The nucleus only provides the calls necessary for safe transfer of control between Protection Domains and minimal primitives necessary to donate CPU time and memory space between Protection Domains. (@sa Architecture)
Protection domain
A passive address space is a memory protection entity in which arbitrary threads may execute - a Protection Domain (PD). Minimal address space API is supported by the nucleus.
- map, grant, demap
The actual memory address allocation is delegated to userspace memory manager.
space_create() space_destroy() space_reference() space_get_state() space_set_state() region_map() region_demap() region_grant() mapping_accept()
Threads model
Migrating threads with CPU Inheritance scheduling.
Threads (entities of execution), continuations (points of cross-PD control transfer).
Threads API Scheduling
IPC
Interprocess communication provides a way for thread of execution to cross Protection Domain (PD) boundaries.
IPC makes use of portals - pieces of code, used as trampolines into the kernel to do the thread switch. These portals can be re-generated by the optimizing loader (OMOS) without giving up flexibility and protection but gaining additional speed by optimizing generic things like thread_self() call which can be done completely in userspace. IPC mechanism allows for sharing some area of memory between kernel and one or more user applications, to avoid costly memory copyin and copyout.
- One-way
- Idempotent
- Reliable
Kernel object types
Kernel makes use of the 7 following primitive types:
- Cross-process synchronization primitives: Mutex and Condition variable.
- Thread of execution: Thread.
- Protection domain: Space.
- Memory mappings between protection domains: Region (source) and Mapping (destination).
- Resource-relativity abstraction: Reference.
- Portal type also?
Portal mechanism: obtain a portal to a specific interface or interface facet via Common Protocols call
