1995 | Brian N. Bershad, Stefan Savage, Przemyslaw Pardyak, Emin Gün Sirer, Marc E. Fiuczynski, David Becker, Craig Chambers, Susan Eggers
SPIN is an extensible operating system that allows applications to safely modify the operating system's interface and implementation. It provides an extension infrastructure and a core set of extensible services that enable applications to specialize the underlying operating system for specific performance and functionality needs. SPIN uses language and link-time mechanisms to export fine-grained interfaces to system services. Extensions are written in a type-safe language and are dynamically linked into the kernel. This approach allows extensions to access system services quickly while protecting the kernel code. SPIN and its extensions are written in Modula-3 and run on DEC Alpha workstations.
SPIN is designed to be dynamically specialized to meet the performance and functionality requirements of applications. It addresses the need for extensibility in operating systems by allowing applications to extend the system's interfaces and implementations. The system's design focuses on extensibility, safety, and performance. SPIN uses language and runtime services to provide low-cost, fine-grained, protected access to system resources. The system's architecture includes co-location, enforced modularity, logical protection domains, and dynamic call binding, which enable interfaces to be defined and accessed with low overhead.
SPIN's architecture provides a software infrastructure for safely combining system and application code. The protection model supports efficient, fine-grained access control of resources, while the extension model enables extensions to be defined at the granularity of a procedure call. The system's architecture is biased towards mechanisms that can be implemented with low cost on conventional processors. SPIN relies on language-level services such as static type checking and dynamic linking.
SPIN's protection model uses capabilities to control access to resources. A capability is an unforgeable reference to a resource that can be a system object, an interface, or a collection of interfaces. SPIN's extension model allows extensions to be defined in terms of events and handlers. An event is a message that announces a change in the system's state or a request for service. An event handler is a procedure that receives the message. Extensions install handlers on events by explicitly registering them with the event through a central dispatcher.
SPIN's core services manage memory and processor resources. These services use events to communicate between the system and extensions, exporting interfaces with fine-grained operations. SPIN's memory management interface decomposes memory services into three basic components: physical storage, naming, and translation. These correspond to the basic memory resources exported by processors, namely physical addresses, virtual addresses, and translations. Application-specific services interact with these three services to define higher-level virtual memory abstractions.
SPIN's thread management system provides applications with interfaces for scheduling, concurrency, and synchronization. Applications can require levels of functionality and performance that a thread management system is unable to deliver. SPIN allows applications to provide their own thread package and scheduler that execute within the kernel. The thread package defines the application's execution model and synchronization constructs. The scheduler controls the multiplexing of the processor across multiple threads.
SPIN's core servicesSPIN is an extensible operating system that allows applications to safely modify the operating system's interface and implementation. It provides an extension infrastructure and a core set of extensible services that enable applications to specialize the underlying operating system for specific performance and functionality needs. SPIN uses language and link-time mechanisms to export fine-grained interfaces to system services. Extensions are written in a type-safe language and are dynamically linked into the kernel. This approach allows extensions to access system services quickly while protecting the kernel code. SPIN and its extensions are written in Modula-3 and run on DEC Alpha workstations.
SPIN is designed to be dynamically specialized to meet the performance and functionality requirements of applications. It addresses the need for extensibility in operating systems by allowing applications to extend the system's interfaces and implementations. The system's design focuses on extensibility, safety, and performance. SPIN uses language and runtime services to provide low-cost, fine-grained, protected access to system resources. The system's architecture includes co-location, enforced modularity, logical protection domains, and dynamic call binding, which enable interfaces to be defined and accessed with low overhead.
SPIN's architecture provides a software infrastructure for safely combining system and application code. The protection model supports efficient, fine-grained access control of resources, while the extension model enables extensions to be defined at the granularity of a procedure call. The system's architecture is biased towards mechanisms that can be implemented with low cost on conventional processors. SPIN relies on language-level services such as static type checking and dynamic linking.
SPIN's protection model uses capabilities to control access to resources. A capability is an unforgeable reference to a resource that can be a system object, an interface, or a collection of interfaces. SPIN's extension model allows extensions to be defined in terms of events and handlers. An event is a message that announces a change in the system's state or a request for service. An event handler is a procedure that receives the message. Extensions install handlers on events by explicitly registering them with the event through a central dispatcher.
SPIN's core services manage memory and processor resources. These services use events to communicate between the system and extensions, exporting interfaces with fine-grained operations. SPIN's memory management interface decomposes memory services into three basic components: physical storage, naming, and translation. These correspond to the basic memory resources exported by processors, namely physical addresses, virtual addresses, and translations. Application-specific services interact with these three services to define higher-level virtual memory abstractions.
SPIN's thread management system provides applications with interfaces for scheduling, concurrency, and synchronization. Applications can require levels of functionality and performance that a thread management system is unable to deliver. SPIN allows applications to provide their own thread package and scheduler that execute within the kernel. The thread package defines the application's execution model and synchronization constructs. The scheduler controls the multiplexing of the processor across multiple threads.
SPIN's core services