks authorization durning bind time [1]<br />
** Application's with complex need's for resources only authorized durining bind.[1]<br />
* acces checking is done during acces time and there is no need to understand complex accese need's during acces[1]<br />
** (this mean's that the exokernel check's once to make shure an application has authorization once approved, when the application tries to use the resource the exokernel is only concerned about policy conflict's)--[[User:Asoknack|Asoknack]] 18:20, 9 October 2010 (UTC)<br />
** alow's the kernel to protect the resources with out understanding what the resource is [1]<br />
*three way's to implement<br />
* Hardware Mechanisms [1]<br />
* Software caching [1]<br />
* Downloading application code [1]<br />
''' Downloading Code to the Kernel '''<br />
* used to implement secure bindings , and improve preformance[1]<br />
** eleminate the number of kernel crossings [1]<br />
** downloaded code can be run with out the application to be schedualed [2]<br />
==== Visible Resource Revocation ====<br />
* Used for most resources [1]<br />
** allow's for LibOS to help with deallocation [1]<br />
** LibOS are able to garnner what resources are scare [1]<br />
* Slower than Invisible as application involment is required [1]<br />
** ex of when invisible is used is Processor addressing-context identifiers [1]<br />
==== Abort Protocol ====<br />
* allow's the exokernel to take resources away from the LibOS [1]<br />
* used when the LibOS fail's to respond to the revocation request [1]<br />
* Exokernel must be careful not to delete as the LibOS might need to write some system critical data to the resource [1]<br />
<br />
== References ==<br />
[1]<nowiki> Engler, D. R., M. F. Kaashoek, and J. O'Toole. "Exokernel." ACM SIGOPS Operating Systems Review 29.5 (1995): 251-66. Association for Computing Machinery. Web. 8 Oct. 2010. <http://portal.acm.org/citation.cfm?id=224076>.</nowiki><br />
<br />
[2]<nowiki>Engler, Dawson R. "The Exokernel Operating System Architecture." Diss. Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 1998. Web. 9 Oct. 2010. <http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.61.5054&rep=rep1&type=pdf>.</nowiki><br />
== Unsorted ==<br />
Exokernel-<br />
Minimalistic abstractions for developers<br />
Exokernels can be seen as a good compromise between virtual machines and microkernels in the sense that exokernels can give that low level access to developers similar to direct access through a protected layer and at the same time can contain enough hardware abstraction to allow similar benefit of hiding the hardware resources to application programs.<br />
Exokernel – fewest hardware abstractions to developer<br />
Microkernel - is the near-minimum amount of software that can provide the mechanisms needed to implement an operating system<br />
Virtual machine is a simulation of any or devices requested by an application program<br />
Exokenel – I’ve got a sound card<br />
Virtual Machine – I’ve got the sound card you’re looking for, perfect virtual match<br />
Microkernel – I’ve got sound card that plays Khazikstan sound format only<br />
MicroKernel - Very small, very predictable, good for schedualing (QNX is a microkernel - POSIX compatable, benefits of running linux software like modern browsers) <br />
<br />
This is some ideas I've got on this question, please contribute below<br />
-Rovic<br />
<br />
Outlining some main features here as I see them.<br />
<br />
I found that the exokernel was an even lower-level design than the microkernel, closer to the hardware without abstraction. They have the same architecture with the basic functionality contained in the kernel to manage everyone. As the exokernel "gives" the resource to the application it can use the resource in isolation of other applications (until forced to shared) much like VMs receive their resources, either partitioned or virtualized, and execute as if its running on its own machine. There is this similar notion of partitioning the resources among applications/OS and allowing them to take control of what they have. <br />
<br />
I'll locate some references later on. --[[User:Slay|Slay]] 15:00, 7 October 2010 (UTC)<br />
<br />
<br />
Maybe we can have an introduction - paragraph or so on each type - then similarities - differences - and the compromise. I am going to do some research and writing this weekend and I will put some up -- Jslonosky<br />
<br />
btw in my page (i guess you can call it that) i have some resources i have found --[[User:Asoknack|Asoknack]] 15:50, 8 October 2010 (UTC)<br />
- Wow, nice man. I will go ahead and write up the descriptive paragraphs on each kernel and virtual machine if no one minds. --Jslonosky</div>Asoknackhttps://homeostasis.scs.carleton.ca/wiki/index.php?title=Talk:COMP_3000_Essay_1_2010_Question_1&diff=2694Talk:COMP 3000 Essay 1 2010 Question 12010-10-09T19:36:26Z<p>Asoknack: /* Design Principles */</p>
<hr />
<div>== Microkernel == <br />
* Moving kernel functionality into processes contained in user space, e.g. file systems, drivers<br />
* Keep basic functionality in kernel to handle sharing of resources<br />
* Separation allows for manageability and security, corruption in one does not necessarily cause failure in system<br />
<br />
== Virtual Machine ==<br />
* Partitioning or virtualizing resources among OS virtualization running on top of host OS<br />
* Virtualized OS believe running on full machine on its own<br />
<br />
== Exokernel ==<br />
* Microkernel architecture with limited abstractions, ask for resource, get resource not resource abstraction<br />
* Less functionality provided by kernel, security and handling of resource sharing<br />
* Once application receives resource, it can use it as it wishes/in control<br />
* Keep the basic kernel to handle allocating resources and sharing rather than developing straight to the hardware<br />
* multiplex resources securly providing protection to mutualy distrustfull application threw the use of secure binding's<br />
* Goal of the exokernel is to give LibOS maximum freedom with out allowing them to interfere with each other. to do this the exokernel seperates protection from managment in doing this it provide 3 important tasks[1]<br />
** tracking ownership of resources [1]<br />
** ensuring protection by guarding all resource usage and binding points (not to shure what binding points are)[1]<br />
** revoking acces to the resources [1]<br />
* LibrayOS (LibOs)<br />
** Reduces the numbrt of kernel crossings[1]<br />
** Not trusted by the exokernel so can be trusted by the application , Example given is a bad pramater passed to the LibOs only the application is affected.[1] (So LibOs cant interact with kernel ???)<br />
** Any application running on the Exokernel can change the LibrayOs freely [1]<br />
** Application that use LibOS that implement standard interfaces (POSIX) will be portable on any system with the same interface [1]<br />
** LibOs can be made portable if it is desgined to interact with a low-level machine independant level to hide hardware details [1]<br />
<br />
=== Exokernel Design ===<br />
==== Design Principles ====<br />
*Securely Expose Hardware [1]<br />
** an Exokernel tries to creat low level primatives that the hardware resources can be accesse from, this allso includes interrupt's,exceptions [1]<br />
** the exokernel also export priviledged instructions to the LibOS so that traditional OS abstractions can be implemented (eg Process , address pace)[1]<br />
** Exokernels should avoid resource managment except when required protection ( allocation , revocation , ownership)[1]<br />
** application based resource managment is the best way to build fexible efficient flexible systems [1]<br />
*Expose allocation[1]<br />
** allow LibOs to request physical resources [1]<br />
** resource allocation should not be automatic, the LibOS should participate in every single allocation decision [1]<br />
*Expose Names[1]<br />
<pre><br />
An exokernel should export physical names.<br />
Physical names are efficient, since they remove a level of indirection<br />
otherwise required to translate between virtual and physical names.<br />
Physical names also encode useful resource attributes. For example,<br />
in a system with physically-indexed direct-mapped caches, the name<br />
of a physical page (i. e., its page number) determines which pages<br />
it conflicts with. Additionally, an exokemel should export bookkeeping<br />
data structures such as freelists, disk arm positions, and<br />
cached TLB entries so that applications can tailor their allocation<br />
requests to available resources,<br />
</pre> (copy and pasted from [1]) any one under stand what this mean's ? --[[User:Asoknack|Asoknack]] 03:35, 9 October 2010 (UTC)<br />
*Expose Revocation [1]<br />
** use visible revocation protocol [1]<br />
** allows well behaved LibOS to preform application level resource managment [1]<br />
** Visible revocation allows the LibOS to choose what instance of the resource to release (what makes thing "Visible" does it just mean every LibOS can see it ) --[[User:Asoknack|Asoknack]] 03:43, 9 October 2010 (UTC)<br />
<br />
''' Policy '''<br />
* LibOS handle resource policy decisions<br />
* Exokernels have a policy to decided between competeing LibOS (Priority , share of resources)<br />
** it enforces this threw allocation and deallocation (every thing can achived threw this even what block to write and such)<br />
<br />
==== Secure Bindings ====<br />
* Used by the exokernel to allow the LibOS to bind to resources [1]<br />
* Allow's the seperation of protection and resource use [1]<br />
* only checks authorization durning bind time [1]<br />
** Application's with complex need's for resources only authorized durining bind.[1]<br />
* acces checking is done during acces time and there is no need to understand complex accese need's during acces[1]<br />
** (this mean's that the exokernel check's once to make shure an application has authorization once approved, when the application tries to use the resource the exokernel is only concerned about policy conflict's)--[[User:Asoknack|Asoknack]] 18:20, 9 October 2010 (UTC)<br />
** alow's the kernel to protect the resources with out understanding what the resource is [1]<br />
*three way's to implement<br />
* Hardware Mechanisms [1]<br />
* Software caching [1]<br />
* Downloading application code [1]<br />
''' Downloading Code to the Kernel '''<br />
* used to implement secure bindings , and improve preformance[1]<br />
** eleminate the number of kernel crossings [1]<br />
** downloaded code can be run with out the application to be schedualed [2]<br />
<br />
== References ==<br />
[1]<nowiki> Engler, D. R., M. F. Kaashoek, and J. O'Toole. "Exokernel." ACM SIGOPS Operating Systems Review 29.5 (1995): 251-66. Association for Computing Machinery. Web. 8 Oct. 2010. <http://portal.acm.org/citation.cfm?id=224076>.</nowiki><br />
<br />
[2]<nowiki>Engler, Dawson R. "The Exokernel Operating System Architecture." Diss. Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 1998. Web. 9 Oct. 2010. <http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.61.5054&rep=rep1&type=pdf>.</nowiki><br />
== Unsorted ==<br />
Exokernel-<br />
Minimalistic abstractions for developers<br />
Exokernels can be seen as a good compromise between virtual machines and microkernels in the sense that exokernels can give that low level access to developers similar to direct access through a protected layer and at the same time can contain enough hardware abstraction to allow similar benefit of hiding the hardware resources to application programs.<br />
Exokernel – fewest hardware abstractions to developer<br />
Microkernel - is the near-minimum amount of software that can provide the mechanisms needed to implement an operating system<br />
Virtual machine is a simulation of any or devices requested by an application program<br />
Exokenel – I’ve got a sound card<br />
Virtual Machine – I’ve got the sound card you’re looking for, perfect virtual match<br />
Microkernel – I’ve got sound card that plays Khazikstan sound format only<br />
MicroKernel - Very small, very predictable, good for schedualing (QNX is a microkernel - POSIX compatable, benefits of running linux software like modern browsers) <br />
<br />
This is some ideas I've got on this question, please contribute below<br />
-Rovic<br />
<br />
Outlining some main features here as I see them.<br />
<br />
I found that the exokernel was an even lower-level design than the microkernel, closer to the hardware without abstraction. They have the same architecture with the basic functionality contained in the kernel to manage everyone. As the exokernel "gives" the resource to the application it can use the resource in isolation of other applications (until forced to shared) much like VMs receive their resources, either partitioned or virtualized, and execute as if its running on its own machine. There is this similar notion of partitioning the resources among applications/OS and allowing them to take control of what they have. <br />
<br />
I'll locate some references later on. --[[User:Slay|Slay]] 15:00, 7 October 2010 (UTC)<br />
<br />
<br />
Maybe we can have an introduction - paragraph or so on each type - then similarities - differences - and the compromise. I am going to do some research and writing this weekend and I will put some up -- Jslonosky<br />
<br />
btw in my page (i guess you can call it that) i have some resources i have found --[[User:Asoknack|Asoknack]] 15:50, 8 October 2010 (UTC)<br />
- Wow, nice man. I will go ahead and write up the descriptive paragraphs on each kernel and virtual machine if no one minds. --Jslonosky</div>Asoknackhttps://homeostasis.scs.carleton.ca/wiki/index.php?title=Talk:COMP_3000_Essay_1_2010_Question_1&diff=2693Talk:COMP 3000 Essay 1 2010 Question 12010-10-09T19:35:17Z<p>Asoknack: </p>
<hr />
<div>== Microkernel == <br />
* Moving kernel functionality into processes contained in user space, e.g. file systems, drivers<br />
* Keep basic functionality in kernel to handle sharing of resources<br />
* Separation allows for manageability and security, corruption in one does not necessarily cause failure in system<br />
<br />
== Virtual Machine ==<br />
* Partitioning or virtualizing resources among OS virtualization running on top of host OS<br />
* Virtualized OS believe running on full machine on its own<br />
<br />
== Exokernel ==<br />
* Microkernel architecture with limited abstractions, ask for resource, get resource not resource abstraction<br />
* Less functionality provided by kernel, security and handling of resource sharing<br />
* Once application receives resource, it can use it as it wishes/in control<br />
* Keep the basic kernel to handle allocating resources and sharing rather than developing straight to the hardware<br />
* multiplex resources securly providing protection to mutualy distrustfull application threw the use of secure binding's<br />
* Goal of the exokernel is to give LibOS maximum freedom with out allowing them to interfere with each other. to do this the exokernel seperates protection from managment in doing this it provide 3 important tasks[1]<br />
** tracking ownership of resources [1]<br />
** ensuring protection by guarding all resource usage and binding points (not to shure what binding points are)[1]<br />
** revoking acces to the resources [1]<br />
* LibrayOS (LibOs)<br />
** Reduces the numbrt of kernel crossings[1]<br />
** Not trusted by the exokernel so can be trusted by the application , Example given is a bad pramater passed to the LibOs only the application is affected.[1] (So LibOs cant interact with kernel ???)<br />
** Any application running on the Exokernel can change the LibrayOs freely [1]<br />
** Application that use LibOS that implement standard interfaces (POSIX) will be portable on any system with the same interface [1]<br />
** LibOs can be made portable if it is desgined to interact with a low-level machine independant level to hide hardware details [1]<br />
<br />
=== Exokernel Design ===<br />
==== Design Principles ====<br />
*Securely Expose Hardware [1]<br />
** an Exokernel tries to creat low level primatives that the hardware resources can be accesse from, this allso includes interrupt's,exceptions [1]<br />
** the exokernel also export priviledged instructions to the LibOS so that traditional OS abstractions can be implemented (eg Process , address pace)[1]<br />
** Exokernels should avoid resource managment except when required protection ( allocation , revocation , ownership)[1]<br />
** application based resource managment is the best way to build fexible efficient flexible systems [1]<br />
*Expose allocation[1]<br />
** allow LibOs to request physical resources [1]<br />
** resource allocation should not be automatic, the LibOS should participate in every single allocation decision [1]<br />
*Expose Names[1]<br />
<pre><br />
An exokernel should export physical names.<br />
Physical names are efficient, since they remove a level of indirection<br />
otherwise required to translate between virtual and physical names.<br />
Physical names also encode useful resource attributes. For example,<br />
in a system with physically-indexed direct-mapped caches, the name<br />
of a physical page (i. e., its page number) determines which pages<br />
it conflicts with. Additionally, an exokemel should export bookkeeping<br />
data structures such as freelists, disk arm positions, and<br />
cached TLB entries so that applications can tailor their allocation<br />
requests to available resources,<br />
</pre> (copy and pasted from [1]) and one under stand what this mean's --[[User:Asoknack|Asoknack]] 03:35, 9 October 2010 (UTC)<br />
*Expose Revocation [1]<br />
** use visible revocation protocol [1]<br />
** allows well behaved LibOS to preform application level resource managment [1]<br />
** Visible revocation allows the LibOS to choose what instance of the resource to release (what makes thing "Visible" does it just mean every LibOS can see it ) --[[User:Asoknack|Asoknack]] 03:43, 9 October 2010 (UTC)<br />
<br />
''' Policy '''<br />
* LibOS handle resource policy decisions<br />
* Exokernels have a policy to decided between competeing LibOS (Priority , share of resources)<br />
** it enforces this threw allocation and deallocation (every thing can achived threw this even what block to write and such)<br />
==== Secure Bindings ====<br />
* Used by the exokernel to allow the LibOS to bind to resources [1]<br />
* Allow's the seperation of protection and resource use [1]<br />
* only checks authorization durning bind time [1]<br />
** Application's with complex need's for resources only authorized durining bind.[1]<br />
* acces checking is done during acces time and there is no need to understand complex accese need's during acces[1]<br />
** (this mean's that the exokernel check's once to make shure an application has authorization once approved, when the application tries to use the resource the exokernel is only concerned about policy conflict's)--[[User:Asoknack|Asoknack]] 18:20, 9 October 2010 (UTC)<br />
** alow's the kernel to protect the resources with out understanding what the resource is [1]<br />
*three way's to implement<br />
* Hardware Mechanisms [1]<br />
* Software caching [1]<br />
* Downloading application code [1]<br />
''' Downloading Code to the Kernel '''<br />
* used to implement secure bindings , and improve preformance[1]<br />
** eleminate the number of kernel crossings [1]<br />
** downloaded code can be run with out the application to be schedualed [2]<br />
<br />
== References ==<br />
[1]<nowiki> Engler, D. R., M. F. Kaashoek, and J. O'Toole. "Exokernel." ACM SIGOPS Operating Systems Review 29.5 (1995): 251-66. Association for Computing Machinery. Web. 8 Oct. 2010. <http://portal.acm.org/citation.cfm?id=224076>.</nowiki><br />
<br />
[2]<nowiki>Engler, Dawson R. "The Exokernel Operating System Architecture." Diss. Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 1998. Web. 9 Oct. 2010. <http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.61.5054&rep=rep1&type=pdf>.</nowiki><br />
== Unsorted ==<br />
Exokernel-<br />
Minimalistic abstractions for developers<br />
Exokernels can be seen as a good compromise between virtual machines and microkernels in the sense that exokernels can give that low level access to developers similar to direct access through a protected layer and at the same time can contain enough hardware abstraction to allow similar benefit of hiding the hardware resources to application programs.<br />
Exokernel – fewest hardware abstractions to developer<br />
Microkernel - is the near-minimum amount of software that can provide the mechanisms needed to implement an operating system<br />
Virtual machine is a simulation of any or devices requested by an application program<br />
Exokenel – I’ve got a sound card<br />
Virtual Machine – I’ve got the sound card you’re looking for, perfect virtual match<br />
Microkernel – I’ve got sound card that plays Khazikstan sound format only<br />
MicroKernel - Very small, very predictable, good for schedualing (QNX is a microkernel - POSIX compatable, benefits of running linux software like modern browsers) <br />
<br />
This is some ideas I've got on this question, please contribute below<br />
-Rovic<br />
<br />
Outlining some main features here as I see them.<br />
<br />
I found that the exokernel was an even lower-level design than the microkernel, closer to the hardware without abstraction. They have the same architecture with the basic functionality contained in the kernel to manage everyone. As the exokernel "gives" the resource to the application it can use the resource in isolation of other applications (until forced to shared) much like VMs receive their resources, either partitioned or virtualized, and execute as if its running on its own machine. There is this similar notion of partitioning the resources among applications/OS and allowing them to take control of what they have. <br />
<br />
I'll locate some references later on. --[[User:Slay|Slay]] 15:00, 7 October 2010 (UTC)<br />
<br />
<br />
Maybe we can have an introduction - paragraph or so on each type - then similarities - differences - and the compromise. I am going to do some research and writing this weekend and I will put some up -- Jslonosky<br />
<br />
btw in my page (i guess you can call it that) i have some resources i have found --[[User:Asoknack|Asoknack]] 15:50, 8 October 2010 (UTC)<br />
- Wow, nice man. I will go ahead and write up the descriptive paragraphs on each kernel and virtual machine if no one minds. --Jslonosky</div>Asoknackhttps://homeostasis.scs.carleton.ca/wiki/index.php?title=Talk:COMP_3000_Essay_1_2010_Question_1&diff=2692Talk:COMP 3000 Essay 1 2010 Question 12010-10-09T19:34:47Z<p>Asoknack: </p>
<hr />
<div>== Microkernel == <br />
* Moving kernel functionality into processes contained in user space, e.g. file systems, drivers<br />
* Keep basic functionality in kernel to handle sharing of resources<br />
* Separation allows for manageability and security, corruption in one does not necessarily cause failure in system<br />
<br />
== Virtual Machine ==<br />
* Partitioning or virtualizing resources among OS virtualization running on top of host OS<br />
* Virtualized OS believe running on full machine on its own<br />
<br />
== Exokernel ==<br />
* Microkernel architecture with limited abstractions, ask for resource, get resource not resource abstraction<br />
* Less functionality provided by kernel, security and handling of resource sharing<br />
* Once application receives resource, it can use it as it wishes/in control<br />
* Keep the basic kernel to handle allocating resources and sharing rather than developing straight to the hardware<br />
* multiplex resources securly providing protection to mutualy distrustfull application threw the use of secure binding's<br />
* Goal of the exokernel is to give LibOS maximum freedom with out allowing them to interfere with each other. to do this the exokernel seperates protection from managment in doing this it provide 3 important tasks[1]<br />
** tracking ownership of resources [1]<br />
** ensuring protection by guarding all resource usage and binding points (not to shure what binding points are)[1]<br />
** revoking acces to the resources [1]<br />
* LibrayOS (LibOs)<br />
** Reduces the numbrt of kernel crossings[1]<br />
** Not trusted by the exokernel so can be trusted by the application , Example given is a bad pramater passed to the LibOs only the application is affected.[1] (So LibOs cant interact with kernel ???)<br />
** Any application running on the Exokernel can change the LibrayOs freely [1]<br />
** Application that use LibOS that implement standard interfaces (POSIX) will be portable on any system with the same interface [1]<br />
** LibOs can be made portable if it is desgined to interact with a low-level machine independant level to hide hardware details [1]<br />
<br />
=== Exokernel Design ===<br />
==== Design Principles ====<br />
*Securely Expose Hardware [1]<br />
** an Exokernel tries to creat low level primatives that the hardware resources can be accesse from, this allso includes interrupt's,exceptions [1]<br />
** the exokernel also export priviledged instructions to the LibOS so that traditional OS abstractions can be implemented (eg Process , address pace)[1]<br />
** Exokernels should avoid resource managment except when required protection ( allocation , revocation , ownership)[1]<br />
** application based resource managment is the best way to build fexible efficient flexible systems [1]<br />
*Expose allocation[1]<br />
** allow LibOs to request physical resources [1]<br />
** resource allocation should not be automatic, the LibOS should participate in every single allocation decision [1]<br />
*Expose Names[1]<br />
<pre><br />
An exokernel should export physical names.<br />
Physical names are efficient, since they remove a level of indirection<br />
otherwise required to translate between virtual and physical names.<br />
Physical names also encode useful resource attributes. For example,<br />
in a system with physically-indexed direct-mapped caches, the name<br />
of a physical page (i. e., its page number) determines which pages<br />
it conflicts with. Additionally, an exokemel should export bookkeeping<br />
data structures such as freelists, disk arm positions, and<br />
cached TLB entries so that applications can tailor their allocation<br />
requests to available resources,<br />
</pre> (copy and pasted from [1]) and one under stand what this mean's --[[User:Asoknack|Asoknack]] 03:35, 9 October 2010 (UTC)<br />
*Expose Revocation [1]<br />
** use visible revocation protocol [1]<br />
** allows well behaved LibOS to preform application level resource managment [1]<br />
** Visible revocation allows the LibOS to choose what instance of the resource to release (what makes thing "Visible" does it just mean every LibOS can see it ) --[[User:Asoknack|Asoknack]] 03:43, 9 October 2010 (UTC)<br />
<br />
''' Policy '''<br />
* LibOS handle resource policy decisions<br />
* Exokernels have a policy to decided between competeing LibOS (Priority , share of resources)<br />
** it enforces this threw allocation and deallocation (every thing can achived threw this even what block to write and such)<br />
==== Secure Bindings ====<br />
* Used by the exokernel to allow the LibOS to bind to resources [1]<br />
* Allow's the seperation of protection and resource use [1]<br />
* only checks authorization durning bind time [1]<br />
** Application's with complex need's for resources only authorized durining bind.[1]<br />
* acces checking is done during acces time and there is no need to understand complex accese need's during acces[1]<br />
** (this mean's that the exokernel check's once to make shure an application has authorization once approved, when the application tries to use the resource the exokernel is only concerned about policy conflict's)--[[User:Asoknack|Asoknack]] 18:20, 9 October 2010 (UTC)<br />
** alow's the kernel to protect the resources with out understanding what the resource is [1]<br />
*three way's to implement<br />
* Hardware Mechanisms [1]<br />
* Software caching [1]<br />
* Downloading application code [1]<br />
''' Downloading Code to the Kernel '''<br />
* used to implement secure bindings , and improve preformance[1]<br />
** eleminate the number of kernel crossings [1]<br />
** downloaded code can be run with out the application to be schedualed [2]<br />
<br />
== References ==<br />
[1]<nowiki> Engler, D. R., M. F. Kaashoek, and J. O'Toole. "Exokernel." ACM SIGOPS Operating Systems Review 29.5 (1995): 251-66. Association for Computing Machinery. Web. 8 Oct. 2010. <http://portal.acm.org/citation.cfm?id=224076>.</nowiki><br />
[2]<nowiki>Engler, Dawson R. "The Exokernel Operating System Architecture." Diss. Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 1998. Web. 9 Oct. 2010. <http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.61.5054&rep=rep1&type=pdf>.</nowiki><br />
== Unsorted ==<br />
Exokernel-<br />
Minimalistic abstractions for developers<br />
Exokernels can be seen as a good compromise between virtual machines and microkernels in the sense that exokernels can give that low level access to developers similar to direct access through a protected layer and at the same time can contain enough hardware abstraction to allow similar benefit of hiding the hardware resources to application programs.<br />
Exokernel – fewest hardware abstractions to developer<br />
Microkernel - is the near-minimum amount of software that can provide the mechanisms needed to implement an operating system<br />
Virtual machine is a simulation of any or devices requested by an application program<br />
Exokenel – I’ve got a sound card<br />
Virtual Machine – I’ve got the sound card you’re looking for, perfect virtual match<br />
Microkernel – I’ve got sound card that plays Khazikstan sound format only<br />
MicroKernel - Very small, very predictable, good for schedualing (QNX is a microkernel - POSIX compatable, benefits of running linux software like modern browsers) <br />
<br />
This is some ideas I've got on this question, please contribute below<br />
-Rovic<br />
<br />
Outlining some main features here as I see them.<br />
<br />
I found that the exokernel was an even lower-level design than the microkernel, closer to the hardware without abstraction. They have the same architecture with the basic functionality contained in the kernel to manage everyone. As the exokernel "gives" the resource to the application it can use the resource in isolation of other applications (until forced to shared) much like VMs receive their resources, either partitioned or virtualized, and execute as if its running on its own machine. There is this similar notion of partitioning the resources among applications/OS and allowing them to take control of what they have. <br />
<br />
I'll locate some references later on. --[[User:Slay|Slay]] 15:00, 7 October 2010 (UTC)<br />
<br />
<br />
Maybe we can have an introduction - paragraph or so on each type - then similarities - differences - and the compromise. I am going to do some research and writing this weekend and I will put some up -- Jslonosky<br />
<br />
btw in my page (i guess you can call it that) i have some resources i have found --[[User:Asoknack|Asoknack]] 15:50, 8 October 2010 (UTC)<br />
- Wow, nice man. I will go ahead and write up the descriptive paragraphs on each kernel and virtual machine if no one minds. --Jslonosky</div>Asoknackhttps://homeostasis.scs.carleton.ca/wiki/index.php?title=Talk:COMP_3000_Essay_1_2010_Question_1&diff=2689Talk:COMP 3000 Essay 1 2010 Question 12010-10-09T19:26:43Z<p>Asoknack: /* Exokernel */</p>
<hr />
<div>== Microkernel == <br />
* Moving kernel functionality into processes contained in user space, e.g. file systems, drivers<br />
* Keep basic functionality in kernel to handle sharing of resources<br />
* Separation allows for manageability and security, corruption in one does not necessarily cause failure in system<br />
<br />
== Virtual Machine ==<br />
* Partitioning or virtualizing resources among OS virtualization running on top of host OS<br />
* Virtualized OS believe running on full machine on its own<br />
<br />
== Exokernel ==<br />
* Microkernel architecture with limited abstractions, ask for resource, get resource not resource abstraction<br />
* Less functionality provided by kernel, security and handling of resource sharing<br />
* Once application receives resource, it can use it as it wishes/in control<br />
* Keep the basic kernel to handle allocating resources and sharing rather than developing straight to the hardware<br />
* multiplex resources securly providing protection to mutualy distrustfull application threw the use of secure binding's<br />
* Goal of the exokernel is to give LibOS maximum freedom with out allowing them to interfere with each other. to do this the exokernel seperates protection from managment in doing this it provide 3 important tasks[1]<br />
** tracking ownership of resources [1]<br />
** ensuring protection by guarding all resource usage and binding points (not to shure what binding points are)[1]<br />
** revoking acces to the resources [1]<br />
* LibrayOS (LibOs)<br />
** Reduces the numbrt of kernel crossings[1]<br />
** Not trusted by the exokernel so can be trusted by the application , Example given is a bad pramater passed to the LibOs only the application is affected.[1] (So LibOs cant interact with kernel ???)<br />
** Any application running on the Exokernel can change the LibrayOs freely [1]<br />
** Application that use LibOS that implement standard interfaces (POSIX) will be portable on any system with the same interface [1]<br />
** LibOs can be made portable if it is desgined to interact with a low-level machine independant level to hide hardware details [1]<br />
<br />
=== Exokernel Design ===<br />
==== Design Principles ====<br />
*Securely Expose Hardware [1]<br />
** an Exokernel tries to creat low level primatives that the hardware resources can be accesse from, this allso includes interrupt's,exceptions [1]<br />
** the exokernel also export priviledged instructions to the LibOS so that traditional OS abstractions can be implemented (eg Process , address pace)[1]<br />
** Exokernels should avoid resource managment except when required protection ( allocation , revocation , ownership)[1]<br />
** application based resource managment is the best way to build fexible efficient flexible systems [1]<br />
*Expose allocation[1]<br />
** allow LibOs to request physical resources [1]<br />
** resource allocation should not be automatic, the LibOS should participate in every single allocation decision [1]<br />
*Expose Names[1]<br />
<pre><br />
An exokernel should export physical names.<br />
Physical names are efficient, since they remove a level of indirection<br />
otherwise required to translate between virtual and physical names.<br />
Physical names also encode useful resource attributes. For example,<br />
in a system with physically-indexed direct-mapped caches, the name<br />
of a physical page (i. e., its page number) determines which pages<br />
it conflicts with. Additionally, an exokemel should export bookkeeping<br />
data structures such as freelists, disk arm positions, and<br />
cached TLB entries so that applications can tailor their allocation<br />
requests to available resources,<br />
</pre> (copy and pasted from [1]) and one under stand what this mean's --[[User:Asoknack|Asoknack]] 03:35, 9 October 2010 (UTC)<br />
*Expose Revocation [1]<br />
** use visible revocation protocol [1]<br />
** allows well behaved LibOS to preform application level resource managment [1]<br />
** Visible revocation allows the LibOS to choose what instance of the resource to release (what makes thing "Visible" does it just mean every LibOS can see it ) --[[User:Asoknack|Asoknack]] 03:43, 9 October 2010 (UTC)<br />
<br />
''' Policy '''<br />
* LibOS handle resource policy decisions<br />
* Exokernels have a policy to decided between competeing LibOS (Priority , share of resources)<br />
** it enforces this threw allocation and deallocation (every thing can achived threw this even what block to write and such)<br />
==== Secure Bindings ====<br />
* Used by the exokernel to allow the LibOS to bind to resources [1]<br />
* Allow's the seperation of protection and resource use [1]<br />
* only checks authorization durning bind time [1]<br />
** Application's with complex need's for resources only authorized durining bind.[1]<br />
* acces checking is done during acces time and there is no need to understand complex accese need's during acces[1]<br />
** (this mean's that the exokernel check's once to make shure an application has authorization once approved, when the application tries to use the resource the exokernel is only concerned about policy conflict's)--[[User:Asoknack|Asoknack]] 18:20, 9 October 2010 (UTC)<br />
** alow's the kernel to protect the resources with out understanding what the resource is [1]<br />
*three way's to implement<br />
* Hardware Mechanisms [1]<br />
* Software caching [1]<br />
* Downloading application code [1]<br />
''' Downloading Code to the Kernel '''<br />
* used to implement secure bindings , and improve preformance[1]<br />
** eleminate the number of kernel crossings [1]<br />
** <pre><br />
The second is more subtle: the execution<br />
time of downloaded code can be readily bounded [18].<br />
[18]P. Deutsch and C. A. Grant. A flexible measurement tool for<br />
software systems. Information Processing 71, 1971.<br />
</pre><br />
<br />
== References ==<br />
[1]<nowiki> Engler, D. R., M. F. Kaashoek, and J. O'Toole. "Exokernel." ACM SIGOPS Operating Systems Review 29.5 (1995): 251-66. Association for Computing Machinery. Web. 8 Oct. 2010. <http://portal.acm.org/citation.cfm?id=224076>.</nowiki><br />
<br />
== Unsorted ==<br />
Exokernel-<br />
Minimalistic abstractions for developers<br />
Exokernels can be seen as a good compromise between virtual machines and microkernels in the sense that exokernels can give that low level access to developers similar to direct access through a protected layer and at the same time can contain enough hardware abstraction to allow similar benefit of hiding the hardware resources to application programs.<br />
Exokernel – fewest hardware abstractions to developer<br />
Microkernel - is the near-minimum amount of software that can provide the mechanisms needed to implement an operating system<br />
Virtual machine is a simulation of any or devices requested by an application program<br />
Exokenel – I’ve got a sound card<br />
Virtual Machine – I’ve got the sound card you’re looking for, perfect virtual match<br />
Microkernel – I’ve got sound card that plays Khazikstan sound format only<br />
MicroKernel - Very small, very predictable, good for schedualing (QNX is a microkernel - POSIX compatable, benefits of running linux software like modern browsers) <br />
<br />
This is some ideas I've got on this question, please contribute below<br />
-Rovic<br />
<br />
Outlining some main features here as I see them.<br />
<br />
I found that the exokernel was an even lower-level design than the microkernel, closer to the hardware without abstraction. They have the same architecture with the basic functionality contained in the kernel to manage everyone. As the exokernel "gives" the resource to the application it can use the resource in isolation of other applications (until forced to shared) much like VMs receive their resources, either partitioned or virtualized, and execute as if its running on its own machine. There is this similar notion of partitioning the resources among applications/OS and allowing them to take control of what they have. <br />
<br />
I'll locate some references later on. --[[User:Slay|Slay]] 15:00, 7 October 2010 (UTC)<br />
<br />
<br />
Maybe we can have an introduction - paragraph or so on each type - then similarities - differences - and the compromise. I am going to do some research and writing this weekend and I will put some up -- Jslonosky<br />
<br />
btw in my page (i guess you can call it that) i have some resources i have found --[[User:Asoknack|Asoknack]] 15:50, 8 October 2010 (UTC)<br />
- Wow, nice man. I will go ahead and write up the descriptive paragraphs on each kernel and virtual machine if no one minds. --Jslonosky</div>Asoknackhttps://homeostasis.scs.carleton.ca/wiki/index.php?title=Talk:COMP_3000_Essay_1_2010_Question_1&diff=2673Talk:COMP 3000 Essay 1 2010 Question 12010-10-09T18:29:22Z<p>Asoknack: /* Exokernel */</p>
<hr />
<div>== Microkernel == <br />
* Moving kernel functionality into processes contained in user space, e.g. file systems, drivers<br />
* Keep basic functionality in kernel to handle sharing of resources<br />
* Separation allows for manageability and security, corruption in one does not necessarily cause failure in system<br />
<br />
== Virtual Machine ==<br />
* Partitioning or virtualizing resources among OS virtualization running on top of host OS<br />
* Virtualized OS believe running on full machine on its own<br />
<br />
== Exokernel ==<br />
* Microkernel architecture with limited abstractions, ask for resource, get resource not resource abstraction<br />
* Less functionality provided by kernel, security and handling of resource sharing<br />
* Once application receives resource, it can use it as it wishes/in control<br />
* Keep the basic kernel to handle allocating resources and sharing rather than developing straight to the hardware<br />
* multiplex resources securly providing protection to mutualy distrustfull application threw the use of secure binding's<br />
* Goal of the exokernel is to give LibOS maximum freedom with out allowing them to interfere with each other. to do this the exokernel seperates protection from managment in doing this it provide 3 important tasks[1]<br />
** tracking ownership of resources [1]<br />
** ensuring protection by guarding all resource usage and binding points (not to shure what binding points are)[1]<br />
** revoking acces to the resources [1]<br />
* LibrayOS (LibOs)<br />
** Reduces the numbrt of kernel crossings[1]<br />
** Not trusted by the exokernel so can be trusted by the application , Example given is a bad pramater passed to the LibOs only the application is affected.[1] (So LibOs cant interact with kernel ???)<br />
** Any application running on the Exokernel can change the LibrayOs freely [1]<br />
** Application that use LibOS that implement standard interfaces (POSIX) will be portable on any system with the same interface [1]<br />
** LibOs can be made portable if it is desgined to interact with a low-level machine independant level to hide hardware details [1]<br />
<br />
=== Exokernel Design ===<br />
==== Design Principles ====<br />
*Securely Expose Hardware [1]<br />
** an Exokernel tries to creat low level primatives that the hardware resources can be accesse from, this allso includes interrupt's,exceptions [1]<br />
** the exokernel also export priviledged instructions to the LibOS so that traditional OS abstractions can be implemented (eg Process , address pace)[1]<br />
** Exokernels should avoid resource managment except when required protection ( allocation , revocation , ownership)[1]<br />
** application based resource managment is the best way to build fexible efficient flexible systems [1]<br />
*Expose allocation[1]<br />
** allow LibOs to request physical resources [1]<br />
** resource allocation should not be automatic, the LibOS should participate in every single allocation decision [1]<br />
*Expose Names[1]<br />
<pre><br />
An exokernel should export physical names.<br />
Physical names are efficient, since they remove a level of indirection<br />
otherwise required to translate between virtual and physical names.<br />
Physical names also encode useful resource attributes. For example,<br />
in a system with physically-indexed direct-mapped caches, the name<br />
of a physical page (i. e., its page number) determines which pages<br />
it conflicts with. Additionally, an exokemel should export bookkeeping<br />
data structures such as freelists, disk arm positions, and<br />
cached TLB entries so that applications can tailor their allocation<br />
requests to available resources,<br />
</pre> (copy and pasted from [1]) and one under stand what this mean's --[[User:Asoknack|Asoknack]] 03:35, 9 October 2010 (UTC)<br />
*Expose Revocation [1]<br />
** use visible revocation protocol [1]<br />
** allows well behaved LibOS to preform application level resource managment [1]<br />
** Visible revocation allows the LibOS to choose what instance of the resource to release (what makes thing "Visible" does it just mean every LibOS can see it ) --[[User:Asoknack|Asoknack]] 03:43, 9 October 2010 (UTC)<br />
<br />
''' Policy '''<br />
* LibOS handle resource policy decisions<br />
* Exokernels have a policy to decided between competeing LibOS (Priority , share of resources)<br />
** it enforces this threw allocation and deallocation (every thing can achived threw this even what block to write and such)<br />
==== Secure Bindings ====<br />
* Used by the exokernel to allow the LibOS to bind to resources [1]<br />
* Allow's the seperation of protection and resource use [1]<br />
* only checks authorization durning bind time [1]<br />
** Application's with complex need's for resources only authorized durining bind.[1]<br />
* acces checking is done during acces time and there is no need to understand complex accese need's during acces[1]<br />
** (this mean's that the exokernel check's once to make shure an application has authorization once approved, when the application tries to use the resource the exokernel is only concerned about policy conflict's)--[[User:Asoknack|Asoknack]] 18:20, 9 October 2010 (UTC)<br />
** alow's the kernel to protect the resources with out understanding what the resource is [1]<br />
*three way's to implement<br />
* Hardware Mechanisms [1]<br />
* Software caching [1]<br />
* Downloading application code [1]<br />
''' Downloading Code to the Kernel '''<br />
<br />
== References ==<br />
[1]<nowiki> Engler, D. R., M. F. Kaashoek, and J. O'Toole. "Exokernel." ACM SIGOPS Operating Systems Review 29.5 (1995): 251-66. Association for Computing Machinery. Web. 8 Oct. 2010. <http://portal.acm.org/citation.cfm?id=224076>.</nowiki><br />
<br />
== Unsorted ==<br />
Exokernel-<br />
Minimalistic abstractions for developers<br />
Exokernels can be seen as a good compromise between virtual machines and microkernels in the sense that exokernels can give that low level access to developers similar to direct access through a protected layer and at the same time can contain enough hardware abstraction to allow similar benefit of hiding the hardware resources to application programs.<br />
Exokernel – fewest hardware abstractions to developer<br />
Microkernel - is the near-minimum amount of software that can provide the mechanisms needed to implement an operating system<br />
Virtual machine is a simulation of any or devices requested by an application program<br />
Exokenel – I’ve got a sound card<br />
Virtual Machine – I’ve got the sound card you’re looking for, perfect virtual match<br />
Microkernel – I’ve got sound card that plays Khazikstan sound format only<br />
MicroKernel - Very small, very predictable, good for schedualing (QNX is a microkernel - POSIX compatable, benefits of running linux software like modern browsers) <br />
<br />
This is some ideas I've got on this question, please contribute below<br />
-Rovic<br />
<br />
Outlining some main features here as I see them.<br />
<br />
I found that the exokernel was an even lower-level design than the microkernel, closer to the hardware without abstraction. They have the same architecture with the basic functionality contained in the kernel to manage everyone. As the exokernel "gives" the resource to the application it can use the resource in isolation of other applications (until forced to shared) much like VMs receive their resources, either partitioned or virtualized, and execute as if its running on its own machine. There is this similar notion of partitioning the resources among applications/OS and allowing them to take control of what they have. <br />
<br />
I'll locate some references later on. --[[User:Slay|Slay]] 15:00, 7 October 2010 (UTC)<br />
<br />
<br />
Maybe we can have an introduction - paragraph or so on each type - then similarities - differences - and the compromise. I am going to do some research and writing this weekend and I will put some up -- Jslonosky<br />
<br />
btw in my page (i guess you can call it that) i have some resources i have found --[[User:Asoknack|Asoknack]] 15:50, 8 October 2010 (UTC)<br />
- Wow, nice man. I will go ahead and write up the descriptive paragraphs on each kernel and virtual machine if no one minds. --Jslonosky</div>Asoknack