From: "Warren W. Gay VE3WWG" <ve3wwg@NoSpam.cogeco.ca>
Subject: Re: For the AdaOS folks
Date: Thu, 30 Dec 2004 08:58:23 -0500
Date: 2004-12-30T08:58:23-05:00 [thread overview]
Message-ID: <1PTAd.1218$0y4.421@read1.cgocable.net> (raw)
In-Reply-To: <gemini.i9ih0y000ys1c02s4.nick.roberts@acm.org>
Nick Roberts wrote:
> Wes Groleau <groleau+news@freeshell.org> wrote:
>>or anyone else with similar ambitions.
>>
>>Read "Kill the operating System" page 32 of September 2003 Technology
>>Review
>>
>>Not a prescription, but something to think about.
...
> One of the reasons, perhaps the biggest reason, why I decided on using a
> microkernel was for security. I read the 'orange book' (the TCSEC) and
> others which described how the world of computer science (especially within
> governemntal and military sectors in the USA and the UK) foresaw the
> evolution of computer technology. Remember that this is early 1990s, before
> the domination of Microsoft. The overwhelming consensus was on a microkernel
> based design, because this allowed the 'trusted computing base' (TCB) -- the
> part of the overall system's software that had to be trusted not to subvert
> security -- to be minimised.
Its too bad that the L4 microkernel is not very secure yet. Apparently,
they are trying to fix that in L4ng, but it appears that they got so
focused on efficiency that they didn't get security. The efficiency of
L4 otherwise makes it very attractive. The following link describes
some of the things that they are looking at in L4ng :
http://i30www.ira.uka.de/teaching/coursedocuments/105/l4ng-apr28.pdf
It still seems unnecessarily more complex than the Mach port approach.
And of course, and Ada microkernel would be better by definition ;-)
I also don't like the way that L4 ties communications to threads. The
Mach approach is much easier to work with, with its single receiver
and multiple send and send-once rights.
> The consensus was also on a 'fully distributed' system -- a network of
> computers (always termed 'workstations' regardless of whether they had
> screens, keyboards, etc.) that operated exactly like a single big computer,
> from the point of view of normal users -- and so AdaOS is a
> microkernel-based, fully distributed design.
I've been mulling this over myself. Unfortunately, as soon as you say
that all computers must work together, you introduce all sorts of
problems and overheads. Endianness and page size are two issues,
between two computers. I have been wondering if this shouldn't be
tiered:
1. Clustered systems with all the same endianness and page size
2. "Networked Clusters" of #1 groupings
In this way, it would be efficiently possible to cluster similar
equipment, and yet still provide "one-ness" in the different
computer cases, with the necessary overhead and complexity. This
would also permit a tiered development approach.
> However, I intend to design the microkernel so that it compromises on
> minimality (unlike some other microkernel designs)
Yes. Mach is too fat. They shouldn't have included device drivers
for example.
> to achieve reasonable
> efficiency (whilst removing much of unnecessary detritus that bogged down
> experimental microkernels), and I intend to ensure that administrative
> division of the network is fully supported, as well as network partioning
> robustness (if some workstations go down, the rest still work).
I wonder if networking really belongs in the microkernel. This is
necessary for example if like Mach, you say that ports can speak
to other Mach machines on the network/cluster.
However, you might want to take the tact that networking is done
outside of the microkernel. This way, in situations where you don't
want networking (embedded systems), it need not be there. Leave the
networking up to the user of the microkernel. This would be my
preference anyway. It also leaves it up to the OS designer what
type of networking will be supported.
Reading below, perhaps you are speaking collectively for AdaOS, for
microkernel and OS.
> For a very long time, IBM mainframes have supported (very efficient)
> programmatic access to a system database, as an alternative to file-based
> data storage. I would like provide both forms of storage in AdaOS, in
> addition to 'persistent objects' in some form.
I always get scoffed at for suggesting this, and I have no love for M$,
but the one idea they have had, which is useful, is the registry. I
think there are better ways of doing this however, but the general idea
is good. You can see that GNOME and Mozilla both use it, so it obviously
satisfies a need. I think any OS today that is going to support point
and click administration, is going to need some sort of a registry,
even if it is just layering it on a RieserFS.
--
Warren W. Gay VE3WWG
http://home.cogeco.ca/~ve3wwg
next prev parent reply other threads:[~2004-12-30 13:58 UTC|newest]
Thread overview: 80+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-12-27 5:09 For the AdaOS folks Wes Groleau
2004-12-27 10:56 ` Florian Weimer
2004-12-27 12:50 ` Georg Bauhaus
2004-12-27 13:12 ` Florian Weimer
2004-12-28 1:18 ` Wes Groleau
2004-12-27 13:46 ` Adrien Plisson
2004-12-27 16:28 ` Georg Bauhaus
2004-12-28 6:19 ` Microkernels & Ada (Was for the AdaOS folks) Warren W. Gay VE3WWG
2004-12-28 12:02 ` Adrien Plisson
2004-12-28 15:28 ` Warren W. Gay VE3WWG
2004-12-30 1:19 ` For the AdaOS folks Nick Roberts
2004-12-30 13:58 ` Warren W. Gay VE3WWG [this message]
2004-12-30 15:27 ` Dmitry A. Kazakov
2004-12-30 16:30 ` Warren W. Gay VE3WWG
[not found] ` <otb8t09dkjh54e1k5s5ccn23ggkqk6ndui@4ax.com>
2004-12-30 19:06 ` OT: Mach Ports (For the AdaOS folks) Warren W. Gay VE3WWG
2004-12-31 10:03 ` For the AdaOS folks Dmitry A. Kazakov
2004-12-31 11:30 ` Warren W. Gay VE3WWG
2004-12-31 12:31 ` Dmitry A. Kazakov
2004-12-31 16:24 ` Warren W. Gay VE3WWG
2004-12-31 17:57 ` Marven Lee
2004-12-31 18:40 ` Warren W. Gay VE3WWG
2004-12-31 19:22 ` Warren W. Gay VE3WWG
2005-01-02 15:09 ` Marven Lee
2005-01-02 20:06 ` Luke A. Guest
2005-01-03 3:13 ` Warren W. Gay VE3WWG
2005-01-03 6:40 ` Luke A. Guest
2005-01-03 10:30 ` Marven Lee
2005-01-03 15:52 ` Warren W. Gay VE3WWG
2005-01-03 16:48 ` Ad Buijsen
2005-01-03 18:49 ` Warren W. Gay VE3WWG
2005-01-03 13:43 ` Marven Lee
2005-01-04 23:36 ` Nick Roberts
2005-01-03 16:22 ` Warren W. Gay VE3WWG
2005-01-04 23:16 ` Nick Roberts
2005-01-05 3:48 ` Warren W. Gay VE3WWG
2005-01-05 13:14 ` Nick Roberts
2005-01-01 12:53 ` Dmitry A. Kazakov
2005-01-02 0:31 ` Warren W. Gay VE3WWG
2005-01-02 11:50 ` Dmitry A. Kazakov
2005-01-02 22:04 ` Warren W. Gay VE3WWG
2005-01-03 10:30 ` Dmitry A. Kazakov
2005-01-03 16:36 ` Warren W. Gay VE3WWG
2005-01-03 17:05 ` Dmitry A. Kazakov
2005-01-03 19:01 ` Warren W. Gay VE3WWG
2005-01-03 19:55 ` Dmitry A. Kazakov
2005-01-03 20:44 ` Warren W. Gay VE3WWG
2005-01-04 0:02 ` Randy Brukardt
2005-01-04 17:44 ` Warren W. Gay VE3WWG
2005-01-04 20:14 ` Nick Roberts
2005-01-04 9:59 ` Dmitry A. Kazakov
2005-01-04 18:00 ` Warren W. Gay VE3WWG
2005-01-04 19:07 ` Dmitry A. Kazakov
2005-01-04 19:57 ` Warren W. Gay VE3WWG
2005-01-05 0:02 ` Nick Roberts
2005-01-05 4:37 ` Warren W. Gay VE3WWG
2005-01-05 18:54 ` Nick Roberts
2005-01-05 20:04 ` Warren W. Gay VE3WWG
2005-01-06 0:32 ` Nick Roberts
2005-01-06 1:29 ` Wes Groleau
2005-01-06 11:03 ` Dmitry A. Kazakov
2005-01-05 9:39 ` Dmitry A. Kazakov
2005-01-05 11:20 ` Warren W. Gay VE3WWG
2005-01-05 12:18 ` Dmitry A. Kazakov
2005-01-05 14:39 ` Warren W. Gay VE3WWG
2005-01-05 17:16 ` zest_fien
2005-01-05 19:44 ` Larry Kilgallen
2005-01-04 20:09 ` Nick Roberts
2005-01-05 10:19 ` Dmitry A. Kazakov
2005-01-05 18:33 ` Nick Roberts
2005-01-05 20:15 ` Dmitry A. Kazakov
2004-12-31 18:47 ` Nick Roberts
2004-12-31 20:36 ` Warren W. Gay VE3WWG
2005-01-04 18:22 ` Nick Roberts
2005-01-05 5:12 ` Warren W. Gay VE3WWG
2005-01-05 18:02 ` Nick Roberts
2005-01-05 19:55 ` Warren W. Gay VE3WWG
2005-01-06 0:57 ` Nick Roberts
2005-01-06 2:34 ` Warren W. Gay VE3WWG
-- strict thread matches above, loose matches on Subject: below --
2005-01-05 12:14 Mike Brenner
2005-01-05 18:04 ` Warren W. Gay VE3WWG
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox