Pilot: An Operating System for a Personal Computer

Notes by Thorsten von Eicken, Jan 27 1998.

Goal

• Small yet sophisticated operating system for a personal computer
• Single user, single language (Mesa), protection against errors, but not malicious attacks
• Networking built into OS
• Separation of mechanism and policy

Features

• Protection based on type safety in Mesa, which is a Madula-2-like language
• Tight integration with Mesa

Integration of filesystem and virtual memory system

• files are named by 64-bit globally unique ids (uids)
• OS provides flat filesystem namespace, files quantized to pages
• immutable files
• file access is by mapping files into the VM address space
• block on disk are self-describing, in-memory filesystem index data structures are independent

Virtual memory

• subdivided into spaces: contiguous regions of VM
• spaces serve for allocation, mapping to files, and swapping units
• hints to VM system to control swapping of spaces

I/O streams and network

• Stream abstraction for OS: transducers and filters
• network integrated into OS, ethernet, non-IP protocols
• sockets, unreliable datagram service, relizble network streams
• each machine can route packets

Implementation

• separation of filesystem and VM system into core operating on in-memory data structures and higher level managers operating on on-disk data structures.
• system debuggert works by saving the entire machine state to disk and loading a new machine state which includes the debugger

Discussion points

• reasons for/against "personal operating systems"
• JavaOS
• problems with filesystem/VM mapping
• benefits/problems of spaces, and swapping policy
• "completeness" of integration of network into OS
• kernel debugger?