23 lines
1.6 KiB
Markdown
23 lines
1.6 KiB
Markdown
# Microkernel
|
|
A microkernel is a [kernel](kernel.md) that has only the bare minimum functionality on kernel space, moving most of
|
|
it to the userland, as servers. Due to having less code running in privileged kernel mode (less attack surface),
|
|
microkernels can be more safer than monolithic ones.
|
|
|
|
A central concept of microkernels are the *servers* ([daemons](daemon.md)), which run in userland and implement
|
|
the functionality that monolithic kernels do in the kernel side (file systems, drivers, memory management).
|
|
Servers aren't different from regular user processes, only that have additional privileges (for accessing hardware directly, for example)
|
|
and communicate with the kernel and with other servers using [interprocess communication (IPC)](ipc.md) mechanisms.
|
|
|
|
Since servers run in userspace, a crash in a server don't necessarily bring the whole system down, but may affect
|
|
the consistency of the whole system, and reliability is not exactly inherent to the microkernel design.
|
|
|
|
One of the first microkernels, Mach, had a disappointing performance. This gave microkernels a bad reputation, which
|
|
however where demonstrated to not be an inherent design characteristic, but an implementation one. The L4 family
|
|
of microkernels demonstrated that IPC can be as fast as regular syscalls on a monolithic kernel.
|
|
|
|
## Notable microkernels
|
|
- Mach
|
|
- L4 and its descendants, such as seL4; known for its high-performance IPC, as fast as a monolithic kernel.
|
|
- [Minix](minix.md): [Unix](unix.md)-like kernel. Most notably, a heavily modified version of it runs in the Intel's [ME](intcel_me.md) [backdoor](backdoor.md).
|
|
- QNX: proprietary real time microkernel from the 80's.
|
|
- ...
|