JKernel Software Release 0.91

The J-Kernel software release comes in two flavors: binary and source. Each flavor has three parts: the J-Kernel core packages, the JOS subsystem packages, and the J-Server application. The binary (pre-built) release contains Java class files and C DLLs for Windows NT. The source code release contains the Java and C source code as well as makfiles for compiling.

J-Kernel Core

• Packages: cornell.slk.jkernel, cornell.slk.compiler
• Binary release: Java class files only
• OS/VM supported: NT/MSVM, NT/JDK, Solaris/JDK.

The cornell.slk.jkernel package implements multiple protections domains within a single Java VM. For details on what this means, please refer to the Usenix paper. The package implements tasks which represent the protection domains, capabilities to allow cross-domain communication, and class resolvers to provide each task with its own class namespace (i.e. class loader). As some of the functionality is implemented by rewriting bytecode as it gets loaded, a bytecode rewriter is part of the J-Kernel core and is found in the cornell.slk.compiler package.

JOS subsystems for the J-Kernel

• Package: cornell.slk.jos
• Binary release: Java class files only
• OS/VM supported: NT/MSVM, NT/JDK, Solaris/JDK.

The JOS package implements a number of trusted (privileged) tasks, called subsystems, for the J-Kernel. Subsystems have access to "dangerous" Java classes and they can load native code. They implement the subsystem interface defined in cornell.slk.jos.manager.subsystem. Subsystems are the equivalent of the "OS servers" and "personalities" in conventional microkernels. The JOS is started by the subsystem manager which loads other subsystems by reading a JOS configuration file.

The core JOS package is called cornell.slk.jos.manager and contains the subsystem manager and the subsystem interface. This release contains two subsystem packages: a file subsystem (cornell.slk.jos.file) and an RPC subsystem (cornell.slk.jos.rpc).

The file subsystem provides acces to the local file systems using a capability-based interface. It is also the "backend" that implements the java.io functionality that actually accesses files: when unprivileged tasks load java.io classes they really just get a "front-end" that internally manages capabilities and calls the file subsystem for any real action.

The RPC subsystem provides a simple mechanism for a J-Kernel task to export a capability that can be used by remote J-Kernel.

J-Server: An Extensible Web Server

• Package: cornell.slk.jserver
• Binary release: Java classes and Win32 DLLs
• Platforms supported:
  • J-Server as a stand-alone server: NT/MSVM, NT/JDK, Solaris/JDK.
  • J-Server as an IIS plug-in: NT with IIS 2.0+, MSVM

The J-Server is an extensible web server that allows users to upload untrusted Java code onto the server to service HTTP requests. The J-Server is currently the primary application for the J-Kernel and is used on a daily basis. It is implemented as a JOS subsystem (cornell.slk.jserver.httpserver) and runs as a stand-alone server, as a plug-in for Microsoft's web server (IIS 2.0+), or as a remote J-Server. A remote J-Server is attached to a stand-alone or IIS plug-in J-Server who forwards HTTP requests over the network using JOS RPC or Microsoft's DCOM (available only for the IIS plug-in).

The J-Server distribution also contains:

• A servlet API package (cornell.slk.jserver.servlet) that is very similar to and supports most of the functionality offered by Sun's Java Servlet API (as documented in Sun's Servlet Development Kit).
• A package with two special servlets: a servlet loader (cornell.slk.jserver.servlets.ServletLoader) used for loading and unloading servlets, and a subsystem loader (cornell.slk.jserver.servlets.SubsystemLoader) used for loading and unloading JOS subsystems. These two servlets are installed automatically by the JServer during initialization.
• A package a with a few demo servlets (cornell.slk.jserver.demoservlets).