Fbufs: a high-bandwidth cross-domain transfer facility
SOSP '93 Proceedings of the fourteenth ACM symposium on Operating systems principles
SOSP '95 Proceedings of the fifteenth ACM symposium on Operating systems principles
Exokernel: an operating system architecture for application-level resource management
SOSP '95 Proceedings of the fifteenth ACM symposium on Operating systems principles
Effects of buffering semantics on I/O performance
OSDI '96 Proceedings of the second USENIX symposium on Operating systems design and implementation
Flick: a flexible, optimizing IDL compiler
Proceedings of the ACM SIGPLAN 1997 conference on Programming language design and implementation
The Flux OSKit: a substrate for kernel and language research
Proceedings of the sixteenth ACM symposium on Operating systems principles
Application performance and flexibility on exokernel systems
Proceedings of the sixteenth ACM symposium on Operating systems principles
The performance of μ-kernel-based systems
Proceedings of the sixteenth ACM symposium on Operating systems principles
Mach-US: UNIX on generic OS object servers
TCON'95 Proceedings of the USENIX 1995 Technical Conference Proceedings
The pebble component-based operating system
ATEC '99 Proceedings of the annual conference on USENIX Annual Technical Conference
The sawmill framework for virtual memory diversity
ACSAC '01 Proceedings of the 6th Australasian conference on Computer systems architecture
Building appliances out of components using Pebble
EW 9 Proceedings of the 9th workshop on ACM SIGOPS European workshop: beyond the PC: new challenges for the operating system
Transparent Orthogonal Checkpointing through User-Level Pagers
POS-9 Revised Papers from the 9th International Workshop on Persistent Object Systems
Vulnerabilities in Synchronous IPC Designs
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
MINIX 3: a highly reliable, self-repairing operating system
ACM SIGOPS Operating Systems Review
Software—Practice & Experience
Unmodified device driver reuse and improved system dependability via virtual machines
OSDI'04 Proceedings of the 6th conference on Symposium on Opearting Systems Design & Implementation - Volume 6
Stub-code performance is becoming important
WIESS'00 Proceedings of the 1st conference on Industrial Experiences with Systems Software - Volume 1
A case study on the cost and benefit of dynamic RPC marshalling for low-level system components
ACM SIGOPS Operating Systems Review
A microkernel API for fine-grained decomposition
Proceedings of the Fifth Workshop on Programming Languages and Operating Systems
Rump file systems: kernel code reborn
USENIX'09 Proceedings of the 2009 conference on USENIX Annual technical conference
Reorganizing UNIX for reliability
ACSAC'06 Proceedings of the 11th Asia-Pacific conference on Advances in Computer Systems Architecture
An empirical comparison of Java remote communication primitives for intra-node data transmission
ACM SIGMETRICS Performance Evaluation Review
Proceedings of the Twenty-Fourth ACM Symposium on Operating Systems Principles
ACM SIGOPS 24th Symposium on Operating Systems Principles
VirtuOS: an operating system with kernel virtualization
Proceedings of the Twenty-Fourth ACM Symposium on Operating Systems Principles
Hi-index | 0.00 |
Multiserver systems, operating systems composed from a set of hardware-protected servers, initially generated significant interest in the early 1990's. If a monolithic operating system could be decomposed into a set of servers with well-defined interfaces and well-understood protection mechanisms, then the robustness and configurability of operating systems could be improved significantly. However, initial multiserver systems [4, 14] were hampered by poor performance and software engineering complexity. The Mach microkernel [10] base suffered from a number of performance problems (e.g., IPC), and a number of difficult problems must be solved to enable the construction of a system from orthogonal servers (e.g., unified buffer management, coherent security, flexible server interface design, etc.).In the meantime, a number of important research results have been generated that lead us to believe that a re-evaluation of multiserver system architectures is warranted. First, microkernel technology has vastly improved since Mach. L4 [13] and Exokernel [6] are two recent microkernels upon which efficient servers have been constructed (i.e., L4Linux for L4 [12] and ExOS for Exokernel [9]). In these systems, the servers are independent OSes, but we are encouraged that the kernel and server overheads, in particular context switches overheads, are minimized. Second, we have seen marked improvements in memory management approaches that enable zero-copy protocols (e.g., fbufs [5] and emulated copy [3]). Other advances include, improved kernel modularity [7], component model services [8], multiserver security protocols, etc. Note that we are not the only researchers who believe it is time to re-examine multiservers, as a multiserver system is also being constructed on the Pebble kernel [11].In addition, there is a greater need for multiserver architectures now. Consider the emergence of a variety of specialized, embedded systems. Traditionally, each embedded system includes a specialized operating system. Given the expected proliferation of such systems, the number of operating systems that must be built will increase significantly. Tools for configuring operating systems from existing servers will become increasingly more valuable, and adequate protection among servers will be necessary to guard valuable information that may be stored on such systems (e.g., private keys). This is exactly the motivation for multiserver systems.In this paper, we define the SawMill multiserver approach. This approach consists of: (1) an architecture upon which efficient and robust multiserver systems can be constructed and (2) a set of protocol design guidelines for solving key multiserver problems. First, the SawMill architecture consists of a set of user-level servers executing on the L4 microkernel and a set of services that enable these servers to obtain and manage resources locally. Second, the SawMill protocol design guidelines enable system designers to minimize the communication overheads introduced by protection boundaries between servers. We demonstrate the SawMill approach for two server systems derived from the Linux code base: (1) an Ext2 file system and (2) an IP network system.The remainder of the paper is structured as follows. In Section 2, we define the problems that must be solved in converting a monolithic operating system into a multiserver operating system. In Sections 3 and 4, we define the SawMill architecture and the protocol design approach, respectively. In Section 5, we demonstrate some of these guidelines in the file system and network system implementations. In Section 6, we examine the performance of the current SawMill Linux system.