
Ask HN: What's a reasonable microkernel-based OS for desktop usage? - xelxebar
Title question.<p>When I say desktop usage, I mainly mean a full fledged browser. For everything else I mostly have a fully cli workflow.<p>This comes out of me tinkering with more &quot;exotic&quot; OSes like GNU&#x2F;Hurd and Plan 9. I&#x27;ve had fun with the Hurd and would like to learn more by running my day to day on it; however, the hardware support and tooling is unfortunately just too anemic to reasonable do this.<p>Is this kind of thing even possible at the moment? Are there reasons to <i>not</i> want a desktop running some microkernel OS? Am I being unknowingly unreasonable in wanting this?<p>Thanks!
======
oldandtired
Minix 3.3 or 3.4 RC 6. It basically uses clang compiler and the NetBSD package
base.

Using a microkernel as a desktop leaves you in a generally no worse off
position than using something like Linux or Windows. Unless you are intending
to do specific high performance work, then you probably won't see much or any
difference.

I am currently using a Toshiba NB500 netbook running Centos 6.9 as my machine
due to having to support a number of other Centos 6.9 systems. But I am
intending to shift to Minix 3.4 in the latter part of 2017 or early 2018 for
doing certain kinds of development work that I am interested in.

If you have the resources and time, give a variety of systems a go and see
what gives you a better bang for your buck for your circumstances.

~~~
xelxebar
Oh wow. I didn't expect such positive responses. This gives me hope. I'll
definitely look into Minix.

Thanks!

------
joshumax
Can I recommend using a hypervisor like Xen?

While it is technically not an "OS", I find that it offers some of the same
security advantages a server-based microkernel OSes do. Although DomUs aren't
technically privileged userspace processes, it does mitigate the risk of
something like a faulty, kludgy mess of a driver taking down an entire system,
and while I admit it's not as fancy as something like Mach IPC, it does allow
for secure communication between different domains.

And on a personal note, as a former GNU/Hurd dev it does make me happy when I
find people in the wild with interest in its design :)

~~~
ubercow
Interesting. I'd love to know more about workflows around a setup like this.

Is it possible to use Xen as traditional desktop OS with
Keyboard/Mouse/Monitor running X and a Window Manager? Would you run it in a
Dom0 or DomU? How would you switch between them, etc.

~~~
stock_toaster
Might be worth looking into QubesOS[1]. It uses Xen to compartmentalize
things. Never used it myself though.

[1]:
[https://en.wikipedia.org/wiki/Qubes_OS](https://en.wikipedia.org/wiki/Qubes_OS)

~~~
Ojamaflip
I often go back and give Qubes_OS a try but then it lets me down with USB
passthrough for a lot of devices I need - not least a USB tethered Internet
connection (or USB Networking). It just is so complicated that I gave up and
I'll look again when they get to version 4.

------
sysdyne
Redox OS is a interesting project although it's not ready for prime time usage
since it lacks applications. [https://www.redox-os.org/](https://www.redox-
os.org/)

------
zapperdapper
Why micro-kernel in particular? Just curious.

Early stages, but you could take a look at this OS written from scratch by
someone with an amazing track record in OS development:

[https://github.com/vygr/ChrysaLisp](https://github.com/vygr/ChrysaLisp)

Some pretty cool stuff there to get your teeth into...

~~~
xelxebar
I don't really have a good technical reason. Mainly just curiosity.

Over the course of the years of me tinkering, I seem to keep trimming my tools
to slimmer and slimmer things that I feel I can grok fully. This has me at the
point where I think of an OS as "just" a thin layer on top of the kernel
syscall API.

So curiosity now has me asking about implementation details of the syscalls
and all that jazz. I have the linux source tree on my machine and do poke
around, but the sheer size is somewhat daunting.

So my reason for asking about a micro-kernel in particular comes from a
combination of liking "minimality", wanting to see different approaches to
kernel design, and wanting to grok the "full stack".

Anyway. Thanks for the pointer to ChrysaLisp. Looks interesting!

~~~
zapperdapper
Ah OK I see. Yes as others have pointed out Minix. But for something you can
really understand have a look at Xinu - small and very minimal, there's a
great book on it too. You probably aren't going to run Xinu as your main
desktop though! ;)

Others worth mentioning are SkyOS. I don't think Robert has worked on it for
years, but I believe the source code is still available and there used to be
quite a lot of very readable documentation outlining the architecture.

ChrysaLisp is certainly one to watch. He's the guy behind the now defunct Tao
OS. The Tao tech was way too far ahead of its time. Maybe now is the time...

------
snvzz
The hurd unfortunately isn't pure microkernel multiserver architecture, but a
mere hybrid, as they run a lot in supervisor mode for performance reasons, to
do with limitations of the MACH microkernel they do use. It has about 0
developers on any given time, with the occasional work being done. There's
been no real (fundamental) progress on it for over a decade. The issues in the
hurd critique paper haven't been addressed, and the L4 port failed. Your time
is best spent elsewhere.

Take your pick from microkernel.info.

If you want it to be open source and you want to be able to work with it to
some extent, however, there's compromises involved (the main one being that
hardware support is terrible), but the latest Minix 3.4 release candidate is
about the only such system that will do that for you, and the closest there is
to replacing monolithic unix as a general purpose OS. It specifically tries to
be a replacement for netbsd, sharing most of its userspace.

------
bananicorn
QNX springs to mind in that case, but I'm not sure if it's really viable as a
day-to-day OS. There's a distro of it out there somewhere, I guess.

(Usually it's used in embedded systems)

~~~
harryf
This looks a little promising
[https://membarrier.wordpress.com/2017/04/12/qnx-7-desktop/](https://membarrier.wordpress.com/2017/04/12/qnx-7-desktop/)

~~~
j_s
Discussion:
[https://news.ycombinator.com/item?id=14230112](https://news.ycombinator.com/item?id=14230112)
(91 comments; April 2017)

------
jimmies
>the hardware support and tooling is unfortunately just too anemic to
reasonable do this.

Not sure about tooling, but I think hardware, one of the two problems you
mentioned can be solved by virtualizing. You can run the micro kernel-based OS
in a VM and hardware support usually will get better because it is standard.
If you don't like the feeling of running the OS inside a window in the host
OS, you can assign the whole machine to a graphics card and a set of keyboard
and mouse with pass through (io-mmu/VT-d) on Linux KVM. That way, you only
have to worry about a compatible graphics card, and everything else is
emulated and standard.

I haven't tried any micro kernel-based OS myself but I had a very good luck
running both Windows and macOS virtualized on my Ivy Bridge desktop system I
built 7 years ago running Fedora as the host OS. It's freaking amazing and I
suffer almost no performance degradation.

~~~
walterbell
Which version of macOS and distro do you use? Are there good docs for setting
it up?

~~~
jimmies
I largely followed the guide on OSX-KVM repo on github. For the GPU to work, I
used an AMD RX-560. After installing El Capitan with a virtual graphics card,
I upgraded to High Sierra and passthrough the card.

It took a while, but worth the troubles.

------
auvrw
> Am I being unknowingly unreasonable in wanting this?

i don't think so. or if you are, then i am too. or it depends on how much you
want this and why.

i lurked on the Hurd IRC about 5 or 6 years ago, and i get the sense that
developing these systems is a lot about the journey of development. it seemed
as though most people who were running the Hurd used hardware virtualization.

the browser can certainly be viewed as block to minimality. have you tried
elinks? could a V7-like JS runtime replace JITing it?

i don't have answers to these questions. i do think framing the original
question around minimal webbrowsers (where "minimal" means it can be run on
Minix or similar) is insightful and appropriate to the forum. thanks for
posting this question!

~~~
xelxebar
Thanks for the positive feedback! It's really encouraging.

I've opened elinks here and there in the past, but have never really given it
a fair chance. You've motivated me. At the moment I run almost completely in a
browser called UZBL and have javascript and cookies disable. The web, or at
least the part I intersect with, is surprisingly useful like this.

Assuming we could move to elinks, then the question becomes one of supporting
minimal tooling for the various mimetypes, like video. The main annoyance I
would expect is from bank websites, which tend to have really narrow browser
requirements.

------
robotbikes
I'd suggest HelenOS - see [http://helenos.org](http://helenos.org) they have
hardware support for sound and USB filesystems etc that I think is lacking in
Minix 3 but I don't think they have a web browser at this point. The main
reason there isn't a microkernel OS is that nobody has invested the time into
making one work, especially considering the popularity of Linux for free
software advocates and Windows/MacOS for everyone else.

------
garrybelka
L4 might be an option.
[http://l4hq.org/projects/os/](http://l4hq.org/projects/os/)

------
bwbw223
Redox is looking pretty good now...

[https://www.redox-os.org/](https://www.redox-os.org/)

------
kobeya
MINIX 3?

~~~
pabloski
Yes. And Redox too, however it is not even production ready. Also Haiku too,
technically it is hybrid kernel based, but...

------
jdub
Genode lets you choose from a range of microkernels on which you'd like the
system to run.

------
thatfrenchguy
Windows ?

~~~
rffn
Well, according to Tanenbaum, Windows is a hybrid too: „Windows NT 3.1 was a
half-hearted attempt at a microkernel system, but it wasn’t done right and the
performance wasn't good enough on the hardware of the early 1990s, so it gave
up on the idea for a while.“ [http://www.cs.vu.nl/~ast/reliable-
os/](http://www.cs.vu.nl/~ast/reliable-os/)

The newest Windows version the article mentions is Vista. I am not aware
though of such fundamental changes to the Windows kernel as would be needed to
make it a true micro kernel.

~~~
StillBored
Its a "hybrid" because its designed to behave and look like a micro-kernel,
but instead of full subsystem/process isolation, all of the kernel subsystems
exist in a single address space (although I guess this could be argued in the
context of hyper-v not to be entirely true).

This means that instead of incurring a full context/privilege switch just to
pass messages between components, the messages go through (say the IO manager
with an IRP) the subsystem controllers with simple function calls and
effectively shared data structures (although its designed not to look that
way).

Because its compartmentalized like this, it would actually surprise me if
somewhere in MS research/etc they don't have a full context switching version
of the kernel running. Such a project would if nothing else help to catch
"bugs" and validate the subsystem and drivers aren't misbehaving. Of course
driver verifier achieves most of this goal by itself with simpler checks.

OTOH, while the idea of a micro-kernel helps to solve a lot of
development/design issues I'm not sure an actual implementation buys you much
over the NT approach. That is, while its easy to say "just restart the storage
subsystem" implementing something that is capable of getting the state right
in a microkernel environment sufficiently that a bug which takes down a
critical subsystem isn't repeatably fatal (or just drops important filesystem
updates/whatever) likely creates even more complexity in which latent bugs can
hide. Particularly in the face of buggy hardware where the driver is trying to
avoid/work around a hardware misbehavior, doing something like restarting a
disk controller won't necessarily unwedge a stuck command queue in the
hardware.

So, that said, I think if you keep the crappware (most "security" software for
starters, maybe certain GPU drivers too) off a windows system its really rare
to have windows crash. In the past 15 years I can't actually remember the last
crash I saw on a machine running only WHKL qualified drivers, and i've never
seen a crash on a server core machine.. etc...

~~~
snvzz
>I'm not sure an actual implementation buys you much over the NT approach.

As an introduction to that, I'd suggest reading
[https://en.wikipedia.org/wiki/MINIX_3#Reliability_policies](https://en.wikipedia.org/wiki/MINIX_3#Reliability_policies)

as most of that is tied to the pure microkernel multiserver approach, with
strictly only the microkernel running in supervisor mode.

If you want to go into more depth, then I'm going to suggest

[https://ts.data61.csiro.au/projects/TS/publications.pml](https://ts.data61.csiro.au/projects/TS/publications.pml)

[https://microkerneldude.wordpress.com/](https://microkerneldude.wordpress.com/)

And, of course, if what worries you is performance, then look into:
[http://blog.darknedgy.net/technology/2016/01/01/0/](http://blog.darknedgy.net/technology/2016/01/01/0/)

~~~
StillBored
I could point for each bullet point in your minux link how structuring your
code like a microkernel (and a debug/instrumented build) solves the same
problems, but I'm to tired to bother.

Lets just say, that in two decades of writing drivers and OS internals, i've
shifted my opinions away from being a strong micro-kernel advocate toward a
hybrid approach similar to what NT does.

Also, per you last link, i'm still one of the people who think virtualization
and non zero copy syscalls adds too much overhead. Burning up 100% of a core
to copy packets between userspace, the kernel, and then DMA'ing them to the
device is pointlessly slow. Adding in a copies between kernel subsystems is
worse and can't be avoided as easily as something like the NT registered I/O
model. There are whole projects (dpdk for example) for which that single
context switch/copy is to much too.

~~~
snvzz
>but I'm to tired to bother.

By all means, do. As far as I can see, these do not work without the enforced
isolation of running as userspace processes.

>Burning up 100% of a core to copy packets between userspace, the kernel, and
then DMA'ing them to the device is pointlessly slow.

That's not how it usually works.

------
theonewolf
Mac OS?

~~~
saagarjha
macOS is based on XNU, which is a “hybrid” kernel IIRC.

------
quuquuquu
[removed due to witch hunting]

~~~
geocar
While your enthusiasm makes me smile, Lubuntu is not a microkernel[1]

[1]:
[https://en.wikipedia.org/wiki/Microkernel](https://en.wikipedia.org/wiki/Microkernel)

~~~
quuquuquu
Wow, learned something new! I guess I never understood they existed :)

Good luck everyone!

