From Wikipedia, the free encyclopedia

In computer science, a nanokernel or picokernel is a very minimalist operating system kernel. The nanokernel represents the closest hardware abstraction layer of the operating system by interfacing the CPU, managing interrupts and interacting with the MMU. The interrupt management and MMU interface are not necessarily part of a nanokernel; however, on most architectures these components are directly connected to the CPU, therefore, it often makes sense to integrate these interfaces into the kernel.

The names are derived from the nano and pico prefixes, carrying the connotation of something very small.

Contents 1 General 2 Applications 2.1 Virtualisation 2.2 Nanokernel-based operating systems 2.3 Real-time systems 3 Advantages and disadvantages 3.1 Versus monolithic kernels 3.2 Versus microkernels 4 See also 4.1 Design concepts 4.2 Nanokernel-based operating systems

The term is sometimes used informally to refer to a very light-weight microkernel, such as L4. A smooth transition between micro- and nanokernels exists in many areas when being connected to an operating system, but significant differences are the dependencies between the nanokernel and its core components when forming an operating system, not just a hardware abstraction layer for virtualisation.^{[Confusing — Please clarify]}

Additional abstraction and services are provided by other operating system modules, therefore, the nanokernel can be used to host other operating systems without a performance decrease if the nanokernel is integrated into the other operating systems. Because of the minimalist nature of a nanokernel, this only requires minor modifications. This feature simplifies porting different operating systems to new architectures. The hosted operating systems can also be natively virtualised very easily and with very little loss in performance.

For instance, Apple Computer used a nanokernel in PowerPC versions of the "classic" Mac OS to translate interrupts on their PowerPC-based computers into 68K interrupts which were processed by a 68K emulator. Later, in Mac OS 8.6, it also managed Multiprocessing Services 2.0 tasks. Other examples include the Adeos nanokernel for Linux, which allows other OSs to run on the machine at the same time.

Another application area for nanokernels is an extremely flexible and universal operating system. The operating system can be assembled from various software modules including, for example, a scheduler and various drivers and system interfaces. Due to this flexibility, having common interfaces and sharing a common infrastructure and components becomes possible within the kernel, while the kernel can provide various different operating system interfaces and support multiple concepts. Normally the change of a concept would require major modifications of the operating system but due to its modularity a nanokernel-based operating system can be changed just by replacing software modules. This migration can be performed at runtime because the only static parts of such an operating system are its abstract interfaces (such as streams or event-based interfaces) (in other words, a module interface dependency is the only dependency in a nanokernel).

Abstract module interfaces can also be used to take advantage of the GPU as a mathematical coprocessor (GPGPU). The module separation also prevents several mistakes related to shared resources, as the separation makes it impossible for the modules to share resources directly. Other techniques are used to allow processes to exchange data, e.g. extended IPC. Moreover, modularity makes the system highly fault tolerant since corruption of one module does not affect other modules except if they depend on the corrupted part. This advantage applies to nanokernels in general and can be very useful when running multiple operating systems simultaneously. Security related problems such as buffer overflows in parts of the operating system are nearly solved because a corrupted web server cannot affect other parts of the operating system even if it directly communicates with parts of the kernel like the TUX web server. On architectures with an MMU, e.g. the IA-32, a nanokernel-based operating system can be significantly faster than its monolithic representation, because context switching is no longer necessary. All drivers and system components run in the same context and can be grouped in shared address spaces. Additionally threads run in the same context, because they're not integrated into the operating system. The separation of the thread schedulers makes the system also very flexible and fault tolerant, because threads of different processes can't affect or interfere with other threads. On multiprocessor machines the separation of systems components allows the processors to execute them in parallel. E.g., a TCP module and a network driver could run in parallel and generate a higher throughput.

Real-time software is sometimes designed to be single tasking, for simplicity or performance reasons. Nanokernels can be used in real-time and embedded systems as a hardware abstraction layer to increase the portability of the application software.^{[citation needed]}

A nanokernel is considered to be slower than a typical monolithic kernel due to the management and communication complexity caused by the separation of its components. Contrariwise this abstraction potentiates considerably faster development, simpler modules and higher code quality. Additionally the management effort of such code is notably decreased because monolithic implementations tend to be more complex and intradependent. As a result of its lower module complexity nanokernel modules tend to be more accurate and maintainable.

Furthermore APIs of monolithic kernels (as present in for example the Linux kernel) are often considered to be very unstable and quite mutable. It's often argued that this applies only to some implementations, but in reality monolithic drivers use more internal structures than separated modules^{[citation needed]}.

Another key aspect is the isolation of the nanokernel modules by architecture. Monolithic kernels generally suffer from a considerably bad security architecture because an inaccurate and insecure part directly affects the whole operating system.

Generally microkernels have integrated IPC, memory-, thread- and process management and elementary drivers. A Nanokernel in contrast has essentially none of those, therefore nanokernels aren't independent executable operating systems, which is why they're not an operating system kernel in the traditional sense.

Nevertheless this significant difference potentiates extremely powerful techniques like multi scheduling or operating system emulation. The simultaneous execution of a realtime- and pre-emptive scheduler on multi processor machines or the emulation of an entire operating system like UNIX in heterogeneous environments are some application areas of this technique. But in general this superiority applies and occurs only significantly in parallel- or distributed computing environments.

• Exokernel
• Hybrid kernel
• Kernel
• Microkernel
• Monolithic kernel

• Complexity
• Design by contract
• Eiffel
• Interface
• Isolation
• Modularity
• Namespace
• Plan 9
• Singularity
• Sing#

• Adeos
• CapROS
• Dycos [1]
• EROS
• KeyKOS
• LSE/OS
• Trion Operating System