Microkernel goes general: performance and compatibility in the HongMeng production microkernel
AUTHORs: 
Haibo Chen, Xie Miao, Ning Jia, Nan Wang, Yu Li, Nian Liu, Yutao Liu, Fei Wang, Qiang Huang, Kun Li, Hongyang Yang, Hui Wang, Jie Yin, Yu Peng, Fengwei XuAuthors Info & Claims
Article No.: 25, Pages 465 - 485
Abstract
The virtues of security, reliability, and extensibility have made state-of-the-art microkernels prevalent in embedded and safety-critical scenarios. However, they face performance and compatibility issues when targeting more general scenarios, such as smartphones and smart vehicles.
This paper presents the design and implementation of Hong-Meng kernel (HM), a commercialized general-purpose microkernel that preserves most of the virtues of microkernels while addressing the above challenges. For the sake of commercial practicality, we design HM to be compatible with the Linux API and ABI to reuse its rich applications and driver ecosystems. To make it performant despite the constraints of compatibility and being general-purpose, we reexamine the traditional microkernel wisdom, including IPC, capability-based access control, and userspace paging, and retrofit them accordingly. Specifically, we argue that per-invocation IPC is not the only concern for performance, but IPC frequency, state double bookkeeping among OS services, and capabilities that hide kernel objects contribute to significant performance degradation. We mitigate them accordingly with a set of techniques, including differentiated isolation classes, flexible composition, policy-free kernel paging, and address-token-based access control.
HM consists of a minimal core kernel and a set of least-privileged OS services, and it can run complex frameworks like AOSP and OpenHarmony. HM has been deployed in production on tens of millions of devices in emerging scenarios, including smart routers, smart vehicles and smartphones, typically with improved performance and security over their Linux counterparts.
References
[1]
Real time Linux. https://wiki.linuxfoundation.org/realtime/start. Accessed 16 April 2024.
[2]
J. Appavoo, M. Auslander, M. Butrico, D. M. da Silva, O. Krieger, M. F. Mergen, M. Ostrowski, B. Rosenburg, R. W. Wisniewski, and J. Xenidis. Experience with K42, an Open-Source, Linux-Compatible, Scalable Operating-System Kernel. IBM Syst. J., 44(2):427-440, jan 2005.
[3]
Jonathan Appavoo, Marc Auslander, Dilma DaSilva, David Edelsohn, Orran Krieger, Michal Ostrowski, Bryan Rosenburg, R Wisniewski, and Jimi Xenidis. Utilizing Linux kernel components in K42. Technical report, Technical report, IBM Watson Research, 2002.
[4]
Apple. XNU Project. https://github.com/apple-oss-distributions/xnu. Accessed 16 April 2024.
[5]
ARM. System MMU Support. https://developer.arm.com/Architectures/System%20MMU%20Support. Accessed 16 April 2024.
[6]
Vaggelis Atlidakis, Jeremy Andrus, Roxana Geambasu, Dimitris Mitropoulos, and Jason Nieh. POSIX Abstractions in Modern Operating Systems: The Old, the New, and the Missing. In Proceedings of the Eleventh European Conference on Computer Systems, EuroSys '16, New York, NY, USA, 2016. Association for Computing Machinery.
[7]
AUTOSAR. Adaptive Platform. https://www.autosar.org/standards/adaptive-platform. Accessed 16 April 2024.
[8]
Andrew Baumann, Jonathan Appavoo, Orran Krieger, and Timothy Roscoe. A Fork() in the Road. In Proceedings of the Workshop on Hot Topics in Operating Systems, HotOS '19, page 14-22, New York, NY, USA, 2019. Association for Computing Machinery.
[9]
Andrew Baumann, Paul Barham, Pierre-Evariste Dagand, Tim Harris, Rebecca Isaacs, Simon Peter, Timothy Roscoe, Adrian Schüpbach, and Akhilesh Singhania. The Multikernel: A New OS Architecture for Scalable Multicore Systems. In Proceedings of the ACM SIGOPS 22nd Symposium on Operating Systems Principles, SOSP '09, page 29-44, New York, NY, USA, 2009. Association for Computing Machinery.
[10]
B. Bershad, T. Anderson, E. Lazowska, and H. Levy. Lightweight remote procedure call. In Proceedings of the Twelfth ACM Symposium on Operating Systems Principles, SOSP '89, page 102-113, New York, NY, USA, 1989. Association for Computing Machinery.
[11]
B. N. Bershad, S. Savage, P. Pardyak, E. G. Sirer, M. E. Fiuczynski, D. Becker, C. Chambers, and S. Eggers. Extensibility Safety and Performance in the SPIN Operating System. SIGOPS Oper. Syst. Rev., 29(5):267-283, dec 1995.
[12]
Simon Biggs, Damon Lee, and Gernot Heiser. The Jury Is In: Monolithic OS Design Is Flawed: Microkernel-based Designs Improve Security. In Proceedings of the 9th Asia-Pacific Workshop on Systems, APSys '18, New York, NY, USA, 2018. Association for Computing Machinery.
[13]
BlackBerry. BlackBerry QNX: Real-Time OS and Software for Embedded Systems. https://blackberry.qnx.com/en. Accessed 16 April 2024.
[14]
BlackBerry. Meet the Power Behind the BlackBerry Tablet OS. https://www.qnx.com/company/announcements/blackberry_tablet_os.html. Accessed 16 April 2024.
[15]
BlackBerry. BlackBerry OS End of Life. https://www.blackberry.com/us/en/support/devices/end-of-life, 2020.
[16]
Kevin Boos, Namitha Liyanage, Ramla Ijaz, and Lin Zhong. Theseus: an Experiment in Operating System Structure and State Management. In 14th USENIX Symposium on Operating Systems Design and Implementation, OSDI 2020, Virtual Event, November 4-6, 2020, pages 1-19. USENIX Association, 2020.
[17]
Edouard Bugnion, Scott Devine, Kinshuk Govil, and Mendel Rosenblum. Disco: Running commodity operating systems on scalable multiprocessors. ACM Transactions on Computer Systems (TOCS), 15(4):412- 447, 1997.
[18]
Anton Burtsev, Vikram Narayanan, Yongzhe Huang, Kaiming Huang, Gang Tan, and Trent Jaeger. Evolving Operating System Kernels Towards Secure Kernel-Driver Interfaces. In Malte Schwarzkopf, Andrew Baumann, and Natacha Crooks, editors, Proceedings of the 19th Workshop on Hot Topics in Operating Systems, HOTOS 2023, Providence, RI, USA, June 22-24, 2023, pages 166-173. ACM, 2023.
[19]
Haogang Chen, Yandong Mao, Xi Wang, Dong Zhou, Nickolai Zeldovich, and M. Frans Kaashoek. Linux kernel vulnerabilities: state-of-the-art defenses and open problems. In Haibo Chen, Zheng Zhang, Sue Moon, and Yuanyuan Zhou, editors, APSys '11 Asia Pacific Workshop on Systems, Shanghai, China, July 11-12, 2011, page 5. ACM, 2011.
[20]
Yonghun Choi, Seonghoon Park, and Hojung Cha. Graphics-Aware Power Governing for Mobile Devices. In Proceedings of the 17th Annual International Conference on Mobile Systems, Applications, and Services, MobiSys '19, page 469-481, New York, NY, USA, 2019. Association for Computing Machinery.
[21]
Yonghun Choi, Seonghoon Park, Seunghyeok Jeon, Rhan Ha, and Hojung Cha. Optimizing Energy Consumption of Mobile Games. IEEE Transactions on Mobile Computing, 21(10):3744-3756, 2022.
[22]
CVE. CVE-2021-30769. https://nvd.nist.gov/vuln/detail/CVE-2021-30769. Accessed 16 April 2024.
[23]
CVE. CVE Records. https://cve.mitre.org/. Accessed 16 April 2024.
[24]
CVEdetails. Linux Kernel 2.6 Security Vulnerabilities. https://www.cvedetails.com/vulnerability-list/vendor_id-33/product_id-47/versio n_id-410986/Linux-Linux-Kernel-2.6.html. Accessed 16 April 2024.
[25]
Nathan Dautenhahn, Theodoros Kasampalis, Will Dietz, John Criswell, and Vikram Adve. Nested Kernel: An Operating System Architecture for Intra-Kernel Privilege Separation. In Proceedings of the Twentieth International Conference on Architectural Support for Programming Languages and Operating Systems, ASPLOS '15, page 191-206, New York, NY, USA, 2015. Association for Computing Machinery.
[26]
Jeff Dike. User-mode Linux. In 5th Annual Linux Showcase & Conference (ALS 01), Oakland, CA, November 2001. USENIX Association.
[27]
Björn Döobel. Memory, IPC, and L4Re. https://os.inf.tu-dresden.de/~doebel/downloads/02-MemoryAndIPC.pdf, 2012.
[28]
Dong Du, Zhichao Hua, Yubin Xia, Binyu Zang, and Haibo Chen. XPC: architectural support for secure and efficient cross process call. In Srilatha Bobbie Manne, Hillery C. Hunter, and Erik R. Altman, editors, Proceedings of the 46th International Symposium on Computer Architecture, ISCA 2019, Phoenix, AZ, USA, June 22-26, 2019, pages 671-684. ACM, 2019.
[29]
David Edelsohn. Providing a Linux API on the Scalable K42 Kernel. In 2003 USENIX Annual Technical Conference (USENIX ATC 03), San Antonio, TX, June 2003. USENIX Association.
[30]
Kevin Elphinstone and Gernot Heiser. From L3 to seL4 what have we learnt in 20 years of L4 microkernels? In Michael Kaminsky and Mike Dahlin, editors, ACM SIGOPS 24th Symposium on Operating Systems Principles, SOSP '13, Farmington, PA, USA, November 3-6, 2013, pages 133-150. ACM, 2013.
[31]
Dawson R. Engler, M. Frans Kaashoek, and James W. O'Toole Jr. Exokernel: An Operating System Architecture for Application-Level Resource Management. In Michael B. Jones, editor, Proceedings of the Fifteenth ACM Symposium on Operating System Principles, SOSP 1995, Copper Mountain Resort, Colorado, USA, December 3-6, 1995, pages 251-266. ACM, 1995.
[32]
Bryan Ford, Godmar Back, Greg Benson, Jay Lepreau, Albert Lin, and Olin Shivers. The Flux OSKit: A substrate for kernel and language research. In Proceedings of the sixteenth ACM symposium on Operating systems principles, pages 38-51, 1997.
[33]
Bryan Ford and Jay Lepreau. Evolving Mach 3.0 to A Migrating Thread Model. In USENIX Winter 1994 Technical Conference (USENIX Winter 1994 Technical Conference), San Francisco, CA, January 1994. USENIX Association.
[34]
Free Software Foundation. Frequently Asked Questions about the GNU Licenses. https://www.gnu.org/licenses/gpl-faq.en.html#MereAggregation. Accessed 16 April 2024.
[35]
OpenAtom Foundation. OpenHarmony Project. https://gitee.com/openharmony/docs/blob/master/en/OpenHarmony-Overview.md. Accessed 16 April 2024.
[36]
FreeBSD. Linux emulation in FreeBSD. https://docs.freebsd.org/en/articles/linux-emulation/. Accessed 16 April 2024.
[37]
Google Fuchsia. Zircon Handles. https://fuchsia.dev/fuchsia-src/concepts/kernel/handles. Accessed 16 April 2024.
[38]
Vinod Ganapathy, Matthew J. Renzelmann, Arini Balakrishnan, Michael M. Swift, and Somesh Jha. The design and implementation of microdrivers. In Susan J. Eggers and James R. Larus, editors, Proceedings of the 13th International Conference on Architectural Support for Programming Languages and Operating Systems, ASPLOS 2008, Seattle, WA, USA, March 1-5, 2008, pages 168-178. ACM, 2008.
[39]
Alain Gefflaut, Trent Jaeger, Yoonho Park, Jochen Liedtke, Kevin J. Elphinstone, Volkmar Uhlig, Jonathon E. Tidswell, Luke Deller, and Lars Reuther. The SawMill multiserver approach. In Proceedings of the 9th Workshop on ACM SIGOPS European Workshop: Beyond the PC: New Challenges for the Operating System, EW 9, page 109-114, New York, NY, USA, 2000. Association for Computing Machinery.
[40]
Thomas Gleixner and Ingo Molnar. Linux generic IRQ handling. https://www.kernel.org/doc/html/v4.18/core-api/genericirq.html, 2010.
[41]
Shantanu Goel and Dan Duchamp. Linux Device Driver Emulation in Mach. In USENIX Annual Technical Conference, pages 65-74, 1996.
[42]
Google. Android Open Source Project. https://source.android.com/. Accessed 16 April 2024.
[43]
Google. AOSP Compatibility Test Suite. https://source.android.com/docs/compatibility/cts. Accessed 16 April 2024.
[44]
Google. AOSP Vendor Test Suite (VTS) and infrastructure. https://source.android.com/docs/core/tests/vts. Accessed 16 April 2024.
[45]
Google. App startup time. https://developer.android.com/topic/performance/vitals/launch-time. Accessed 16 April 2024.
[46]
Google. Fuchsia Zircon Kernel. https://fuchsia.dev/fuchsia-src/concepts/kernel?hl=en. Accessed 16 April 2024.
[47]
Google. Fuchsia's libc. https://fuchsia.dev/fuchsia-src/development/languages/c-cpp/libc?hl=en. Accessed 16 April 2024.
[48]
Spyridoula Gravani, Mohammad Hedayati, John Criswell, and Michael L. Scott. Fast Intra-Kernel Isolation and Security with IskiOS. In Proceedings of the 24th International Symposium on Research in Attacks, Intrusions and Defenses, RAID '21, page 119-134, New York, NY, USA, 2021. Association for Computing Machinery.
[49]
Jinyu Gu, Xinyue Wu, Wentai Li, Nian Liu, Zeyu Mi, Yubin Xia, and Haibo Chen. Harmonizing Performance and Isolation in Microkernels with Efficient Intra-kernel Isolation and Communication. In Ada Gavrilovska and Erez Zadok, editors, 2020 USENIX Annual Technical Conference, USENIX ATC 2020, July 15-17, 2020, pages 401-417. USENIX Association, 2020.
[50]
Nikolai Hampton. The working dead: The security risks of outdated Linux kernels. https://www2.computerworld.com.au/article/615338/working-dead-security-risk-dated-linux-kernels/, 2017.
[51]
Nikolai Hampton and Patryk Szewczyk. A survey and method for analysing soho router firmware currency. 2015.
[52]
Gernot Heiser and Ben Leslie. The OKL4 microvisor: convergence point of microkernels and hypervisors. In Chandramohan A. Thekkath, Ramakrishna Kotla, and Lidong Zhou, editors, Proceedings of the 1st ACM SIGCOMM Asia-Pacific Workshop on Systems, ApSys 2010, New Delhi, India, August 30, 2010, pages 19-24. ACM, 2010.
[53]
Jorrit N. Herder, Herbert Bos, Ben Gras, Philip Homburg, and Andrew S. Tanenbaum. MINIX 3: A Highly Reliable, Self-Repairing Operating System. SIGOPS Oper. Syst. Rev., 40(3):80-89, jul 2006.
[54]
Dan Hildebrand. An Architectural Overview of QNX. In USENIX Workshop on Microkernels and Other Kernel Architectures, pages 113-126, 1992.
[55]
Hans J Holberg and Udo Brockmeyer. ISO 26262 compliant verification of functional requirements in the model-based software development process. In White paper. Embedded World Exhibition and Conference, 2011.
[56]
Yongzhe Huang, Vikram Narayanan, David Detweiler, Kaiming Huang, Gang Tan, Trent Jaeger, and Anton Burtsev. KSplit: Automating Device Driver Isolation. In Marcos K. Aguilera and Hakim Weatherspoon, editors, 16th USENIX Symposium on Operating Systems Design and Implementation, OSDI 2022, Carlsbad, CA, USA, July 11-13, 2022, pages 613-631. USENIX Association, 2022.
[57]
Huawei. Kirin9000. https://www.hisilicon.com/en/products/Kirin/Kirin-flagship-chips/Kirin-9000. Accessed 16 April 2024.
[58]
Jack Tigar Humphries, Neel Natu, Ashwin Chaugule, Ofir Weisse, Barret Rhoden, Josh Don, Luigi Rizzo, Oleg Rombakh, Paul Turner, and Christos Kozyrakis. ghOSt: Fast & Flexible User-Space Delegation of Linux Scheduling. In Robbert van Renesse and Nickolai Zeldovich, editors, SOSP '21: ACM SIGOPS 28th Symposium on Operating Systems Principles, Virtual Event / Koblenz, Germany, October 26-29, 2021, pages 588-604. ACM, 2021.
[59]
Galen C. Hunt and James R. Larus. Singularity: Rethinking the Software Stack. SIGOPS Oper. Syst. Rev., 41(2):37-49, apr 2007.
[60]
R Intel. Architecture instruction set extensions and future features programming reference. https://www.intel.com/content/dam/develop/external/us/en/documents/architecture-instruction-set-extensions-programming-reference.pdf, 2021.
[61]
ISO. Road vehicles Functional safety. https://www.iso.org/obp/ui/#iso:std:iso:26262:-3:ed-1:v1:en. Accessed 16 April 2024.
[62]
ISO. ISO/IEC 15408-1:2022: Information security, cybersecurity and privacy protection - Evaluation criteria for IT security. https://ccsp.alukos.com/standards/iso-iec-15408-1-2022/, 2022.
[63]
Jinsoo Jang and Brent ByungHoon Kang. In-process Memory Isolation Using Hardware Watchpoint. In Proceedings of the 56th Annual Design Automation Conference 2019, DAC 2019, Las Vegas, NV, USA, June 02-06, 2019, page 32. ACM, 2019.
[64]
Robert Kaiser and Stephan Wagner. Evolution of the PikeOS microkernel. In First International Workshop on Microkernels for Embedded Systems, volume 50, 2007.
[65]
Antti Kantee et al. Flexible operating system internals: the design and implementation of the anykernel and rump kernels. 2012.
[66]
Antoine Kaufmann, Tim Stamler, Simon Peter, Naveen Kr. Sharma, Arvind Krishnamurthy, and Thomas Anderson. TAS: TCP Acceleration as an OS Service. In Proceedings of the Fourteenth EuroSys Conference 2019, EuroSys '19, New York, NY, USA, 2019. Association for Computing Machinery.
[67]
Gerwin Klein, Kevin Elphinstone, Gernot Heiser, June Andronick, David A. Cock, Philip Derrin, Dhammika Elkaduwe, Kai Engelhardt, Rafal Kolanski, Michael Norrish, Thomas Sewell, Harvey Tuch, and SimonWinwood. seL4: formal verification of an OS kernel. In Jeanna Neefe Matthews and Thomas E. Anderson, editors, Proceedings of the 22nd ACM Symposium on Operating Systems Principles 2009, SOSP 2009, Big Sky, Montana, USA, October 11-14, 2009, pages 207- 220. ACM, 2009.
[68]
Orran Krieger, Marc Auslander, Bryan Rosenburg, Robert W Wisniewski, Jimi Xenidis, Dilma Da Silva, Michal Ostrowski, Jonathan Appavoo, Maria Butrico, Mark Mergen, et al. K42: building a complete operating system. ACM SIGOPS Operating Systems Review, 40(4):133-145, 2006.
[69]
l4re. L4Re Operating System Framework. https: //l4re.org/. Accessed 16 April 2024.
[70]
Adam Lackorzyński, Alexander Warg, Marcus Vö,olp, and Hermann Härtig. Flattening hierarchical scheduling. In Proceedings of the Tenth ACM International Conference on Embedded Software, EMSOFT '12, page 93-102, New York, NY, USA, 2012. Association for Computing Machinery.
[71]
Hugo Lefeuvre, Vlad-Andrei Badoiu, Alexander Jung, Stefan Lucian Teodorescu, Sebastian Rauch, Felipe Huici, Costin Raiciu, and Pierre Olivier. FlexOS: towards flexible OS isolation. In Babak Falsafi, Michael Ferdman, Shan Lu, and Thomas F. Wenisch, editors, ASPLOS '22: 27th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, Lausanne, Switzerland, 28 February 2022 - 4 March 2022, pages 467-482. ACM, 2022.
[72]
Joshua LeVasseur, Volkmar Uhlig, Jan Stoess, and Stefan Götz. Unmodified Device Driver Reuse and Improved System Dependability via Virtual Machines. In OSDI, pages 17-30, 2004.
[73]
Roy Levin, Ellis S. Cohen, William M. Corwin, Fred J. Pollack, and William A. Wulf. Policy/Mechanism Separation in HYDRA. In James C. Browne and Juan Rodriguez-Rosell, editors, Proceedings of the Fifth Symposium on Operating System Principles, SOSP 1975, The University of Texas at Austin, Austin, Texas, USA, November 19-21, 1975, pages 132-140. ACM, 1975.
[74]
Henry M Levy. Capability-based computer systems. Digital Press, 2014.
[75]
Jochen Liedtke. Improving IPC by Kernel Design. In Andrew P. Black and Barbara Liskov, editors, Proceedings of the Fourteenth ACM Symposium on Operating System Principles, SOSP 1993, The Grove Park Inn and Country Club, Asheville, North Carolina, USA, December 5-8, 1993, pages 175-188. ACM, 1993.
[76]
Jochen Liedtke. On micro-Kernel Construction. In Michael B. Jones, editor, Proceedings of the Fifteenth ACM Symposium on Operating System Principles, SOSP 1995, Copper Mountain Resort, Colorado, USA, December 3-6, 1995, pages 237-250. ACM, 1995.
[77]
Hans Liljestrand, Thomas Nyman, Kui Wang, Carlos Chinea Perez, Jan-Erik Ekberg, and N. Asokan. PAC it up: Towards Pointer Integrity using ARM Pointer Authentication. In 28th USENIX Security Symposium (USENIX Security 19), pages 177-194, Santa Clara, CA, August 2019. USENIX Association.
[78]
Jing Liu, Anthony Rebello, Yifan Dai, Chenhao Ye, Sudarsun Kannan, Andrea C. Arpaci-Dusseau, and Remzi H. Arpaci-Dusseau. Scale and Performance in a Filesystem Semi-Microkernel. In Robbert van Renesse and Nickolai Zeldovich, editors, SOSP '21: ACM SIGOPS 28th Symposium on Operating Systems Principles, Virtual Event / Koblenz, Germany, October 26-29, 2021, pages 819-835. ACM, 2021.
[79]
Elton Lum. Study Confirms That Microkernel Is Inherently More Secure. https://blogs.blackberry.com/en/2020/09/study-confirms-that-microkernel-is-inherently-more-secure, 2020.
[80]
Anna Lyons, Kent McLeod, Hesham Almatary, and Gernot Heiser. Scheduling-context capabilities: a principled, light-weight operating-system mechanism for managing time. In Proceedings of the Thirteenth EuroSys Conference, EuroSys '18, New York, NY, USA, 2018. Association for Computing Machinery.
[81]
Anil Madhavapeddy, Richard Mortier, Charalampos Rotsos, David J. Scott, Balraj Singh, Thomas Gazagnaire, Steven Smith, Steven Hand, and Jon Crowcroft. Unikernels: library operating systems for the cloud. In Vivek Sarkar and Rastislav Bodik, editors, Architectural Support for Programming Languages and Operating Systems, ASPLOS 2013, Houston, TX, USA, March 16-20, 2013, pages 461-472. ACM, 2013.
[82]
Linux manual page. VDSO: Virtual Dynamic Shared Object. https://man7.org/linux/man-pages/man7/vdso.7.html. Accessed 16 April 2024.
[83]
Yandong Mao, Haogang Chen, Dong Zhou, Xi Wang, Nickolai Zeldovich, and M. Frans Kaashoek. Software fault isolation with API integrity and multiprincipal modules. In Ted Wobber and Peter Druschel, editors, Proceedings of the 23rd ACM Symposium on Operating Systems Principles 2011, SOSP 2011, Cascais, Portugal, October 23-26, 2011, pages 115-128. ACM, 2011.
[84]
Michael Marty, Marc de Kruijf, Jacob Adriaens, Christopher Alfeld, Sean Bauer, Carlo Contavalli, Mike Dalton, Nandita Dukkipati, William C. Evans, Steve Gribble, Nicholas Kidd, Roman Kononov, Gautam Kumar, Carl Mauer, Emily Musick, Lena Olson, Mike Ryan, Erik Rubow, Kevin Springborn, Paul Turner, Valas Valancius, Xi Wang, and Amin Vahdat. Snap: a Microkernel Approach to Host Networking. In In ACM SIGOPS 27th Symposium on Operating Systems Principles, New York, NY, USA, 2019.
[85]
Larry W. McVoy and Carl Staelin. lmbench: Portable Tools for Performance Analysis. In Proceedings of the USENIX Annual Technical Conference, San Diego, California, USA, January 22-26, 1996, pages 279-294. USENIX Association, 1996.
[86]
Zeyu Mi, Dingji Li, Zihan Yang, Xinran Wang, and Haibo Chen. SkyBridge: Fast and Secure Inter-Process Communication for Microkernels. In Proceedings of the Fourteenth EuroSys Conference 2019, EuroSys '19, New York, NY, USA, 2019. Association for Computing Machinery.
[87]
Microsoft. Windows Subsystem for Linux Documentation. https://learn.microsoft.com/en-us/windows/wsl/. Accessed 16 April 2024.
[88]
Microsoft. MS Windows NT Kernel-mode User and GDI White Paper. https://learn.microsoft.com/en-us/previous-versions/cc750820(v=technet.10), 2014.
[89]
Till Miemietz, Maksym Planeta, and Viktor Laurin Reusch. New Mechanism for Fast System Calls. arXiv preprint arXiv:2112.10106, 2021.
[90]
Vikram Narayanan, Abhiram Balasubramanian, Charlie Jacobsen, Sarah Spall, Scotty Bauer, Michael Quigley, Aftab Hussain, Abdullah Younis, Junjie Shen, Moinak Bhattacharyya, and Anton Burtsev. LXDs: Towards Isolation of Kernel Subsystems. In Dahlia Malkhi and Dan Tsafrir, editors, 2019 USENIX Annual Technical Conference, USENIX ATC 2019, Renton,WA, USA, July 10-12, 2019, pages 269-284. USENIX Association, 2019.
[91]
Vikram Narayanan, Yongzhe Huang, Gang Tan, Trent Jaeger, and Anton Burtsev. Lightweight kernel isolation with virtualization and VM functions. In Santosh Nagarakatte, Andrew Baumann, and Baris Kasikci, editors, VEE '20: 16th ACM SIGPLAN/SIGOPS International Conference on Virtual Execution Environments, virtual event [Lausanne, Switzerland], March 17, 2020, pages 157-171. ACM, 2020.
[92]
Ruslan Nikolaev and Godmar Back. VirtuOS: an operating system with kernel virtualization. In Michael Kaminsky and Mike Dahlin, editors, ACM SIGOPS 24th Symposium on Operating Systems Principles, SOSP '13, Farmington, PA, USA, November 3-6, 2013, pages 116-132. ACM, 2013.
[93]
Amy Ousterhout, Joshua Fried, Jonathan Behrens, Adam Belay, and Hari Balakrishnan. Shenango: Achieving High CPU Efficiency for Latency-sensitive Datacenter Workloads. In 16th USENIX Symposium on Networked Systems Design and Implementation (NSDI 19), pages 361-378, Boston, MA, February 2019. USENIX Association.
[94]
Gabriel Parmer. The case for thread migration: Predictable ipc in a customizable and reliable os. In Proceedings of the Workshop on Operating Systems Platforms for Embedded Real-Time applications (OSPERT 2010), page 91, 2010.
[95]
Roman Penyaev. epoll: make sure all elements in ready list are in FIFO order. https://patchwork.kernel.org/project/linux-fsdevel/patch/[email protected], 2018.
[96]
Simon Peter, Jialin Li, Irene Zhang, Dan R. K. Ports, Doug Woos, Arvind Krishnamurthy, Thomas Anderson, and Timothy Roscoe. Arrakis: The Operating System Is the Control Plane. ACM Trans. Comput. Syst., 33(4), nov 2015.
[97]
Sean Peters, Adrian Danis, Kevin Elphinstone, and Gernot Heiser. For a microkernel, a big lock is fine. In Proceedings of the 6th Asia-Pacific Workshop on Systems, APSys '15, New York, NY, USA, 2015. Association for Computing Machinery.
[98]
Mark Pitchford. Using Linux with critical applications: Like mixing oil and water? https://www.embedded .com/using-linux-with-critical-applicati ons-like-mixing-oil-and-water/, 2021.
[99]
Primate Labs Inc. Geekbench 5 CPU Workloads. https://www.geekbench.com/doc/geekbench5-cpu-workloads.pdf, 2019.
[100]
Sergej Proskurin, Marius Momeu, Seyedhamed Ghavamnia, Vasileios P. Kemerlis, and Michalis Polychronakis. xMP: Selective Memory Protection for Kernel and User Space. In 2020 IEEE Symposium on Security and Privacy, SP 2020, San Francisco, CA, USA, May 18-21, 2020, pages 563-577. IEEE, 2020.
[101]
Octavian Purdila, Lucian Adrian Grijincu, and Nicolae Tapus. LKL: The Linux kernel library. In 9th RoEduNet IEEE International Conference, pages 328-333. IEEE, 2010.
[102]
Ali Raza, Thomas Unger, Matthew Boyd, Eric B Munson, Parul Sohal, Ulrich Drepper, Richard Jones, Daniel Bristot De Oliveira, Larry Woodman, Renato Mancuso, Jonathan Appavoo, and Orran Krieger. Unikernel Linux (UKL). In Proceedings of the Eighteenth European Conference on Computer Systems, EuroSys '23, page 590-605, New York, NY, USA, 2023. Association for Computing Machinery.
[103]
Xiang (Jenny) Ren, Kirk Rodrigues, Luyuan Chen, Camilo Vega, Michael Stumm, and Ding Yuan. An Analysis of Performance Evolution of Linux's Core Operations. In Proceedings of the 27th ACM Symposium on Operating Systems Principles, SOSP '19, page 554-569, New York, NY, USA, 2019. Association for Computing Machinery.
[104]
Timothy Roscoe. It's Time for Operating Systems to Rediscover Hardware. USENIX Association, July 2021.
[105]
Leonid Ryzhyk, Peter Chubb, Ihor Kuz, and Gernot Heiser. Dingo: taming device drivers. In Wolfgang Schroder-Preikschat, John Wilkes, and Rebecca Isaacs, editors, Proceedings of the 2009 EuroSys Conference, Nuremberg, Germany, April 1-3, 2009, pages 275-288. ACM, 2009.
[106]
Leonid Ryzhyk, Peter Chubb, Ihor Kuz, Etienne Le Sueur, and Gernot Heiser. Automatic device driver synthesis with termite. In Jeanna Neefe Matthews and Thomas E. Anderson, editors, Proceedings of the 22nd ACM Symposium on Operating Systems Principles 2009, SOSP 2009, Big Sky, Montana, USA, October 11-14, 2009, pages 73-86. ACM, 2009.
[107]
seL4. seL4 capabilities. https://docs.sel4.syst ems/Tutorials/capabilities.html. Accessed 16 April 2024.
[108]
Arvind Seshadri, Mark Luk, Ning Qu, and Adrian Perrig. SecVisor: a tiny hypervisor to provide lifetime kernel code integrity for commodity OSes. In Thomas C. Bressoud and M. Frans Kaashoek, editors, Proceedings of the 21st ACM Symposium on Operating Systems Principles 2007, SOSP 2007, Stevenson,Washington, USA, October 14-17, 2007, pages 335-350. ACM, 2007.
[109]
Yizhou Shan, Yutong Huang, Yilun Chen, and Yiying Zhang. LegoOS: A Disseminated, Distributed OS for Hardware Resource Disaggregation. In 13th USENIX Symposium on Operating Systems Design and Implementation (OSDI 18), pages 69-87, Carlsbad, CA, October 2018. USENIX Association.
[110]
Anand Lal Shimpi. The BlackBerry PlayBook Review. https://www.anandtech.com/show/4266/blackberry-playbook-review/14, 2011.
[111]
Dilma Da Silva, Orran Krieger, Robert W. Wisniewski, Amos Waterland, David Tam, and Andrew Baumann. K42: An Infrastructure for Operating System Research. SIGOPS Oper. Syst. Rev., 40(2):34-42, apr 2006.
[112]
Michael M. Swift, Brian N. Bershad, and Henry M. Levy. Improving the Reliability of Commodity Operating Systems. SIGOPS Oper. Syst. Rev., 37(5):207-222, oct 2003.
[113]
Sysgo. Open Source and ASIL D Certification - possible? https://www.sysgo.com/blog/article/open-source-and-asil-d-certification-possible, 2018.
[114]
Willy Tarreau. Linux 2.6.32.71 (EOL). https://lwn.net/Articles/679874/, 2016.
[115]
The Linux Kernel documentation. Energy Aware Scheduling. https://docs.kernel.org/scheduler/sched-energy.html, 2019.
[116]
Chia-Che Tsai, Bhushan Jain, Nafees Ahmed Abdul, and Donald E. Porter. A study of modern Linux API usage and compatibility: what to support when you're supporting. In Proceedings of the Eleventh European Conference on Computer Systems, EuroSys '16, New York, NY, USA, 2016. Association for Computing Machinery.
[117]
Johannes vom Dorp and René Helmke. Home Router Security Report 2022. https://www.fkie.fraunhofer.de/content/dam/fkie/de/documents/2022-11-28_HRSR_2022.pdf, 2022.
[118]
Hannes Weisbach, Björn Döbel, and Adam Lackorzynski. Generic user-level PCI drivers. In Proceedings of the 13th Real-Time Linux Workshop., 2011.
[119]
Embedded Linux Wiki. Embedded Linux System Size. https://elinux.org/System_Size. Accessed 16 April 2024.
[120]
Emmett Witchel, Junghwan Rhee, and Krste Asanović. Mondrix: Memory Isolation for Linux Using Mondriaan Memory Protection. In Proceedings of the Twentieth ACM Symposium on Operating Systems Principles, SOSP '05, page 31-44, New York, NY, USA, 2005. Association for Computing Machinery.
[121]
Hyrum Wright. Hyrum's Law. https://www.hyrumslaw.com/, 2012.
[122]
Fangnuo Wu, Mingkai Dong, Gequan Mo, and Haibo Chen. TreeSLS: A Whole-System Persistent Microkernel with Tree-Structured State Checkpoint on NVM. In Proceedings of the 29th Symposium on Operating Systems Principles, SOSP '23, page 1-16, New York, NY, USA, 2023. Association for Computing Machinery.
[123]
Feng Zhou, Jeremy Condit, Zachary R. Anderson, Ilya Bagrak, Robert Ennals, Matthew Harren, George C. Necula, and Eric A. Brewer. SafeDrive: Safe and Recoverable Extensions Using Language-Based Techniques. In Brian N. Bershad and Jeffrey C. Mogul, editors, 7th Symposium on Operating Systems Design and Implementation OSDI'06, November 6-8, Seattle, WA, USA, pages 45-60. USENIX Association, 2006.
Index Terms
- Microkernel goes general: performance and compatibility in the HongMeng production microkernel
Index terms have been assigned to the content through auto-classification.
Recommendations
Design of the Operating System Virtualization on L4 Microkernel
NCM '08: Proceedings of the 2008 Fourth International Conference on Networked Computing and Advanced Information Management - Volume 01The importance of the virtualization in embedded computing area is currently emerging. The virtualization can enhance system flexibility by enabling the concurrent execution of an application OS and a real-time OS (RTOS) on the same processor. L4 ...
Measures to improve security in a microkernel operating system
InfoSecCD '11: Proceedings of the 2011 Information Security Curriculum Development ConferenceAn operating system forms the foundation for all of the user's computer activities. Therefore, it should be trustworthy and function flawlessly. Unfortunately, today's operating systems, such as Windows and Linux, fail to deliver to this ideal, because ...
Towards a scalable microkernel personality for multicore processors
Euro-Par'13: Proceedings of the 19th international conference on Parallel ProcessingWith a steady trend from singe-core to multicore processors, scalability has become a significant design issue for the Operating Systems (OS), as many critical OS functions must be re-designed in order to achieve scalable performance. While numerous ...
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
Copyright © 2024 The USENIX Association.
Sponsors
- Amazon
- ROBLOX
- databricks
- Microsoft
- Meta
Publisher
USENIX Association
United States
Publication History
Published: 10 July 2024
Qualifiers
- Research-article
- Research
- Refereed limited
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 0Total Downloads
- Downloads (Last 12 months)0
- Downloads (Last 6 weeks)0
Reflects downloads up to 21 Jan 2025