Operating System Organization
Andy Wang
COP 5611
Advanced Operating Systems
Outline
Organizing operating systemsSome microkernel examplesObject-oriented organizations
Spring
Organization for multiprocessors
Operating System Organization
What is the best way to design an OS?Put another way, what are the important
software characteristics of an OS?Decide on those, then design to match
them
Important OS Software Characteristics
Correctness and simplicityPower and completenessPerformanceExtensibility and portabilitySuitability for distributed and parallel
systemsCompatibility with existing systemsSecurity and fault tolerance
Common OS Organizations
Monolithic Virtual machine Layered designsKernel designsMicrokernelsObject-Oriented
Note that individual OS components can be organized these ways
Monolithic OS Design
Build OS as single combined moduleHopefully using data abstraction,
compartmentalized function, etc.
OS lives in its own, single address spaceExamples
DOSearly Unix systemsmost VFS file systems
Pros/Cons of Monolithic OS Organization
+ Highly adaptable (at first . . .)
+ Little planning required
+ Potentially good performance
– Hard to extend and change
– Eventually becomes extremely complex
– Eventually performance becomes poor
– Highly prone to bugs
Virtual Machine Organizations
A base OSprovides services in a very generic way
One or more other OSes live on top of the base systemUsing the services it providesTo offer different views of system to users
Examples - IBM’s VM/370, the Java interpreter
Pros/Cons of VM Organizations
+ Allows multiple OS personalities on a single machine
+ Good OS development environment
+ Can provide good portability of applications
– Significant performance problems
– Especially if more than 2 layers
– Lacking in flexibility
Layered OS Design
Design tiny innermost layer of softwareNext layer out provides more functionality
Using services provided by inner layer
Continue adding layers until all functionality required has been provided
ExamplesMulticsFlukelayered file systems and comm. protocols
Pros/Cons of Layered Organization
+ More structured and extensible
+ Easy model
– Layer crossing can be expensive
– In some cases, multiple layers unnecessary
– Duplicate caching/consistency issues
Kernel OS Designs
Similar to layers, but only two OS layersKernel OS servicesNon-kernel OS services
Move certain functionality outside kernelfile systems, libraries
Unlike VMs, kernel doesn’t stand aloneExamples - Most modern Unix systems
Pros/Cons of Kernel OS Organization
+ Advantages of layering, without disadvantage of many layers
+ Easier to demonstrate correctness
– Not as general as layering
– Offers no organizing principle for other parts of OS, user services
– Kernels tend to grow to monoliths
Microkernel OS Design
Like kernels, only less soTry to include only small set of required
services in the microkernelMoves even more out of innermost OS
partLike parts of VM, IPC, paging, etc.
Examples - Mach, Amoeba, Plan 9, Windows NT, Chorus
Pros/Cons of Microkernel Organization
+ Those of kernels, plus:
+ Minimizes code for most important OS services
+ Offers model for entire system
– Microkernels tend to grow into kernels
– Requires very careful initial design choices
– Serious danger of bad performance
Object-Oriented OS Design
Design internals of OS as set of privileged objects, using OO methods
Sometimes extended into application spaceTends to lead to client/server style of
computingExamples
Mach (internally)Spring (totally)
Pros/Cons of OO OS Organization
+ Offers organizational model for entire system
+ Easily divides system into pieces
+ Good hooks for security
– Can be a limiting model
– Must watch for performance problems
Micro-ness is in the eye of the beholderMachAmoebaPlan 9Windows NT
Some Important Microkernel Designs
Mach
Mach didn’t start life as a microkernelBecame one in Mach 3.0
Object-oriented internallyDoesn’t force OO at higher levels
Microkernel focus is on communications facilities
Much concern with parallel/distributed systems
Mach Model
Kernelspace
UserspaceSoftware
emulationlayer
4.3BSDemul.
SysVemul.
HP/UXemul.
otheremul.
Userprocesses
Microkernel
What’s In the Mach Microkernel?
Tasks & ThreadsPorts and Port SetsMessagesMemory ObjectsDevice SupportMultiprocessor/Distributed Support
Mach Tasks
An execution environment providing basic unit of resource allocation
Contains Virtual address spacePort setOne or more threads
Mach Task Model
Processport
Bootstrapport
Exceptionport
Registeredports
Addressspace
Thread
Process
Use
r sp
ace
Ker
nel
Mach Threads
Basic unit of Mach executionRun in context of one taskAll threads in one task share its resourcesUnix process similar to Mach task with
single thread
Task and Thread Scheduling
Very flexibleControllable by kernel or user-level
programsThreads of single task can run in parallel
On single processor and multiple processorsLocal and global schedulers for multicore
machines
User-level scheduling can extend to multiprocessor scheduling
Mach Ports
Basic Mach object reference mechanismKernel-protected communication channel
Tasks communicate by sending messages to ports
Threads in receiving tasks pull messages off a queue
Ports are location independentPort queues protected by kernel; bounded
Port Rights
Mechanism by which tasks control who may talk to their ports
Kernel prevents messages being set to a port unless the sender has its port rights
Port rights also control which single task receives on a port
Port Sets
A group of ports sharing a common message queue
A thread can receive messages from a port setThus servicing multiple ports
Messages are tagged with the actual portA port can be a member of at most one
port set
Mach Messages
Typed collection of data objectsUnlimited size
Sent to particular portMay contain actual data or pointer to dataPort rights may be passed in a messageKernel inspects messages for particular
data types (like port rights)
Mach Memory Objects
A source of memory accessible by tasksMay be managed by user-mode external
memory managera file managed by a file server
Accessed by messages through a portKernel manages physical memory as
cache of contents of memory objects
Mach Device Support
Devices represented by portsMessages control the device and its data
transferActual device driver outside the kernel in
an external object
Mach Multiprocessor and Distributed System SupportMessages and ports can extend across
processor/machine boundariesLocation transparent entities
Kernel manages distributed hardwarePer-processor data structures, but also
structures shared across the processorsIntermachine messages handled by a
server that knows about network details
Mach’s NetMsgServer
User-level capability-based networking daemon
Handles naming and transport for messages
Provides world-wide name service for ports
Messages sent to off-node ports go through this server
NetMsgServer in Action
User space
Kernel space
Sender
User process
NetMsgServer
User space
Kernel space
Receiver
User process
NetMsgServer
Mach and User Interfaces
Mach was built for the UNIX community UNIX programs don’t know about ports,
messages, threads, and tasksHow do UNIX programs run under Mach?Mach typically runs a user-level server that
offers UNIX emulationEither provides UNIX system call semantics
internally or translates it to Mach primitives
Amoeba
Amoeba presents transparent distributed computing environment (a la timesharing)
Major componentsprocessor poolsserver machinesX-terminalsgateway servers for off-LAN communications
Microkernel runs everywhere
Amoeba Diagram
Server pool
Workstations
Specialized servers
Gateway
LAN
WAN
Amoeba’s Basic Primitives
ProcessesThreadsLow level memory managementRPCI/O
Amoeba Software Model
Addressspace
Thread
Process
Use
r sp
ace
Ker
nel
Process mgmt.Memory mgmt.Comm’sI/O
Amoeba Processes
Similar to Mach processesProcess has multiple threads
But each thread has a dedicated portion of a shared address space
Thread scheduling by microkernel
Amoeba Memory Management
Amoeba microkernel supports concept of segmentsTo avoid the heavy cost of fork across machine
boundaries
A segment is a set of memory blocksSegments can be mapped in/out of
address spaces
Remote Procedure Call
Fundamental Amoeba IPC mechanismAmoeba RPC is thread-to-threadMicrokernel handles on/off machine
invocation of RPC
Plan 9
Everything in Plan 9 is a file system (almost)ProcessesFilesIPCDevices
Only a few operations are required for filesText-based interface
Plan 9 Basic Primitives
TerminalsCPU serversFile systemsChannels
File Systems in Plan 9
File systems consist of a hierarchical tree Can be persistent or temporaryCan represent simple or complex entitiesCan be implemented
In the kernel as a driverAs a user level processBy remote servers
Sample Plan 9 File Systems
Device file systems - Directory containing data and ctl file
Process file systems - Directory containing files for memory, text, control, etc.
Network interface file systems
Plan 9 Channels and Mounting
A channel is a file descriptorSince a file can be anything, a channel is a
general pointer to anything
Plan 9 provides 9 primitives on channelsMounting is used to bring resources into a
user’s name spaceUsers start with minimal name space,
build it up as they go along
Typical User Operation in Plan 9User logs in to a terminal
Provides bitmap display and input
Minimal name space is set up on loginMounts used to build spacePooled CPU servers used for compute
tasksSubstantial caching used to make
required files local
Windows NT
More layered than some microkernel designs
NT Microkernel provides base servicesExecutive builds on base services via
modules to provide user-level servicesUser-level services used by
privileged subsystems (parts of OS)true user programs
Windows NT Diagram
Hardware
MicrokernelExecutive
UserProcesses
ProtectedSubsystems
User Mode
Kernel Mode
Win32 POSIX
NT Microkernel
Thread schedulingProcess switchingException and interrupt handlingMultiprocessor synchronizationOnly NT part not preemptible or pageable
All other NT components runs in threads
NT Executive
Higher level services than microkernelRuns in kernel mode
but separate from the microkernel itselfease of change and expansion
Built of independent modulesall preemptible and pageable
NT Executive Modules
Object managerSecurity reference monitorProcess managerLocal procedure call facility (a la RPC)Virtual memory managerI/O manager
Typical Activity in NT
Hardware
KernelExecutive
Client Process
Win32ProtectedSubsystem
Windows NT Threads
Executable entity running in an address space
Scheduled by kernelHandled by kernel’s dispatcherKernel works with stripped-down view of
thread - kernel thread objectMultiple process threads can execute on
distinct processors--even Executive ones
Microkernel Process Object
A proxy for the real processMicrokernel’s interface to the real processContains pointers to the various resources
owned by the processe.g., threads and address spaces
Alterable only by microkernel calls
Microkernel Thread Objects
Proxies for the real thread One per thread
Contains minimal information about threadPriorities, dispatching state
Used by the microkernel for dispatching
Microkernel Process and Thread Object Diagram
Kernel Process
Kernel Thread
Kernel Thread
Other Microkernel Process Information
Kernel Process
Kernel Thread
Kernel Thread
Virtual Address SpaceDescriptors
Object Table
ProcessObject
ThreadObjects
More On Microkernels
Microkernels were the research architecture of the 80s
But few commercial systems really use microkernels
To some extent, “microkernel” is now a dirty word in OS design
Why?