2nd USENIX Windows NT Symposium
The Sombrero Distributed Single Address Space Operating System Project
Alan Skousen/Donald Miller
Computer Science and Engineering Department
Arizona State University
The Sombrero operating system project is an experiment to investigate the potential of a distributed large Single Address Space Operating System (SASOS) as a computing environment. We are currently prototyping Sombrero on Alpha 21164 based NT systems. The prototype gives NT the ability to manage 8-terabyte data sets across a network in a single distributed address space. This distributed address space supports a mechanism that allows multiple network users to have access to and a consistent view of the same addresses while at the same time being protected from one another=92s activities. We also propose changes to current stock processor architecture to facilitate the single large distributed address space design.
Single Address Space Operating Systems (SASOSs) have been researched for a number of years. This research is motivated by the difficulties associated with communication between processes on the same machine and across a network. By reducing the number of namespaces used by an executing program it is possible to provide a commonality of reference that simplifies communication between it and its services. As a result programs and services become smaller and less costly to program and execute more quickly. Because of the paradigm shift new design and programming strategies need to be examined to make full use of the changed architecture.
In Sombrero, protection domains can be used to implement instantiations of Object Oriented Programming base classes that can serve as operating system modules or application programs. Important hardware services are reserved to designated modules and protected by access policy that is enforced by the protection hardware. This allows a non-hierarchical strategy for OS design that permits all services and programs to exist as peers invoking service methods rather than gaining access to resources and services through nested API layers. By this means high speed access directly to low level services using the Sombrero domain switching strategy reduces the cost of a service call to that of a common subroutine.
The Sombrero project is currently being prototyped on two Alpha 21164 boxes with sufficient resources to compile and run Windows NT source code. We have extended the reachable address space by specializing an NT process to include the full range available to the processor. This is done by modifying the NT PALCode to recognize a Sombrero process and to forward TLB misses outside the normal NT range to a Sombrero extension of the PALCode. A pager in NT user space forms the correct TLB entry and handles the miss. With this structure available we extended the PALCode to emulate a protection buffer (RPLB) that is triggered by misses in the TLB. Using this emulated RPLB hardware, individual threads are assigned to separate protection domains within the specialized process. This provides a functional protected single address space that supports the SASOS abstraction we propose. The NT operating system running in Kernel and Executive modes in the NT kernel and NT user space respectively provide the basic I/O facilities to Sombrero, which runs in Supervisor mode.
Thus far the design simulations and performance tests are encouraging. The full implementation of Sombrero, short of the proposed hardware improvements, is under development.
We wish to acknowledge the assistance of Microsoft Corporation for their extensive software support and Digital Equipment Corporation for their technical support.
This paper was originally published in the
Proceedings of the 2nd USENIX Windows NT Symposium,
August 3-5, 1998,
Seattle, Washington, USA
Last changed: 10 April 2002 aw