← Back to context

Comment by dist1ll

3 years ago

There's this great USENIX talk by Timothy Roscoe [1], which is part of the Enzian Team at ETH Zürich.

It's about the dominant unholistic approach to modern operating system design, which is reflected in the vast number of independent, proprietary, under-documented RTOSes running in tandem on a single system, and eventually leading to uninspiring and lackluster OS research (e.g. Linux monoculture).

I'm guessing that hardware and software industries just don't have well-aligned interests, which unfortunately leaks into OS R&D.

[1] https://youtu.be/36myc8wQhLo

12 comments

dist1ll

Reply
est31  3 years ago

I think making it harder to build an OS by increasing its scope is not going to help people to build Linux alternatives.

As for the components, at least their interfaces are standardized. You can remove memory sticks by manufacturer A and replace them with memory sticks from manufacturer B without problem. Same goes for SATA SSDs or mice or keyboards.

Note that I'm all in favour of creating OSS firmware for devices, that's amazing. But one should not destroy the fundamental boundary between the OS and the firmware that runs the hardware.

  • dist1ll  3 years ago

    Building an OS is hard. There's no way around its complexity. But closing your eyes and pretending everything is a file is a security disaster waiting to happen (actually, happening every day).

    And furthermore, OS research is not only about building Linux alternatives. There are a lot of operating systems that have a much narrower focus than full-blown multi-tenant GPOS. So building holistic systems with a narrower focus is a much more achievable goal.

    > As for the components, at least their interfaces are standardized

    That's not true once you step into SoC land. Components are running walled-garden firmware and binary blobs that are undocumented. There's just no incentive to provide a developer platform if no one gives a shit about holistic OSes in the first place.

    • GekkePrutser  3 years ago

      > But closing your eyes and pretending everything is a file is a security disaster waiting to happen (actually, happening every day).

      How so? I can see the limited access control in Linux is an issue, and for this reason augmented security MAC (Mandatory Access Control) controls exist like SELinux and AppArmor.

      But I don't see how the nature of everything being a file is a vulnerability in itself.

      I'd be happy to learn how though.

      3 replies →

    • MisterTea  3 years ago

      > But closing your eyes and pretending everything is a file is a security disaster waiting to happen (actually, happening every day).

      What is this in response to? GP never mentioned file interfaces.

      2 replies →

    • simonh  3 years ago

      > There are a lot of operating systems that have a much narrower focus than full-blown multi-tenant GPOS.

      I hear some of them are used to manage embedded components in GPOS systems. Oh, wait…!

      1 reply →