Trustworthy Systems

The case for active device drivers


Leonid Ryzhyk, Yanjin Zhu and Gernot Heiser



Open Kernel Labs


We revisit the device-driver architecture supported by the majority of operating systems, where a driver is a passive object that does not have its own thread of control and is only activated when an external thread invokes one of its entry points. This architecture complicates driver development and induces errors in two ways. First, since multiple threads can invoke the driver concurrently, it must take care to synchronise the invocations to avoid race conditions. Second, since every invocation occurs in the context of its own thread, the driver cannot rely on programming-language constructs to maintain its control flow.

To address these issues, we propose a device-driver architecture where each driver has its own thread of control and communicates with other threads in the system via message passing. We show how this architecture addresses both of the above problems. Unlike previous message-based driver frameworks, it does not require any special language support and can be implemented inside an existing operating system as a kernel extension. We present our Linux-based implementation in progress and report on preliminary performance results.

BibTeX Entry

    address          = {New Delhi, India},
    author           = {Ryzhyk, Leonid and Zhu, Yanjin and Heiser, Gernot},
    booktitle        = {Asia-Pacific Workshop on Systems (APSys)},
    keywords         = {device drivers, reliability},
    month            = aug,
    pages            = {25--30},
    paperurl         = {},
    title            = {The Case for Active Device Drivers},
    year             = {2010}