“Operating system design has been somewhat stagnant since, well, ever. Sure, once in a while, you hear of a cool os that some company worked on ten years ago or an interesting prototype that has recently crawled it’s way out of a professor’s underground lab”
There’s probably several a year at a minimum. Almost all are made by CompSci but companies do stuff too (eg Fuchsia). I stopped tracking them since there were too many with a lot of duplicated capabilities (esp cloud stuff). If you liked Singularity, you might find SPIN, J-Kernel, JX, Verve, and ExpressOS interesting.They all use a type-safe language with simpler architecture. High-assurance security mostly went with microkernels and separation kernels with Nizza paper explaining the concept nicely. GenodeOS takes that approach. Finally, there were also high-assurance, browser architectures and OS’s like IBOS that shared a few goals such as portability with Javascript support.
Hope you enjoy some of this stuff as you think about OS design. And welcome to Lobsters! :)
I’m really happy to see someone try their hand at writing an operating system from scratch in Rust that attempts to do something novel in the space and is a little ambitious.
I don’t understand how it’s possible pick three here: “full-native speed”, single address space OS (everything in ring 0) and security. I believe you can only pick two.
I haven’t yet read the whole paper but in the conclusion they say that performance was a non-goal. They “also improved message-passing performance by enabling zero-copy communication through pointer passing”. Although I don’t see why zero-copy IPC can’t be implemented in a more traditional OS design.
The only (performance-related) advantage such design has in my opinion is cheaper context-switching, but I’m not convinced it’s worth it. Time (and benchmarks) will show, I guess.
When communication across processes becomes cheaper than posting a message to a queue belonging to another thread in the same process in a more traditional design, I’d say that that’s quite a monstrous “only” benefit.
I should have drawn your attention to section 2.1 in the original comment, that’s where you original query is addressed. Basically the protection comes from static analysis, a bit like the original Native Client or Java’s bytecode verifier
“Operating system design has been somewhat stagnant since, well, ever. Sure, once in a while, you hear of a cool os that some company worked on ten years ago or an interesting prototype that has recently crawled it’s way out of a professor’s underground lab”
There’s probably several a year at a minimum. Almost all are made by CompSci but companies do stuff too (eg Fuchsia). I stopped tracking them since there were too many with a lot of duplicated capabilities (esp cloud stuff). If you liked Singularity, you might find SPIN, J-Kernel, JX, Verve, and ExpressOS interesting.They all use a type-safe language with simpler architecture. High-assurance security mostly went with microkernels and separation kernels with Nizza paper explaining the concept nicely. GenodeOS takes that approach. Finally, there were also high-assurance, browser architectures and OS’s like IBOS that shared a few goals such as portability with Javascript support.
Hope you enjoy some of this stuff as you think about OS design. And welcome to Lobsters! :)
G’day Nick, Have you looked at redox at all? Also in a similar vein, but in Java and not developed any more I think, is jnode.
Both Redox and Muen separation kernel could be on the list. JNode was neat but I didnt evaluate its security. JX had neat architecture.
Jnode was trying to run legacy x86 software with my very own jpc.
If you like those, check out sanos. It’s an older one with a Windows focus few seem to know about.
I’m really happy to see someone try their hand at writing an operating system from scratch in Rust that attempts to do something novel in the space and is a little ambitious.
If you would like to experiment yourself, and don’t have much OS-writing experience, I found this quite helpful.
This is great and very interesting! We need more people working on stuff that really challanges the status quo. Keep it up!
This sounds awfully familiar.
I don’t understand how it’s possible pick three here: “full-native speed”, single address space OS (everything in ring 0) and security. I believe you can only pick two.
Well, that’s what nebulet is trying to challenge.
https://www.microsoft.com/en-us/research/wp-content/uploads/2016/02/osr2007_rethinkingsoftwarestack.pdf
I haven’t yet read the whole paper but in the conclusion they say that performance was a non-goal. They “also improved message-passing performance by enabling zero-copy communication through pointer passing”. Although I don’t see why zero-copy IPC can’t be implemented in a more traditional OS design.
The only (performance-related) advantage such design has in my opinion is cheaper context-switching, but I’m not convinced it’s worth it. Time (and benchmarks) will show, I guess.
When communication across processes becomes cheaper than posting a message to a queue belonging to another thread in the same process in a more traditional design, I’d say that that’s quite a monstrous “only” benefit.
I should have drawn your attention to section 2.1 in the original comment, that’s where you original query is addressed. Basically the protection comes from static analysis, a bit like the original Native Client or Java’s bytecode verifier