



COMP9242 2006/S2 W1 P3











## L4 HISTORY

- Original version by Jochen Liedtke (GMD)  $\approx$  93–95
- → "Version 2" API
- → i486 assembler
- → IPC 20 times faster than Mach [SOSP 93, 95]
- Other L4 V2 implementations:
- → L4/MIPS64: assembler + C (UNSW) 95–97
  → fastest kernel on single-issue CPU (100 cycles)
- $\rightarrow$  L4/Alpha: PAL + C (Dresden/UNSW), 95–97
- → first released SMP version
- → Fiasco (Pentium): C++ (Dresden), 97–99

### **L4 HISTORY**

- Experimental "Version X" API
- → improved hardware abstraction
- → various experimental features (performance, security, generality)
- ➔ portability experiments
- Implementations
- → Pentium: assembler, Liedtke (IBM), 97-98
- → Hazelnut (Pentium+ARM), C, Liedtke et al (Karlsruhe), 98–99

CSE/UNSW/NICTA



## **L4 PRESENT**

- NICTA L4-embedded commercially deployed
- → adopted by Qualcomm for CDMA chipsets
- → under evaluation/development for other products at a number of multinationals
- → about to establish strong presence in wireless and CE markets
- NICTA spinning out Open Kernel Labs
- → further development of L4-embedded
- ➔ professional services for L4 users
- → commercialisation of present NICTA microkernel research

### L4 FUTURE

- Security API: NICTA seL4
- → draft published March 06
- → semi-formal specification in Haskell
- → "executable spec": Haskell implementation plus ISA simulator
- → used for exercising and porting apps
- → stable API August 06
- → C implementation end of 06
- → similar project at TU Dresden: L4sec (draft API Oct 05)
- Features:
- → user-level management of kernel resources (esp. memory)
- → low-overhead information-flow control mechanisms
- → suitable for formal verification
- Formal verification of L4 implementation: L4.verified project
- → mathematical proof that implementation matches spec

CSE/UNSW/NICTA





|                                                           | port/         | C++      |          | optimised            |                      |
|-----------------------------------------------------------|---------------|----------|----------|----------------------|----------------------|
| Architecture                                              | optimisation  | intra AS | inter AS | intra AS             | inter AS             |
| Pentium-3                                                 | UKa           | 180      | 367      | 113                  | 305                  |
| Small Spaces                                              | UKa           |          |          |                      | 213                  |
| Pentium-4                                                 | UKa           | 385      | 983      | 196                  | 416                  |
| Itanium 2                                                 | UKa/NICTA     | 508      | 508      | 36                   | 36                   |
| cross CPU                                                 | UKa           | 7419     | 7410     | N/A                  | N/A                  |
| MIPS64                                                    | NICTA/UNSW    | 276      | 276      | 109                  | 109                  |
| cross CPU                                                 | NICTA/UNSW    | 3238     | 3238     | 690                  | 690                  |
| PowerPC-64                                                | NICTA/UNSW    | 330      | 518      | 200 <sup>‡</sup>     | 200 <sup>‡</sup>     |
| Alpha 21264                                               | NICTA/UNSW    | 440      | 642      | $pprox 70^{\dagger}$ | $pprox 70^{\dagger}$ |
| ARM/XScale                                                | NICTA/UNSW    | 340      | 340      | 151                  | 151                  |
| <sup>†</sup> "Version 2" asse<br><sup>‡</sup> Guestimate! | embler kernel |          |          |                      |                      |
|                                                           |               |          |          |                      |                      |

| L4 ABSTRACTIONS AND MECHANISMS                                                      |
|-------------------------------------------------------------------------------------|
| THREE BASIC ABSTRACTIONS:                                                           |
| Address spaces                                                                      |
| Threads                                                                             |
| <ul> <li>Time (second-class abstraction in N2 API, to vanish completely)</li> </ul> |
| Two basic mechanisms:                                                               |
| <ul> <li>Inter-process communication (IPC)</li> </ul>                               |
| Mapping                                                                             |
|                                                                                     |
| CSE/UNSW/NICTA COMP9242 2006/S2 W1 P19                                              |



#### CSE/UNSW/NICTA

COMP9242 2006/S2 W1 P20

# L4 ABSTRACTIONS: THREADS

- Thread is unit of execution
- ➔ kernel-scheduled
- Thread is addressable unit for IPC
- → thread-ID is unique identifier
- Threads managed by user-level servers
- → creation, destruction, association with address space
- Thread attributes:
- → scheduling parameters (time slice, priority)
- → unique ID
- ➔ address space
- → page-fault and exception handler
- CSE/UNSW/NICTA

COMP9242 2006/S2 W1 P21

# L4 ABSTRACTIONS: TIME

- Used for scheduling time slices
- → thread has fixed-length time slice for preemption
- → time slices allocated from (finite or infinite) time quantum
- → notification when exceeded
- In earlier L4 versions also used for IPC timeouts
- → removed in N2

# L4 MECHANISM: IPC

- Synchronous message-passing operation
- Data copied directly from sender to receiver
- ➔ short messages passed in registers
- Can be blocking or polling (fail if partner not ready)
- Asynchronous notification variant
- → no data transfer, only sets notification bit in receiver
- → receiver can wait (block) or poll





