Linux Kernel Wish List

See also a broader view of computing in the future that helps set some of these wishes in context. Much of this stuff is very pie-in-the-sky, but hey, why not? Its more fun that way.
Add capabilities
The story of the Confused Deputy provides a good anecdotal introduction to concept of, and the need for, capabilities. Capabilities provide operating system security in ways that traditional Unix security mechanisms do not. In short, a capability is a pair consisting of a permission, and a file or other resource. These pairs are given to a process, which is then allowed to perform the specified action on the specified object.

Note that the difference between this, and traditional security mechanisms is that processes have the authority to do things not because of who they are (owned by root, suid root, owned by a user, etc.) but by the list of capabilities that they have been given.

Note that a limited kind of "capability" can be implemented using ACL's and Unix groups. However, this kind of an implementation is difficult to manage, is error prone, and is missing the tools needed to do it well. In short, its not the right approach -- its a hack.

A very different example of a capability is the coupling of high-priority execution rights to an interrupt. Thus, a kernel thread can catch an urgent interrupt at a very high priority, pre-empting other threads. Once the interrupt has been handled, the thread can resume execution at a lower priority, allowing other threads to run, essentially allowing real-time operation.

Related references:

Add Persistence
Persistence can be thought of as a variation on the suspend/resume capabilities commonly found in laptops. The idea is that the entire OS, including running processes, can be checkpointed & saved to disk, the system powered down, powered back up, and then continue running where it last left off. Some more notes on this are here.

Add Process Migration
Process migration allows a process to be moved from one processor to another.

Note that persistence gets you much of the way towards the ability to migrate a process from one CPU to another.

Merge RAID and LVM Functions
The Linux software RAID and the Logical Volume Mamanger seem to be totally unintegrated projects that in fact should have considerable commonality. It would be nice to have the redundancy and protection of RAID and the convenience and manageability of LVM. See the

On-line System Checking
The ability to run the following tests while the system is live, rather than during boot and/or on unmounted file systems:
  • RAM checks. Ability to run something like the BIOS ram check while system is operating.
  • fsck on mounted file systems.
  • RAID consistency checks on mounted file systems. Should be coupled to fsck so that raid inconsistencies can be resolved based on fsck results.
  • PCI and SCSI health monitoring.
  • Comprehensive system monitoring application. Currently, when installing a popular distribution, one needs to do a lot of additional installation and tweaking to get a full set of system and network performance monitors installed and running. For example, there is *no* package that by default configures CPU temperature *and* network performance.

Wishes Granted

The wishes below got granted somewhere in the 2.2-2.4 kernels.
Layered TCP/IP stack
It would be nice to have a layered, modular approach to TCP/IP. Currently, there are several kernel patches that perform TCP/IP processing, but it is not clear if they are fully compatible: ENskip for encryption, Masquerade for header re-writing, Hasenstein's NAT for a different form of header re-writing, bandwidth limiting for ISP's, and multi-cast/MBone extensions. Certainly, there is no single, unified config infrastructure for these TCP/IP modules.

Work item: clarify the actual compatibilities & incompatibilities in the above. What sort of testing has been done? What parts of a unified layering design have already been done, and are clean? What parts are not?

Can layered TCI/IP be exploited to allow for process checkpointing and migration on a cluster?

References


Copyright (c) 1997, 2000 Linas Vepstas.
July 2000
Contact me: [email protected]


Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.1; with no Invariant Sections, with no Front-Cover Texts, and with no Back-Cover Texts. A copy of the license is included at the URL http://www.linas.org/fdl.html, the web page titled "GNU Free Documentation License".
Return to Enterprise Linux Page
Return to Linas' Home Page