168 lines
13 KiB
HTML
168 lines
13 KiB
HTML
<!-- HTML header for doxygen 1.9.1-->
|
|
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "https://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
|
<html xmlns="http://www.w3.org/1999/xhtml">
|
|
<head>
|
|
<meta http-equiv="Content-Type" content="text/xhtml;charset=UTF-8"/>
|
|
<meta http-equiv="X-UA-Compatible" content="IE=9"/>
|
|
<meta name="generator" content="Doxygen 1.15.0"/>
|
|
<meta name="viewport" content="width=device-width, initial-scale=1"/>
|
|
<title>L4Re Operating System Framework: Introduction</title>
|
|
<link href="tabs.css" rel="stylesheet" type="text/css"/>
|
|
<script type="text/javascript" src="jquery.js"></script>
|
|
<script type="text/javascript" src="dynsections.js"></script>
|
|
<link href="navtree.css" rel="stylesheet" type="text/css"/>
|
|
<script type="text/javascript" src="navtreedata.js"></script>
|
|
<script type="text/javascript" src="navtree.js"></script>
|
|
<script type="text/javascript" src="cookie.js"></script>
|
|
<link href="search/search.css" rel="stylesheet" type="text/css"/>
|
|
<script type="text/javascript" src="search/searchdata.js"></script>
|
|
<script type="text/javascript" src="search/search.js"></script>
|
|
<link href="doxygen.css" rel="stylesheet" type="text/css" />
|
|
<link href="doxygen-awesome.css" rel="stylesheet" type="text/css"/>
|
|
<link href="l4re-awesome.css" rel="stylesheet" type="text/css"/>
|
|
</head>
|
|
<body>
|
|
<div id="top"><!-- do not remove this div, it is closed by doxygen! -->
|
|
<div id="titlearea">
|
|
<table cellspacing="0" cellpadding="0">
|
|
<tbody>
|
|
<tr style="height: 56px;">
|
|
<td id="projectlogo"><img alt="Logo" src="L4Re_rgb_logo_quer_hg_h55.png"/></td>
|
|
<td id="projectalign" style="padding-left: 0.5em;">
|
|
<div id="projectname">L4Re Operating System Framework
|
|
</div>
|
|
<div id="projectbrief">Interface and Usage Documentation</div>
|
|
</td>
|
|
</tr>
|
|
</tbody>
|
|
</table>
|
|
</div>
|
|
<!-- end header part -->
|
|
<!-- Generated by Doxygen 1.15.0 -->
|
|
<script type="text/javascript">
|
|
var searchBox = new SearchBox("searchBox", "search/",'.html');
|
|
</script>
|
|
<script type="text/javascript">
|
|
$(function() { codefold.init(); });
|
|
</script>
|
|
<script type="text/javascript" src="menudata.js"></script>
|
|
<script type="text/javascript" src="menu.js"></script>
|
|
<script type="text/javascript">
|
|
$(function() {
|
|
initMenu('',true,false,'search.php','Search',true);
|
|
$(function() { init_search(); });
|
|
});
|
|
</script>
|
|
<div id="main-nav"></div>
|
|
</div><!-- top -->
|
|
<div id="side-nav" class="ui-resizable side-nav-resizable">
|
|
<div id="nav-tree">
|
|
<div id="nav-tree-contents">
|
|
<div id="nav-sync" class="sync"></div>
|
|
</div>
|
|
</div>
|
|
<div id="splitbar" style="-moz-user-select:none;"
|
|
class="ui-resizable-handle">
|
|
</div>
|
|
</div>
|
|
<script type="text/javascript">
|
|
$(function(){initNavTree('l4re_intro.html','',''); });
|
|
</script>
|
|
<div id="container">
|
|
<div id="doc-content">
|
|
<!-- window showing the filter options -->
|
|
<div id="MSearchSelectWindow"
|
|
onmouseover="return searchBox.OnSearchSelectShow()"
|
|
onmouseout="return searchBox.OnSearchSelectHide()"
|
|
onkeydown="return searchBox.OnSearchSelectKey(event)">
|
|
</div>
|
|
|
|
<!-- iframe showing the search results (closed by default) -->
|
|
<div id="MSearchResultsWindow">
|
|
<div id="MSearchResults">
|
|
<div class="SRPage">
|
|
<div id="SRIndex">
|
|
<div id="SRResults"></div>
|
|
<div class="SRStatus" id="Loading">Loading...</div>
|
|
<div class="SRStatus" id="Searching">Searching...</div>
|
|
<div class="SRStatus" id="NoMatches">No Matches</div>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
|
|
<div><div class="header">
|
|
<div class="headertitle"><div class="title">Introduction </div></div>
|
|
</div><!--header-->
|
|
<div class="contents">
|
|
<div class="textblock"><p>The intention of this section is to provide a short overview about the <a class="el" href="namespaceL4Re.html" title="L4Re C++ Interfaces.">L4Re</a> Operating System Framework. The general structure of a microkernel-based system will be introduced and the principal functionality of the servers in the basic environment outlined.</p>
|
|
<h1 class="doxsection"><a class="anchor" id="fiasco_intro"></a>
|
|
L4Re Microkernel</h1>
|
|
<p>The <a class="el" href="namespaceL4Re.html" title="L4Re C++ Interfaces.">L4Re</a> Microkernel is the lowest-level component of software running in an L4Re-based system. The microkernel is the only component that runs in privileged processor mode. It does not include complex services such as program loading, device drivers, or file systems; those are implemented in user-level programs on top of it (a basic set of these services and abstractions is provided by the <a class="el" href="namespaceL4.html" title="L4 low-level kernel interface.">L4</a> Runtime Environment).</p>
|
|
<p>Microkernel services are implemented in kernel objects. Tasks hold references to kernel objects in their respective <em>"object space"</em>, which is a kernel-protected table. These references are called <em>capabilities</em>. System calls to the microkernel are function invocations on kernel objects through the corresponding capabilities. These can be thought of as function invocations on object references in an object-oriented programming environment. Furthermore, if a task owns a capability, it may grant other tasks the same (or fewer) rights on this object by passing the capability from its own to the other task's object space.</p>
|
|
<p>From a design perspective, capabilities are a concept that enables flexibility in the system structure. A thread that invokes an object through a capability does not need to care about where this object is implemented. In fact, it is possible to implement all objects either in the kernel or in a user-level server and replace one implementation with the other transparently for clients.</p>
|
|
<h2 class="doxsection"><a class="anchor" id="l4re_concepts_fiasco_ipc"></a>
|
|
Communication</h2>
|
|
<p>The basic communication mechanism in L4-based systems is called <em>"Inter Process Communication (IPC)"</em>. It is always synchronous, i.e. both communication partners need to actively rendezvous for IPC. In addition to transmitting arbitrary data between threads, IPC is also used to resolve hardware exceptions, faults and for virtual memory management.</p>
|
|
<h2 class="doxsection"><a class="anchor" id="l4re_concepts_fiasco_kobjects"></a>
|
|
Kernel Objects</h2>
|
|
<p>The following list gives a short overview of the kernel objects provided by the <a class="el" href="namespaceL4Re.html" title="L4Re C++ Interfaces.">L4Re</a> Microkernel:</p>
|
|
<ul>
|
|
<li><b>Task</b> A task comprises a memory address space (represented by the task's page table), an object space (holding the kernel protected capabilities), and on x86 an IO-port address space. </li>
|
|
<li><b>Thread</b> A thread is bound to a task and executes code. Multiple threads can coexist in one task and are scheduled by the microkernel's scheduler. </li>
|
|
<li><b>Factory</b> A factory is used by applications to create new kernel objects. Access to a factory is required to create any new kernel object. Factories can control and restrict object creation. </li>
|
|
<li><b>IPC Gate</b> An IPC gate is used to create a secure communication channel between different tasks. It embeds a label (kernel protected payload) that securely identifies the gate through which a message is received. The gate label is not visible to and cannot be altered by the sender. </li>
|
|
<li><b>IRQ</b> IRQ objects provide access to hardware interrupts. Additionally, programs can create new virtual interrupt objects and trigger them. This allows to implement a signaling mechanism. The receiver cannot decide whether the interrupt is a physical or virtual one. </li>
|
|
<li><b>Vcon</b> Provides access to the in-kernel debugging console (input and output). There is only one such object in the kernel and it is only available, if the kernel is built with debugging enabled. This object is typically interposed through a user-level service or without debugging in the kernel can be completely based on user-level services. </li>
|
|
<li><b>Scheduler</b> Implements scheduling policy and assignment of threads to CPUs, including CPU statistics.</li>
|
|
</ul>
|
|
<h1 class="doxsection"><a class="anchor" id="l4re_system_structure"></a>
|
|
L4Re System Structure</h1>
|
|
<p>The system has a multi-tier architecture consisting of the following layers depicted in the figure below:</p>
|
|
<ul>
|
|
<li><b>Microkernel</b> The microkernel is the component at the lowest level of the software stack. It is the only piece of software that is running in the privileged mode of the processor.</li>
|
|
</ul>
|
|
<ul>
|
|
<li><b>Tasks</b> Tasks are the basic containers (address spaces) in which system services and applications are executed. They run in the processor's deprivileged user mode.</li>
|
|
</ul>
|
|
<div class="image">
|
|
<img src="l4re-basic.png" alt=""/>
|
|
<div class="caption">
|
|
Basic Structure of an L4Re based system</div></div>
|
|
<p>In terms of functionality, the system is structured as follows:</p>
|
|
<ul>
|
|
<li><b>Microkernel</b> The kernel provides primitives to execute programs in tasks, to enforce isolation among them, and to provide means of secure communication in order to let them cooperate. As the kernel is the most privileged, security-critical software component in the system, it is a general design goal to make it as small as possible in order to reduce its attack surface. It provides only a minimal set of mechanisms that are necessary to support applications.</li>
|
|
</ul>
|
|
<ul>
|
|
<li><b>Runtime Environment</b> The small kernel offers a concise set of interfaces, but these are not necessarily suited for building applications directly on top of it. The <a class="el" href="namespaceL4Re.html" title="L4Re C++ Interfaces.">L4Re</a> Runtime Environment aims at providing more convenient abstractions for application development. It comprises low-level software components that interface directly with the microkernel. The root pager <em>sigma0</em> and the root task <em>Moe</em> are the most basic components of the <a class="el" href="namespaceL4Re.html" title="L4Re C++ Interfaces.">L4Re</a> Runtime Environment. Other services (e.g., for device enumeration) use interfaces provided by them.</li>
|
|
</ul>
|
|
<ul>
|
|
<li><b>Applications</b> Applications run on top of the system and use services provided by the runtime environment – or by other applications. There may be several types of applications in the system and even virtual machine monitors and device drivers are considered applications in the terminology used in this document. They are running alongside other applications on the system.</li>
|
|
</ul>
|
|
<p>Lending terminology from the distributed systems area, applications offering services to other applications are usually called <em>servers</em>, whereas applications using those services are named <em>clients</em>. Being in both roles is also common, for instance, a file system server may be viewed as a server with respect to clients using the file system, while the server itself may also act as a client of a hard disk driver.</p>
|
|
<h1 class="doxsection"><a class="anchor" id="main_l4re_sec"></a>
|
|
L4Re Runtime Environment</h1>
|
|
<p>The <a class="el" href="namespaceL4Re.html" title="L4Re C++ Interfaces.">L4Re</a> Runtime Environment provides a basic set of services and abstractions, which are useful to implement and run user-level applications on top of the <a class="el" href="namespaceL4Re.html" title="L4Re C++ Interfaces.">L4Re</a> Microkernel. They form the <a class="el" href="namespaceL4Re.html" title="L4Re C++ Interfaces.">L4Re</a> Operating System Framework.</p>
|
|
<p>The <a class="el" href="namespaceL4Re.html" title="L4Re C++ Interfaces.">L4Re</a> Operating System Framework consists of a set of libraries and servers. <a class="el" href="namespaceL4Re.html" title="L4Re C++ Interfaces.">L4Re</a> follows an object-oriented design. Server interfaces are object-oriented, and the implementation is also object-oriented.</p>
|
|
<p>A minimal L4Re-based application needs 3 components to be booted beforehand: the <a class="el" href="namespaceL4Re.html" title="L4Re C++ Interfaces.">L4Re</a> Microkernel, the root pager (Sigma0), and the root task (Moe). The Sigma0 root pager initially owns all system resources, but is usually used only to resolve page faults for the Moe root task. Moe provides the essential services to normal user applications such as an initial program loader, a region-map service for virtual memory management, and a memory (data space) allocator. </p>
|
|
</div></div><!-- contents -->
|
|
</div><!-- PageDoc -->
|
|
</div><!-- doc-content -->
|
|
<div id="page-nav" class="page-nav-panel">
|
|
<div id="page-nav-resize-handle"></div>
|
|
<div id="page-nav-tree">
|
|
<div id="page-nav-contents">
|
|
</div><!-- page-nav-contents -->
|
|
</div><!-- page-nav-tree -->
|
|
</div><!-- page-nav -->
|
|
</div><!-- container -->
|
|
<!-- HTML footer for doxygen 1.9.1-->
|
|
<!-- start footer part -->
|
|
<div id="nav-path" class="navpath"><!-- id is needed for treeview function! -->
|
|
<ul>
|
|
<li class="footer">Generated on <span class="timestamp"></span> for L4Re Operating System Framework by <a href="https://www.doxygen.org/index.html"><img class="footer" src="doxygen.svg" width="104" height="31" alt="doxygen"/></a> 1.15.0 </li>
|
|
</ul>
|
|
</div>
|
|
</body>
|
|
</html>
|