nexos wrote:
Hello,
I have been doing a lot of thinking, and I am wondering how considerable the advantages of microkernels are.
Modularity by clearly separated layers, manageability, stability, flexibility, increased security.
nexos wrote:
I find a microkernel an interesting thing to research, but they are slow and very hard to develop.
Take a look at the L4 microkernel family. They are not slow. And I wouldn't call the development hard, but it is considerably more difficult than a monolithic kernel, that's true (mostly because you can't access anything, you have to plan interfaces). But once you have a good and efficient messaging system, there's not much difference, except you'll try to minimize the number of messages naturally, while in a monolithic kernel you wouldn't care about minimizing the number of memory access.
nexos wrote:
But if a monolithic or hybrid kernel only allows modules to be loaded by the root user, then the security concern, for all practical purposes, goes away.
This part is not true at all. Modules are the worst thing that could happen from security point of view. Basically you load code from unverified userspace into kernelspace, where it's going to run with supervisor privileges (ring 0)... A quick summary:
Modular monolithic:
- loads code into the kernel space
- module code can access any part of the system, including kernel structures and privileged instructions
- no run-time checks possible (modules are simply linked on load)
- a crash in a module crashes the kernel, and the whole system along with it
Microkernel:
- loads code into separate, user level address spaces, so called servers
- server code is a plain simple user level code, no special access available
- all access are checked in run-time (by validating messages sent by the server)
- a crash in a server is fully recoverable without the user even noticing
nexos wrote:
What is your opinion on microkernels, monolithic or hybrid kernels, and even exokernels?
Depends what goal you want to achieve.
For a special-purpose OS with one task, go for monolithic. For stability and security, go for microkernel. For simulating other OS' features within the same environment, go for exokernel.
Cheers,
bzt