menios
menios copied to clipboard
pbalduino
Implement microkernel message passing IPC for kernel-server communication
Goal
Implement high-performance message passing IPC system for microkernel architecture, enabling communication between kernel and userspace servers.
Context
This is the foundational IPC mechanism required for microkernel conversion. Unlike userspace IPC (pipes, signals), this provides kernel-level message passing for communication between kernel and userspace servers (filesystem, drivers, etc.).
Definition of Done
- Synchronous messaging: Blocking send/receive with rendezvous semantics
- Asynchronous messaging: Non-blocking message queues for performance
- Message types: Structured message format with type identification
- Capability integration: Messages carry capabilities for security
- Zero-copy optimization: Minimize data copying for large messages
- Message routing: Efficient delivery to target servers
- Error handling: Robust error recovery and timeout handling
- Performance optimization: Sub-microsecond message latency for small messages
Message Structure
struct message {
uint32_t type; // Message type identifier
uint32_t sender; // Sender process ID
uint32_t recipient; // Recipient process ID
uint32_t size; // Message payload size
uint32_t flags; // Message flags (async, priority, etc.)
uint64_t timestamp; // Message timestamp
capability_t caps[4]; // Attached capabilities
uint8_t data[]; // Message payload
};
// Message types
#define MSG_SYSCALL 1 // System call request
#define MSG_REPLY 2 // Reply message
#define MSG_INTERRUPT 3 // Interrupt notification
#define MSG_RPC 4 // Remote procedure call
#define MSG_SIGNAL 5 // Signal delivery
System Calls to Implement
// Core message passing
int send_message(pid_t dest, struct message *msg, uint32_t flags);
int receive_message(pid_t src, struct message *msg, uint32_t flags);
int reply_message(pid_t dest, struct message *reply);
// Asynchronous operations
int send_async(pid_t dest, struct message *msg);
int check_messages(struct message *msg, uint32_t timeout_ms);
// Server registration
int register_server(uint32_t service_type, uint32_t flags);
int lookup_server(uint32_t service_type);
IPC Performance Optimizations
Fast Path Optimization
// Optimized path for small messages
struct fast_message {
uint32_t type;
uint32_t data[3]; // 12 bytes of inline data
};
Shared Memory Integration
- Large message payloads via shared memory
- Zero-copy buffer sharing
- Memory region capabilities
- DMA-capable buffer management
Message Batching
- Multiple messages in single syscall
- Vectored I/O for message operations
- Batch processing for performance
Implementation Details
Message Queues
- Per-process incoming message queue
- Priority-based message ordering
- Flow control and backpressure handling
- Memory limits per queue
Capability System Integration
- Messages carry capabilities as attachments
- Capability-based access control
- Secure capability transfer
- Capability revocation support
Server Discovery
- Service registry for server lookup
- Dynamic server registration/unregistration
- Load balancing across multiple servers
- Health monitoring and failover
Testing Strategy
- Test basic send/receive operations
- Test synchronous vs asynchronous messaging
- Test capability transfer security
- Test performance under load
- Test error handling and recovery
- Test server registration and discovery
- Test message queue limits and flow control
Dependencies
- Capability system: Need capability-based security model
- Process management: Need process identification and lifecycle
- Memory management: Need shared memory for large messages
- Timer system: Issue #101 - Need timers for message timeouts
- Scheduler integration: Need IPC-aware scheduling
- Virtual memory: Issue #57 - Need vm_map for shared buffers
Integration Points
- Integrate with system call interface
- Add IPC-aware scheduling policies
- Implement server lifecycle management
- Support interrupt-to-message conversion
Security Considerations
- Validate message addresses and sizes
- Secure capability transfer mechanism
- Prevent message injection attacks
- Resource limits per process
- Audit trail for security-sensitive operations
Files to Create/Modify
- src/kernel/ipc/message.c - Core message passing implementation
- src/kernel/ipc/message.h - Message passing interface
- src/kernel/ipc/capability.c - Capability system
- src/kernel/ipc/server_registry.c - Service discovery
- include/ipc/message.h - Userspace message interface
Error Handling
- ENOENT for non-existent recipients
- ETIMEDOUT for message timeouts
- EMSGSIZE for oversized messages
- ENOSPC for queue full conditions
- EPERM for capability violations
Performance Goals
- Message latency < 1μs for small messages
- Throughput > 1M messages/second
- Zero-copy for messages > 4KB
- Minimal CPU overhead for message operations
- Scalable to hundreds of servers
Microkernel Server Examples
// Filesystem server message handling
while (1) {
struct message msg;
receive_message(ANY_SENDER, &msg, 0);
switch (msg.type) {
case FS_OPEN:
handle_open_request(&msg);
break;
case FS_READ:
handle_read_request(&msg);
break;
// ... other operations
}
}
// Client sending filesystem request
struct message msg = {
.type = FS_OPEN,
.size = sizeof(open_request),
.data = {...}
};
send_message(fs_server_pid, &msg, MSG_SYNC);
Future Enhancements
- Distributed IPC: Network-transparent messaging
- Persistent messages: Disk-backed message queues
- Real-time scheduling: Real-time message priorities
- Message compression: Compressed message payloads
- Encryption: Encrypted inter-server communication
Related Issues
- Prerequisite for microkernel conversion (road_to_microkernel.md)
- Foundation for all microkernel server communication
- Enables secure, isolated server architecture
- Critical for microkernel performance and scalability
