Trustworthy Systems

Design, implementation and performance of protection in the Mungi single-address-space operating system


Jerry Vochteloo

    School of Computer Science and Engineering
    Sydney 2052, Australia


Traditional operating system rely on separate address-spaces for protection. The advent of 64-bit architectures has allowed the construction of operating systems that have a single, shared address space (single-address-space operating systems). All data in a single address space can be identi,ed by a unique, globally valid name, its address, making the sharing of information easy. Due to the rejection of the separate address space model, a new model for protection needs to be designed.

This thesis describes the Mungi single-address-space operating system, and in particular, its protection system. Protection was an integral part of Mungi's design right from the start. Protection in Mungi has one overriding goal: not to negate the advantages that are intrinsic in a single address space. In order to achieve this, protection in Mungi is based on password capabilities that allow users to share information without the intervention of the kernel. Mungi also provides support for privileged procedures that allow the safe extension of the Mungi system, as well providing system-enforced object encapsulation. These protected procedure calls are used for device drivers, page fault handlers, and protected subsystems such as database servers.

The implementation of the above model will be presented and will show that the Mungi protection mechanisms are:

The conclusions that can be drawn from this thesis are: a single-address-space operating system provides an ideal environment for sharing, protection based on password capabilities can be efficient, and that protected procedure calls based on extension and implemented in software can be especially fast.

BibTeX Entry

    address          = {Sydney, Australia},
    author           = {Jerry Vochteloo},
    month            = jul,
    note             = {Available from publications page at \url{}},
    paperurl         = {},
    school           = {UNSW},
    title            = {Design, Implementation and Performance of Protection in the {Mungi} Single-Address-Space Operating
    year             = {1998}