Linux kernel is one of the most popular and widely used open source operation systems. It has been developed in a procedural manner with the primary focus on the system performance. As a side effect, there are maintainability issues arising due to high coupling in the kernel. The entire kernel source code can be divided into two parts : the core kernel and the device drivers. It is deployed on a wide range of machines and supports numerous hardware devices. The device drivers constitute the majority of the kernel code and are also responsible for the majority of the kernel bugs that are found.
MOOL (Minimalistic Object Oriented Linux) aims at redesigning the Linux kernel to reduce coupling and increase maintainability by means of OO (Object Oriented) abstractions. Excessive common coupling prevails in existing kernel. Studies have shown that common coupling is increasing in successive versions of Linux. This will make maintainability of Linux difficult in coming years. As a starting step we have tried to reduce the number of global variables of the kernel. Some global variables are used only by two or three kernel modules. These are passed as function arguments. The performance of the modified kernel is measured with the standard performance analysis tools. The modified kernel performs almost same as original. MOOL features a device driver framework to write drivers in C++ and insert them as loadable kernel modules.
MOOL Kernel has been developed at DOS ( Distributed and Object Systems) Lab, IIT, Madras.
BOSS is Bharat Operating System Solution, an OS derived from Debian and customized by CDAC, Chennai for Indian environment. BOSS supports almost all Indian languages and hosts a lot of features.
DOS Lab at IIT Madras and CDAC Chennai have integrated the MOOL kernel into BOSS MOOL distribution. BOSS MOOL supports C++ device drivers. This feature is a new offering of BOSS to the Linux community.
Further, the BOSS-MOOL Kernel supports localisation at Console level, which hitherto was not available on any flavors of LINUX.
The students can also develop Message filters. Message filters work by intercepting system calls, built using object-oriented wrappers which provide better maintainability and extensibility, without modifying the existing kernel code. Placing them at the system call level disturbs very little of the kernel code.
Filters are developed as kernel modules, so they can be dynamically added at runtime. When a user makes a system call, it is forwarded transparently to the filter which in-turn will call the actual system call. The users and applications are not aware of the presence of filter model, as there is no change to the user interface. Hence this design provides a transparent way of intercepting messages for the kernel.
For example, the filters can perform biometric verification by adding face recognition or finger print recognition algorithm as policies.
Advantages of Message Filters:
- The message filter model can be used for real time monitoring. One direct application is to build an intrusion detection system that monitors and filters the interactions with the kernel.
- Message filters are in the kernel space. Hence they are safe from manipulations by normal users.
- It provides an ability to add and enforce variety of security policies.
- It also allows implementation of policies in form of (object oriented) code instead of only a static policy data (e.g. policy file written in a DSL or XML).
- Since the model is developed in an object-oriented way abstracting the core functionality of the kernel, adding extensible and maintainable kernel extensions is made easier.
- It can be used to handle device driver failures and protect kernel against exploitation of bugs in the code.