Communications of the ACM
Using registers to optimize cross-domain call performance
ASPLOS III Proceedings of the third international conference on Architectural support for programming languages and operating systems
Lightweight remote procedure call
SOSP '89 Proceedings of the twelfth ACM symposium on Operating systems principles
A Retrospective on the VAX VMM Security Kernel
IEEE Transactions on Software Engineering
The impact of operating system structure on memory system performance
SOSP '93 Proceedings of the fourteenth ACM symposium on Operating systems principles
Improving IPC by kernel design
SOSP '93 Proceedings of the fourteenth ACM symposium on Operating systems principles
Interface and execution models in the Fluke kernel
OSDI '99 Proceedings of the third symposium on Operating systems design and implementation
EROS: a fast capability system
Proceedings of the seventeenth ACM symposium on Operating systems principles
Reflections on an operating system design
Communications of the ACM
The SawMill multiserver approach
EW 9 Proceedings of the 9th workshop on ACM SIGOPS European workshop: beyond the PC: new challenges for the operating system
Synchronous IPC over transparent monitors
EW 9 Proceedings of the 9th workshop on ACM SIGOPS European workshop: beyond the PC: new challenges for the operating system
Capability-Based Financial Instruments
FC '00 Proceedings of the 4th International Conference on Financial Cryptography
The Multics kernel design project
SOSP '77 Proceedings of the sixth ACM symposium on Operating systems principles
Preventing Denial-of-Service Attacks on a P-Kernel for WebOSes
HOTOS '97 Proceedings of the 6th Workshop on Hot Topics in Operating Systems (HotOS-VI)
Flexible Access Control using IPC Redirection
HOTOS '99 Proceedings of the The Seventh Workshop on Hot Topics in Operating Systems
The measured performance of a fast local IPC
IWOOOS '96 Proceedings of the 5th International Workshop on Object Orientation in Operating Systems (IWOOOS '96)
ACM SIGOPS Operating Systems Review
Verifying the EROS Confinement Mechanism
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
NON-DISCRETIONARY ACCESS CONTROL FOR DECENTRALIZED COMPUTING SYSTEMS
NON-DISCRETIONARY ACCESS CONTROL FOR DECENTRALIZED COMPUTING SYSTEMS
Evolving mach 3.0 to a migrating thread model
WTEC'94 Proceedings of the USENIX Winter 1994 Technical Conference on USENIX Winter 1994 Technical Conference
The pebble component-based operating system
ATEC '99 Proceedings of the annual conference on USENIX Annual Technical Conference
Computer
The KaffeOS Java runtime system
ACM Transactions on Programming Languages and Systems (TOPLAS)
Towards effective user-controlled scheduling for microkernel-based systems
ACM SIGOPS Operating Systems Review
A real-time programmer's tour of general-purpose L4 microkernels
EURASIP Journal on Embedded Systems - Operating System Support for Embedded Real-Time Applications
A real-time programmer's tour of general-purpose L4 microkernels
EURASIP Journal on Embedded Systems - Operating System Support for Embedded Real-Time Applications
A communication mechanism for resource isolation
Proceedings of the Second Workshop on Isolation and Integration in Embedded Systems
The road to trustworthy systems
Proceedings of the fifth ACM workshop on Scalable trusted computing
Proceedings of the Twenty-Fourth ACM Symposium on Operating Systems Principles
ACM SIGOPS 24th Symposium on Operating Systems Principles
From L3 to seL4 what have we learnt in 20 years of L4 microkernels?
Proceedings of the Twenty-Fourth ACM Symposium on Operating Systems Principles
Hi-index | 0.00 |
Recent advances in interprocess communication (IPC)performance have been exclusively based on thread-migratingIPC designs. Thread-migrating designs assumethat IPC interactions are synchronous, and that user-levelexecution will usually resume with the invoked process(modulo preemption). This IPC design approach offersshorter instruction path lengths, requires fewer locks, hassmaller instruction and data cache footprints, dramaticallyreduces TLB overheads, and consequently offershigher performance and lower timing variance than previousIPC designs. With care, it can be performed as anatomic unit of operation.While the performance of thread-migrating IPC hasbeen examined in detail, the vulnerabilities implicit insynchronous IPC designs have not been examined indepth in the archival literature, and their implications forIPC design have been actively misunderstood in at leastone recent publication. In addition to performance, asound IPC design must address concerns of asymmetrictrust and reproducibility and provide support for dynamicpayload lengths. Previous IPC designs, including thoseof EROS, Mach, L4, Flask, and Pebble, satisfy only two ofthese three requirements.In this paper, we show how these three design objectivescan be met simultaneously. We identify the conflictof requirements and illustrate how their collision arisesin two well-documented IPC architectures: L4 and EROS.We then show how all three design objectives are simultaneouslymet in the next generation EROS IPC system.