Review of Opal paper - Jeffery Chase et al.

From: Prasanna Kumar Jayapal (prasak_at_winse.microsoft.com)
Date: Wed Jan 21 2004 - 13:49:34 PST

  • Next message: Gang Zhao: "On behalf of David Winkler --Review: Sharing and Protection in a Single-Address-Operating-System"

    This paper ("Sharing and Protection in a Single-Address-Space Operating
    System) describes the architecture and approach used in the Opal OS.
    Opal is designed to use 64 bit addressing and its key feature is to have
    a single virtual address space in which all the process runs. This helps
    in improving the performance and reliability. The data sharing
    mechanisms across different processes is also simplified and enhanced.

    Opal uses segments for storage allocation and protection, very similar
    to what we saw in the other architectures and threads are the units of
    execution. A group of threads run under a protection domain, which
    sounds more like the process to me. The storage allocation, protection
    and reclamation are course-grained and reclamation is based on resource
    groups and reference objects. Protection in Opal is based on password
    capability. Opal is built on Mach for expediency and to allow Unix to
    co-exist. The authors claim that they lose some performance due to Mach,
    because Opal hasn't been optimized yet.

    Most of the Operating systems that I have come across so far give more
    emphasis to Protection and Security. But this was a new idea to me and
    was very interesting to read through. Although shared memory systems are
    common, they are not generally considered safe. But, Opal provides both
    the protection of a separate-process
    operating system, and the convenience of a shared memory system through
    the use of capabilities.

    The authors also talk about the Boeing's CAD system, how it uses Opal
    and the advantages of this. Although all the details were not very clear
    to me, but it was nice to see an application of this OS. In the end, the
    paper describes the issues with this approach which I felt was very
    insightful. Especially, I felt that contiguity not being guaranteed and
    the data copying issues for pointer based structures are the main
    issues.

    Overall, I find this approach appealing. It allows much easier
    interaction between different programs with its single address approach
    and also as a nice protection scheme in terms of the protected domains.
    But I kind of feel that this OS would be more helpful to applications
    that mainly use the shared memory approach.


  • Next message: Gang Zhao: "On behalf of David Winkler --Review: Sharing and Protection in a Single-Address-Operating-System"

    This archive was generated by hypermail 2.1.6 : Wed Jan 21 2004 - 13:49:32 PST