Mac OS XMach in the Darwin Kernel

http://www.maths.mq.edu.au/~steffen/talks/

COMP342 4/5/06

Daniel A. SteffenMathematics Department

Macquarie Universitysteffen@maths.mq.edu.au

Mach in the Darwin Kernel

• Overview of Mac OS X & Darwin Kernel

• Darwin Kernel Services

• Mach History & Goals

• Mach Abstractions in detail

Mac OS X System Architecture

• High Level APIs “Frameworks”

• Application Services

• Core Services

• Darwin Kernel“CoreOS”

Mac OS XDarwin technology is at the core

OpenGLOpenGLQuartzQuartz QuickTimeQuickTime

DarwinDarwin

AquaAqua

ClassicClassic JavaJava CarbonCarbon CocoaCocoa

Darwin Kernel Architecture

• “hybrid” kernel: single address space for BSD and Mach (not a true microkernel system)

• processor architecture independent

• open-source

OpenGLOpenGLQuartzQuartz QuickTimeQuickTime

DarwinDarwin

AquaAqua

ClassicClassic JavaJava CarbonCarbon CocoaCocoaApplicationEnvironments

ApplicationEnvironments

DarwinDarwin BSD KernelBSD Kernel

Mach KernelMach Kernel

IOKitIOKitNetwork KEXTNetwork KEXTFile SystemFile System DriversDrivers

Darwin Kernel

Darwin Kernel Architecture

• Origins

- Mach 3.0 (OSFMK73)

- Virtual Memory, Scheduling, IPC

- 4.4BSD-Lite 2

- Process model, security, file access

- FreeBSD 3.2 & 4.4

- Networking, NFS

Darwin Kernel Services

Emphasis on the services, not the layeringDarwin Kernel Services

DarwinKernelDarwinKernel IOKitIOKit

Net KEXTNet KEXTFile SystemFile System DriversDrivers

KEXT ServicesKEXT ServicesProcessProcess

ThreadsThreads

SchedulerScheduler

FilesFiles

VMVM

IPCIPC

SecuritySecurity

• cross-layer view

• everything built on top of Mach primitives

- e.g. BSD process is Mach task + extra structure

• lower-layer API not always safe to use on higher-layer objects

Mach Kernel

• microkernel architecturally, but tightly integrated

• CPU and memory abstractions

• manages processor and memory resources

• process & thread scheduling

• SMP & realtime support

• memory protection, management (VM)

• message based: all interaction based on mach ports

• policy neutral

BSD Kernel

• tight integration with Mach and IOKit

• process model: env vars, signals, reaping

• security policy: users, filesystem permissions

• filesystem & networking architecture

• POSIX/BSD API: pthreads, select, kqueues, …

• plugin architecture for NKEs (e.g. filters)

• enhanced VFS design (metadata, ACLs, unicode, large files, UBC)

IO Kit

• abstraction level for driver and device access

• object-oriented framework: common behavior & protocols among device types abstracted into families, only device-specifics in drivers

• implemented in Embedded C++

• modular and extensible, many families already implemented in OS, support for userspace drivers

• dynamic device management, on-demand driver matching & (un)loading, power management

Mach/Darwin History

• 1985-1994: Mach Research project at CMU

• 1990-1996: Mach 3 effort continued at OSF RI: OSF/1 ! DEC Digital UNIX ! Compaq Tru64

• 1989-1995: NeXTSTEP on Mach 2.5 & 4.3BSD

• 1996-1998: MkLinux on Mach 3.0 by Apple & OSF

• 1997: Apple acquires NeXT

• 2000: Darwin 1.0 (Mac OS X DP4): kernel transitioned to Mach 3.0 & 4.4BSD-Lite 2

Mach Goals

• simple, extensible communication kernel; BSD compatible (“drop-in” replacement for BSD kernel)

• move as much functionality outside of kernel as possible (microkernel)

• small number of abstractions

• exploit parallelism in both OS and user applications

• extensive process to process communication (IPC)

• large, sparse address space support with flexible VM

• portability, multiprocessor & heterogeneous system support, distributed operation

Mach Abstractions

• Task: unit of resource ownership, has virtual address space & collection of port rights, contains threads

• Thread: unit of execution (CPU utilization), lightweight, shares containing task’s resources

• Port: communication channel endpoint, accessible only via send / receive capabilities (port rights)

• Port set: group of ports on which a thread can block waiting to receive messages

• Message: typed collection of data objects/pointers

• Memory object: internal unit of memory management, tasks map portions into their address space

Mach TaskMach Task Services

•Provide an environmentin which threads run:• Address space• Communications• Exception handling

task_ttask_create(), task_terminate()thread_create()task_suspend(), task_resume()task_swap_exception_ports()

Virtual Memory Space

Port Name Space

Thread

Mach TaskMach Task

Thread

Thread

A task is the unit of resource ownership in Mach• collection of system resources, which (except for address space) are referenced by ports and may be shared with other tasks if they have corresponding port rights

• provides a large, potentially sparse address space, portions of which may be shared through inheritance or external memory management

• contains some number of threads

• defines task wide exception handling

• A Mach thread owns no resources• Defines the “how” and “where” of

execution, but not the resources toexecute with

• Defines thread-specific exceptionhandling

thread_tthread_create(), thread_terminate()thread_suspend(), thread_resume()thread_swap_exception_ports()

A thread is the unit of execution in MachMach Thread Services

Register State

SchedulingAttributes

Mach ThreadMach Thread

Exception Handlers

Mach Thread

• point of flow control in a task, defines “how” and “where” of execution, but not the resources to execute with

• owns no resources, has access to all elements of the containing task

• potentially executes in parallel with other threads, even threads within the same task

• has minimal state for low overhead

• defines thread-specific exception handling

Mach Scheduler

• assigns runnable threads to processors

• SMP: threads run on any available processor, preference for affinity

• fully preemptive scheduling

- by higher priority threads when running in user mode

- by higher priority real-time threads while running in kernel mode

• time constraint threads watched to assure good behavior

Mach SchedulerAssigns runnable threads to procesors

Mach HostMach Host

127

KernelKernel95

CoreCore79

63

31

0AppApp

GUIGUI

TimeTime

CPU CPU

• Symmetric Multi-Processor (SMP)• Threads run on any

available processor• Preference for affinity

• Fully Preemptive Scheduling• By higher priority threads

when running in user mode• By higher priority real-time

threads while running inkernel mode

Mach Port

• unidirectional communication channel between a client requesting a service and a server providing that service

• has a single receiver and (potentially) multiple senders

• state associated with a port: message queue, count of port rights referencing it

• kernel has services to allocate ports, and every Mach entity (except virtual memory ranges) is named by a port, so ports are created implicitly during creation of such entities

Mach Port Right

• a port can only be accessed via a port right: an entity that indicates the right to access a specific port in a specific way

• three types of port rights:

- receive: allows to receive messages from a port

- send: allows to send messages to a port

- send-once: allows to send a single message to a port

• port rights can be copied and moved between tasks via Mach messages

• can acquire certain port rights from a global service

Mach Message

• a typed collection of data passed between two entities

• not a Mach entity in its own right

• messages are queued, hold state between the time a message is sent and when it is received

• messages can carry data (inline and out-of-line), port rights, virtual memory ranges and sender identity information

Mach IPC ServicesMessaging across Mach ports

Mach IPCMach IPC

TaskTaskTaskTask

Virtual Memory Space

Virtual Memory Space

Virtual Memory Space

Virtual Memory Space

• Mach ports are endpoints• Message queues• Semaphores, Locksets

• Capabilities representedby Mach port rights

• Send, send-once• Receive

• Messages carry• Data (inline and out-of-line)• Additional Mach port rights• Sender identity information

Mach Security Services

• implements mechanism, not policy

• no authentication checking

• capabilities in the form of Mach port rights

• subdivide capabilities to create extra privileges

• sender identity tagging on each message

• policy decisions implemented at the BSD level

Mach Memory Object

• represents non-resident state of given memory ranges

• memory manager: task implementing a memory object (responding to messages sent to its port), responsible for filling main memory with e.g. contents of backing store

• main memory is a cache for the contents of the various memory objects, kernel maintains cache by sending messages to the memory object ports

• Mach has no concept of files: BSD vnodes implemented on top of memory objects

Mach Address Space

• defines the set of valid virtual addresses that a thread executing in a task is allowed to reference

• layout flexibility

• protection against unauthorized access or update

• copy-on-write

• controlled sharing

• semantics implemented through actions of memory manager for memory object of a memory range

............

......

......

Mach Virtual Memory Services

Mach VM ServicesMach VM Services

Mach controls most aspects of virtual memory

• Layout flexibility• Each task’s address space can be

constructed with a unique layout• Protected address spaces

• Guarded against unauthorizedaccess or update

• Copy-on-Write optimization• Controlled sharing

• Single page, mapped file,to shared complex regions

VMObjectCache

VMObjectCache

AddressSpace

AddressSpace

AddressSpace

AddressSpace

References

• Apple developer information on Darwin

- http://developer.apple.com/documentation/Darwin/

- http://developer.apple.com/opensource/

• Darwin source code

- http://www.opensource.apple.com/darwinsource/

- http://darwinsource.opendarwin.org/

• Darwin Kernel Programming Guide on Mach

- http://developer.apple.com/documentation/Darwin/Conceptual/KernelProgramming/Mach/chapter_6_section_1.html

- http://developer.apple.com/documentation/Darwin/Conceptual/KernelProgramming/boundaries/chapter_14_section_4.html

References

• CMU Mach project

- http://www.cs.cmu.edu/afs/cs/project/mach/public/www/mach.html

• OSF Mach 3.0 manuals

- http://www.cs.cmu.edu/afs/cs/project/mach/public/www/doc/osf.html

• Wikipedia: Mach kernel

- http://en.wikipedia.org/wiki/Mach_kernel

• kernelthread.com

- http://www.kernelthread.com/mac/oshistory/8.html

• M.K. McKusick et al, The Design and Implementation of the 4.4 BSD Operating System, Addison-Wesley, 1996

WWDC Scholarships

• to attend Apple’s World Wide Developers Conference Aug 7-11 2006

- http://developer.apple.com/wwdc/

• Apple University Consortium scholarships for Australian university students and staff: (appls close 23/5/06)

- http://auc.edu.au/audf/wwdc06/

• Apple Developer Connection (ADC) Student program scholarships: (appls close 19/5/06)

- http://developer.apple.com/wwdc/students/

• The speaker gratefully acknowledges support to attend the Apple World Wide Developers Conference WWDC 2004 by the Apple University Consortium Australia

- http://auc.uow.edu.au/

• Graphics Credit

- Jim Magee, Core OS Kernel Team, Apple Computer:

- Slides from WWDC 2002 Session 107 “The Darwin Kernel”

Acknowledgements