Menu
Home
People
Places
Arts
History
Plants & Animals
Science
Life & Culture
Technology
Reference.org
Exokernel
open-in-new
<h2 id="motivation">Motivation</h2> <p>Traditionally, kernel designers have sought to make individual hardware resources invisible to application programs by requiring the programs to interact with the hardware via some abstraction model. These models include file systems for disk storage, <a href="/facts/Virtual_address_space/ILxbMjgv">virtual address spaces</a> for memory, <a href="/facts/Scheduling_(computing)/XptmcM1a">schedulers</a> for task management, and <a href="/facts/Berkeley_sockets/edRVDP8C">sockets</a> for network communication. These abstractions of the hardware make it easier to write programs in general, but limit performance and stifle experimentation in new abstractions. A security-oriented application might need a file system that does not leave old data on the disk, while a reliability-oriented application might need a file system that keeps such data for failure recovery. </p><p>One option is to remove the kernel completely and program directly to the hardware, but then the entire machine would be dedicated to the application being written (and, conversely, the entire application codebase would be dedicated to that machine). The exokernel concept is a compromise: let the kernel allocate the basic physical resources of the machine (e.g. <a href="/facts/Computer_disk/hnsXRb5X">disk</a> blocks, <a href="/facts/Memory_page/CNGruG1H">memory pages</a>, and processor time) to multiple application programs, and let each program decide what to do with these resources. The program can then link to a support library that implements the abstractions it needs (or it can implement its own). </p> <h2 id="mit-exokernels">MIT exokernels</h2> <p>MIT developed two exokernel-based operating systems, using two kernels: Aegis, a proof of concept with limited support for storage, and XOK, which applied the exokernel concept more thoroughly. </p><p>An essential idea of the MIT exokernel system is that the operating system should act as an executive for small programs provided by the application software, which are constrained only by the requirement that the exokernel must be able to guarantee that they use the hardware safely. </p> <h3>Design</h3> <p>The MIT exokernel manages hardware resources as follows: </p> Processor The kernel represents the processor resources as a timeline from which programs can allocate intervals of time. A program can yield the rest of its time slice to another designated program. The kernel notifies programs of processor events, such as <a href="/facts/Interrupt/Mm6C4rpc">interrupts</a>, <a href="/facts/Exception_handling/VrJxgb9r">hardware exceptions</a>, and the beginning or end of a time slice. If a program takes a long time to handle an event, the kernel will penalize it on subsequent time slice allocations; in extreme cases the kernel can abort the program. Memory The kernel allocates physical memory pages to programs and controls the <a href="/facts/Translation_lookaside_buffer/vvwGkfvD">translation lookaside buffer</a>. A program can share a page with another program by sending it a <i><a href="/facts/Capability-based_security/negzSwhS">capability</a></i> to access that page. The kernel ensures that programs access only pages for which they have a capability. Disk storage The kernel identifies disk blocks to the application program by their physical block address, allowing the application to optimize data placement. When the program initializes its use of the disk, it provides the kernel with a function that the kernel can use to determine which blocks the program controls. The kernel uses this callback to verify that when it allocates a new block, the program claims only the block that was allocated in addition to those it already controlled. Networking The kernel implements a programmable <a href="/facts/Packet_filter/Et2RkJaU">packet filter</a>, which executes programs in a <a href="/facts/Bytecode/EPkMFR7M">bytecode</a> language designed for easy security-checking by the kernel. <h3>Applications</h3> <p>The available library operating systems for the exokernel include the custom ExOS system and an emulator for <a href="/facts/Berkeley_Software_Distribution/XQKcURrh">BSD</a>. In addition to these, the exokernel team created the Cheetah <a href="/facts/Web_server/A4GS6thA">web server</a>, which uses the kernel directly. </p> <h2 id="history">History</h2> <p>The exokernel concept has been around since at least 1994,<a class="footnote-ref" id="fnref:3" href="#fn:3"><sup>3</sup></a> but as of 2024<a href="https://en.wikipedia.org/w/index.php?title=Exokernel&action=edit">[update]</a> exokernels are still a research effort and have not been used in any major commercial operating systems. </p><p>Another concept operating exokernel system is <a href="/facts/Nemesis_(operating_system)/THEwt0Q7">Nemesis</a>, written by <a href="/facts/University_of_Cambridge/0la7aX9o">University of Cambridge</a>, <a href="/facts/University_of_Glasgow/D0XAYMtq">University of Glasgow</a>, <a href="/facts/Citrix_Systems/XffnyLER">Citrix Systems</a>, and the <a href="/facts/Swedish_Institute_of_Computer_Science/ulHGruNN">Swedish Institute of Computer Science</a>. <a href="/facts/Massachusetts_Institute_of_Technology/Xk49vNA8">MIT</a> has also built several exokernel-based systems, including ExOS. </p> <h2 id="see-also">See also</h2> <ul><li><a href="/facts/Hybrid_kernel/90UMyu5A">Hybrid kernel</a></li> <li><a href="/facts/Hypervisor/3gX9fKlH">Hypervisor</a></li> <li><a href="/facts/Kernel_(operating_system)/uEj4U3Rz">Kernel (operating system)</a></li> <li><a href="/facts/Microkernel/wsaWtYCU">Microkernel</a></li> <li><a href="/facts/Monolithic_kernel/33kvBcT9">Monolithic kernel</a></li> <li><a href="/facts/Nanokernel/wsaWtYCU">Nanokernel</a></li> <li><a href="/facts/Paravirtualization/5MMXo72C">Paravirtualization</a></li> <li><a href="/facts/Rump_kernel/nGhJM0Wm">Rump kernel</a></li> <li><a href="/facts/Single_address_space_operating_system/kDx1IyWw">Single address space operating system</a> (SASOS)</li> <li><a href="/facts/Unikernel/WebRwRRY">Unikernel</a></li> <li><a href="/facts/BareMetal/PsPaQ7pL">BareMetal</a></li></ul> <h2 id="bibliography">Bibliography</h2> <ul><li>Engler, Dawson R (1998). <a href="http://pdos.csail.mit.edu/exo/theses/engler/thesis.ps">"The Exokernel Operating System Architecture"</a> (PostScript). MIT. Retrieved 2006-09-22. {{cite journal}}: Cite journal requires |journal= (help)</li> <li>———; <a href="/facts/Frans_Kaashoek/Uj5hT1xe">Kaashoek, M. Frans</a> (1996). <a href="http://pdos.csail.mit.edu/papers/hotos-jeremiad.ps">"Exterminate All Operating System Abstractions"</a> (PostScript). MIT. Retrieved 2006-09-22. {{cite journal}}: Cite journal requires |journal= (help)</li> <li>———; <a href="/facts/Frans_Kaashoek/Uj5hT1xe">Kaashoek, M. Frans</a>; O’Toole, James Jr (1995). <a href="http://dl.acm.org/citation.cfm?id=224076">"Exokernel"</a> (PDF). <i>Proceedings of the fifteenth ACM symposium on Operating systems principles - SOSP '95</i>. Vol. 29. pp. 251–66. <a href="/facts/Doi_(identifier)/muM9Etpq">doi</a>:<a href="https://doi.org/10.1145%2F224056.224076">10.1145/224056.224076</a>. <a href="/facts/ISBN_(identifier)/15AdSPa9">ISBN</a> 978-0-89791-715-5. <a href="/facts/S2CID_(identifier)/ldJsHa2Y">S2CID</a> <a href="https://api.semanticscholar.org/CorpusID:221932539">221932539</a>. Retrieved 2014-10-08.</li></ul> <h2 id="external-links">External links</h2> <ul><li>Erlingsson, Úlfar; Kyparlis, Athanasios, <a href="http://www.cs.cornell.edu/home/ulfar/ukernel/ukernel.html#current-exo"><i>Microkernels</i></a>, Cornell, The extent to which simple, efficient operations are a good choice in a kernel interface design.</li> <li><a href="http://pdos.csail.mit.edu/exo/"><i>Exokernel Operating System</i></a>, MIT. A research exokernel.</li> <li><a href="https://www.cl.cam.ac.uk/research/srg/netos/projects/archive/nemesis/"><i>Nemesis</i></a>, <a href="/facts/United_Kingdom/kuPAILt2">UK</a>: Cambridge. A research exokernel.</li> <li><a href="https://web.archive.org/web/20140906120230/http://www.returninfinity.com/baremetal.html"><i>BareMetal OS</i></a>, Return Infinity, archived from <a href="http://www.returninfinity.com/baremetal.html">the original</a> on 2014-09-06. A commercial exokernel.</li> <li><a href="https://web.archive.org/web/20190728135329/http://xomb.net/"><i>XOmB</i></a>, archived from <a href="http://xomb.net/">the original</a> on 2019-07-28, retrieved 2013-05-13. A research exokernel.</li> <li><a href="https://github.com/remysaissy/examour-exokernel"><i>ExAmour</i></a>, <a href="/facts/Paris%2c_France/DrNHpwnA">FR</a>. The <a href="/facts/GNU/HlAKKBdt">GNU</a> exokernel.</li></ul> <h2 id="references">References</h2> <ol> <li id="fn:1"><p>"MIT Exokernel Operating System". pdos.csail.mit.edu. Retrieved 2018-01-25. <a href="https://pdos.csail.mit.edu/archive/exo/" target="_blank">https://pdos.csail.mit.edu/archive/exo/</a> <a href="#fnref:1" class="footnote-back-ref">↩</a></p></li> <li id="fn:2"><p>Engler, D. R.; Kaashoek, M. F.; O'Toole Jr., J.; Engler, D. R.; Kaashoek, M. F.; O'Toole Jr., J. (1995-12-03). "Exokernel: an operating system architecture for application-level resource management". ACM SIGOPS Operating Systems Review. 29 (5): 251, 251–266, 266. doi:10.1145/224056.224076. ISSN 0163-5980. S2CID 221932539. <a href="/wiki/Doi_(identifier)" target="_blank">/wiki/Doi_(identifier)</a> <a href="#fnref:2" class="footnote-back-ref">↩</a></p></li> <li id="fn:3"><p>Engler, Kaashoek & O’Toole 1995. - ———; Kaashoek, M. Frans; O’Toole, James Jr (1995). "Exokernel" (PDF). Proceedings of the fifteenth ACM symposium on Operating systems principles - SOSP '95. Vol. 29. pp. 251–66. doi:10.1145/224056.224076. ISBN 978-0-89791-715-5. S2CID 221932539. Retrieved 2014-10-08. <a href="http://dl.acm.org/citation.cfm?id=224076" target="_blank">http://dl.acm.org/citation.cfm?id=224076</a> <a href="#fnref:3" class="footnote-back-ref">↩</a></p></li> </ol>