OT: Can We Make OSes Reliable and Secure
Robert Brockway
rbrockway-wgAaPJgzrDxH4x6Dk/4f9A at public.gmane.org
Fri Jun 2 17:39:00 UTC 2006
On Fri, 2 Jun 2006, Sy Ali wrote:
> Good article, but that is the uglyest URL I've ever seen.
Yes it is a good article. I don't agree with everything he said. For one
thing I don't think that microkernels were dismissed as unacceptable at
all (and it seems an odd thing for Mr Tannenbaum to say actually).
Microkernels have been relegated to the sidelines out of a desire for
"more speed" "more speed". Almost every research OS out there is based on
a microkernel.
I've long disagreed with the notion that a microkernel has inherently
harder to develop. Certainly more up front planning is required but with a
well thought out and flexible structure and message passing mechanism
development of the OS subsystems should actually move as quickly (if note
more quickly) than in a monolithic kernel thanks in part to the well
defined interfaces present. Monolithic kernels are high susceptible to
unintentional breakage. How many times have we seen this on Linux[1].
Yes there is a performance hit. Research consistently shows the
performance hit to be <10% on a well built system. Given the increased
relibility (both in terms of the system staying up, and in terms of
correctness of code) this is well worth it IMHO.
I for one would be very disapppointed if all of the OSes we use today were
not relegated to history by 2025. We know how to build better systems -
we should go and do it. Mind you there is no need to give up all our
lovely applications. A future microkernel can easily create an instance
in which Linux apps can run at native speed. Indeed such things exist now
in terms of virtualisation and a POSIX interface is a required component
of any serious microkernel system.
[1] Now was it 2.4.15 where a filesystem patch broke the buffer-cache
resulting in filesystem corruption if you did not properly unmount before
system halt? Such a problem cannot occur between (for example) the
filesystem code and buffer-cache in a microkernel any post than sshd can
take down your web server now (ie, if it manages to do it, it is only
because the system allowed the behaviour).
Rob
--
Robert Brockway B.Sc. Phone: +1-905-821-2327
Senior Technical Consultant Urgent Support: +1-416-669-3073
OpenTrend Solutions Ltd Email: support-wgAaPJgzrDxH4x6Dk/4f9A at public.gmane.org
Web: www.opentrend.net
We are open 24x365 for technical support. Call us in a crisis.
--
The Toronto Linux Users Group. Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml
More information about the Legacy
mailing list