SLK: The Safe Language (No-)Kernel Project
Massimo Dentico
m.dentico@teseo.it
Thu, 26 Aug 1999 19:56:32 +0200
Follow a quote (emphasis is mine) on a no-kernel OS, from CS
department of Cornell University. Sorry, but I'm incapable to
review for lack of time (I need much time to write decently in
English).
---------------------------------------------------------------
SLK: The Safe Language Kernel Project
(http://www.cs.cornell.edu/slk/)
[..]
SLK relies on the properties of type-safe languages in order
to enforce protection boundaries between applications and
the OS itself which means that all code can run in a single
address space and at a single hardware privilege level. The
first version of SLK is heavily Java based but a significant
part of our research effort lies in understanding how to
host multiple languages. For example, we plan to integrate
ML into the family of languages supported by SLK.
The most fundamental difference between the Secure Language
Kernel (SLK) and a traditional operating system is the fact
that the entire system runs in a single address space and
at a single hardware protection level. There is no memory
management hardware that prevents one application from
accessing another's memory and there is no hardware
privilege mode differentiating instructions executed in the
kernel from those executed in an application. Instead, all
protection is enforced by the language system. Languages
used under SLK must be type safe and the compiler must provide
enough information to the run-time system to allow
protection boundaries to be enforced.
The motivation for relying on software for protection is
threefold: light weight, seamless extensibility, and
flexibility in the form of fine grain sharing. Under the
assumption that the language system can enforce protection, it
is natural to propagate this new property through the system
and eliminate redundant functionality in an attempt to reduce
complexity and improve efficiency. This is also the primary
technical motivation behind Sun's upcoming JavaOS [Mad], but
unlike JavaOS, SLK focuses on servers and fine-grain sharing
of data and code across protection boundaries. In this sense
it continues a decade-long trend in OS design in moving
functionality into user-level and generally blurring the
user-kernel boundary. **SLK removes the user-kernel boundary
ENTIRELY.**
[..]
--
Massimo Dentico