Lately I have become interested in Minix 3. For anyone who hasn’t heard of Minix, here is some brief background.
Background
Minix (mini-Unix) is a Unix clone designed to be simple and easy to understand. A computers science professor (Andrew S. Tanenbaum) wrote Minix 1 in 1987 to teach his operating systems class. He also wrote a popular book on operating system design. The book is unique in that it shows you the source code of a real operating system (Minix). It comes with a Minix CD and for homework you get to rewrite parts of Minix.
When Linus Torvalds was a student he studied from this book. Minix is what inspired Linus to write Linux. That said, there is on Minix source in Linux.
Minix 3
The last update of the book and Minix was 2006. The new version of Minix (Minix 3) is still meant to be simple but it adds the new goal of being a highly-reliable operating system for real world use. Minix 3 is open source, released under a BSD-type license.
How do you make a highly-reliable operating system? You do this mostly by making the kernel as small as possible. Move everything you can out of the kernel and turn it into a regular user program. Less code, fewer bugs. For example, all the drivers (like the one that runs the hard drive or the mouse) are user-level programs in Minix 3. For comparison, while Linux has 2.5 million lines of code, Minix 3 has only 3,800.
Did you know that the #1 reason computers crash is drivers? This applies to both Linux and Windows. Drivers are very difficult to write, they make up about 70% of the operating system [1], and if they fail they take down the entire system. Worse yet, device drivers have error rates three to seven times higher than ordinary code [2]. Not good.
In Minix, device drivers are user-mode programs, similar to Firefox. If Firefox dies, it is annoying, but it doesn’t bring down the entire system. In Minix 3, when a device driver dies, the system re-starts the driver automatically. The typical user may not even notice that anything went wrong. If the audio driver dies, the sound settings might resent, but that’s as far as it goes. Of course, the device driver bugs have not suddenly disappeared, but we have made them much less harmful. By moving device drivers out of the kernel, Minix 3 removes 90% of the bugs that could break the system [3].
Are microkernels slow?
Most people interested in the subject will say that the problem with microkernels is that they are slow. Indeed, first-generation kernels like the Mach kernel (which runs Mac OS X) are slow. But research in the 90s showed that the speed problems were not a problem with microkerels in general, but simply bad implementation of Mach.
To prove this, the German computer scietist Jochen Liedtke developed a new microkernel called L4 which is actually quite fast (20 times faster than Mach). So much so, that in general Linux running on top of L4 is only 6-7% slower than Linux running on machine hardware and in some benchmarks it was faster than native Linux [4]. Keep in mind that Linux was not tuned to run fast on L4.
The L4 kernel is primarily a research kernel, but it proves what’s possible. An interesting real-world example is QNX – a commercial Unix-like operating system based on the microkernel design. It is mostly used for embedded systems and it is known for efficiency.
What about Minix 3? Minix 3 learns some of the lessons of L4. Although Minix 3 is new and it has not been optimized as throughly as L4 or QNX, it performs fairly well and it has minimal hardware requirements.
References
[1] Can We Make Operating Systems Reliable and Secure?
[2] A. Chou et al., “An Empirical Study of Operating System Errors,” Proc. 18th ACM Symp. Operating System Principles, ACM Press, 2001, pp. 73-88. (article costs $10)
[3] Assume that device drivers are 70% of the kernel and have 5 times the error rate. 0.7*5 / (0.3 + 0.7*5) = 92%.
