Trustworthy Systems

Protection domain extensions in Mungi

Authors

Jerry Vochteloo, Kevin Elphinstone, Stephen Russell and Gernot Heiser

    School of Computer Science and Engineering
    UNSW,
    Sydney 2052, Australia

Abstract

The Mungi single address space operating system provides a protected procedure call mechanism named protection domain extension (PDX). The PDX call executes in a protection domain which is the union of (a subset of) the caller's domain, and a fixed domain associated with the procedure. On return, the caller's original protection domain is re-established. Extensive caching of validation data allows amortisation of setup costs over a possibly large number of invocations. The PDX mechanism forms the basis for object support in Mungi, particularly encapsulation. It is also used for accessing devices, and to implement user-level page fault handlers and other services.

BibTeX Entry

  @inproceedings{Vochteloo_ERH_96,
    address          = {Seattle, WA, USA},
    author           = {Jerry Vochteloo and Kevin Elphinstone and Stephen Russell and Gernot Heiser},
    booktitle        = {IEEE International Workshop on Object Orientation in Operating Systems (IWOOOS)},
    month            = oct,
    pages            = {161--165},
    paperurl         = {https://trustworthy.systems/publications/papers/Vochteloo_ERH_96.pdf},
    title            = {Protection Domain Extensions in {Mungi}},
    year             = {1996}
  }

Download