Linked by Michael Voigt on Tue 12th Sep 2006 21:07 UTC
OSNews, Generic OSes If you are in Germany, the country of Sauerkraut and Beethoven, and you move far to the east, you might arrive at the town of Dresden. In this city, the Dresden University of Technology (TU Dresden) is located, which's operating systems group has developed a C++ implementation of Jochen Liedtkes well-known L4 -kernel interface. This microkernel, ironically called Fiasco, is the center of all the different projects of the TU Dresden Operating System (TUD:OS) research group.
Permalink for comment 161819
To read all comments associated with this story, please click here.
Two things...
by Morin on Tue 12th Sep 2006 23:10 UTC
Member since:

which are often forgotten about microkernels...

The first one is that in reality, you have to trust more than only the kernel. A bug in the disk driver can very well crash the whole system. Sure, it cannot overwrite data in other processes directly. But it doesn't have to - in fact, other processes *ask* the disk driver to transfer *their* data. Do these OSes check all data from the disk driver for integrity? And how do they make sure that data is written when the driver says so? I can continue the list of possible problems endlessly here.

Lesson #1: Safety, security, stability and similar features are more than isolating processes against each other.

The second issue is that all processes run in parallel. This mixes up the order of events during processing, very much like IP packets get reordered on their way to a remote computer. The results are nondeterministic, and thus unpredictable. The once-so-simple code has to be modified to make it possible to enforce a certain order in actions. This is in sharp contrast to the goals a microkernel tried to achieve: Lots of simple and maintainable modules, glued together to create a working whole.

Lesson #2: If you couple modularity with concurrency, you are begging for problems.

Reply Score: 5