From: Prasanna Kumar Jayapal (prasak_at_winse.microsoft.com)
Date: Wed Jan 21 2004 - 13:49:34 PST
This paper ("Sharing and Protection in a Single-Address-Space Operating
System) describes the architecture and approach used in the Opal OS.
Opal is designed to use 64 bit addressing and its key feature is to have
a single virtual address space in which all the process runs. This helps
in improving the performance and reliability. The data sharing
mechanisms across different processes is also simplified and enhanced.
Opal uses segments for storage allocation and protection, very similar
to what we saw in the other architectures and threads are the units of
execution. A group of threads run under a protection domain, which
sounds more like the process to me. The storage allocation, protection
and reclamation are course-grained and reclamation is based on resource
groups and reference objects. Protection in Opal is based on password
capability. Opal is built on Mach for expediency and to allow Unix to
co-exist. The authors claim that they lose some performance due to Mach,
because Opal hasn't been optimized yet.
Most of the Operating systems that I have come across so far give more
emphasis to Protection and Security. But this was a new idea to me and
was very interesting to read through. Although shared memory systems are
common, they are not generally considered safe. But, Opal provides both
the protection of a separate-process
operating system, and the convenience of a shared memory system through
the use of capabilities.
The authors also talk about the Boeing's CAD system, how it uses Opal
and the advantages of this. Although all the details were not very clear
to me, but it was nice to see an application of this OS. In the end, the
paper describes the issues with this approach which I felt was very
insightful. Especially, I felt that contiguity not being guaranteed and
the data copying issues for pointer based structures are the main
issues.
Overall, I find this approach appealing. It allows much easier
interaction between different programs with its single address approach
and also as a nice protection scheme in terms of the protected domains.
But I kind of feel that this OS would be more helpful to applications
that mainly use the shared memory approach.
This archive was generated by hypermail 2.1.6 : Wed Jan 21 2004 - 13:49:32 PST