Professional Documents
Culture Documents
Adv. O S
Adv. O S
The policies what is to be done while the mechanism specifies how it is to be done. For instance,
the timer construct for ensuring CPU protection is mechanism. On the other hand, the decision of
how long the timer is set for a particular user is a policy decision.
The separation of mechanism and policy is important to provide flexibility to a system. If the
interface between mechanism and policy is well defined, the change of policy may affect only a
few parameters. On the other hand, if interface between these two is vague or not well defined, it
might involve much deeper change to the system.
Once the policy has been decided it gives the programmer the choice of using his/her own
implementation. Also, the underlying implementation may be changed for a more efficient one
without much trouble if the mechanism and policy are well defined. Specifically, separating
these two provides flexibility in a variety of ways. First, the same mechanism can be used to
implement a variety of policies, so changing the policy might not require the development of a
new mechanism, but just a change in parameters for that mechanism, but just a change in
parameters for that mechanism from a library of mechanisms. Second, the mechanism can be
changed for example, to increase its efficiency or to move to a new platform, without changing
the overall policy.
The operating system possesses various privileges that allow it to access otherwise
protected resources such as physical devices or application memory. When these
privileges are granted to the individual parts of the operating system that require them,
rather than to the operating system as a whole, the potential for both accidental and
malicious privileges misuse is reduced.
Breaking the operating system into parts can have adverse effect on efficiency because of
the overhead associated with communication between the individual parts. This overhead
can be exacerbated when coupled with hardware mechanisms used to grant privileges.
The following sections outline typical approaches to structuring the operating system.
Most contemporary operating systems, including Linux and Windows, are also considered
monolithic, even though their structure is certainly significantly different from the simple
examples of CP/M and DOS.
References.
A native hypervisor runs on bare hardware, with the hosted operating systems residing
above the hypervisor in the system structure. This makes it possible to implement an
efficient hypervisor, paying the price of maintaining a hardware specific implementation.
A hosted hypervisor partially bypasses the need for a hardware specific implementation
by running on top of another operating system. From the bottom up, the system structure
then starts with the host operating system that includes the hypervisor, and then the guest
operating systems, hosted above the hypervisor.
A combination of the native and the hosted approaches is also possible. The hypervisor can
implement some of its features on bare hardware and consult the hosted operating systems for its
other features. A common example of this approach is to implement the processor virtualization
support on bare hardware and use a dedicated hosted operating system to access the devices that
the hypervisor then virtualizes for the other hosted operating systems.
EXOKERNEL
Exokernel is an operating system developed at the Massachusetts Institute of Technology that
seeks to provide application-level management of hardware resources. The exokernel
architecture is designed to separate resource protection from management to facilitate
application-specific customization.
Exokernels are typically small in size because of their limited operability.
Conventional operating systems always have an impact on the performance, functionality and
scope of applications that are built on them because the OS is positioned between the
applications and the physical hardware. The exokernel operating system attempts to address this
problem by eliminating the notion that an operating system must provide abstractions upon
which to build applications. The idea is to impose as few abstractions as possible on the
developers and to provide them with the liberty to use abstractions as and when needed. The
exokernel architecture is built such that a small kernel moves all hardware abstractions into
untrusted libraries known as library operating systems. The main goal of exokernel is to ensure
that there is no forced abstraction, which is what makes exokernel different from micro- and
monolithic kernels.
Some of the features of exokernel operating systems include:
Reduced consistency