Hubbry Logo
Mach (kernel)Mach (kernel)Main
Open search
Mach (kernel)
Community hub
Mach (kernel)
logo
7 pages, 0 posts
0 subscribers
Be the first to start a discussion here.
Be the first to start a discussion here.
Mach (kernel)
Mach (kernel)
Mach (kernel)
View on Wikipedia
from Wikipedia

Mach
DevelopersRichard Rashid
Avie Tevanian
Initial release1985; 40 years ago (1985)
Stable release
3.0 / 1994; 31 years ago (1994)
PlatformIA-32, x86-64, MIPS, ARM32, Aarch64, m88k
TypeMicrokernel
WebsiteThe Mach Project

Mach (/mɑːk/)[1] is an operating system kernel developed at Carnegie Mellon University by Richard Rashid and Avie Tevanian to support operating system research, primarily distributed and parallel computing. Mach is often considered one of the earliest examples of a microkernel. However, not all versions of Mach are microkernels. Mach's derivatives are the basis of the operating system kernel in GNU Hurd and of Apple's XNU kernel used in macOS, iOS, iPadOS, tvOS, and watchOS.

The project at Carnegie Mellon ran from 1985 to 1994,[2] ending with Mach 3.0, which is a true microkernel. Mach was developed as a replacement for the kernel in the BSD version of Unix, not requiring a new operating system to be designed around it. Mach and its derivatives exist within several commercial operating systems, including all those using the XNU operating system kernel, which incorporates an earlier non-microkernel version of Mach as a major component. The Mach virtual memory management system was also adopted in 4.4BSD by the BSD developers at CSRG,[3] and appears in modern BSD-derived Unix systems such as FreeBSD.

Mach is the logical successor to Carnegie Mellon's Accent kernel. Mach's lead developer Richard Rashid has been employed at Microsoft since 1991; he founded the Microsoft Research division. Co-founding Mach developer Avie Tevanian, was formerly head of software at NeXT, then Chief Software Technology Officer at Apple Inc. until March 2006.[4][2]

History

[edit]

Name

[edit]

The developers rode bicycles to lunch through rainy Pittsburgh's mud puddles, and Tevanian joked the word "muck" could form a backronym for their Multi-User (or Multiprocessor Universal) Communication Kernel. Italian CMU engineer Dario Giuse[5] later asked project leader Rick Rashid about the project's current title and received "MUCK" as the answer, though not spelled out but just pronounced /mʌk/. According to the Italian alphabet, he wrote "Mach". Rashid liked Giuse's spelling "Mach" so much that it prevailed.[6]: 103 

Unix pipes

[edit]

A key concept in the original Unix operating system is the idea of a pipe. A pipe is an abstraction allowing data to be moved as an unstructured stream of bytes between programs. Using pipes, users can link together multiple programs to complete tasks, feeding data through several consecutive small programs. This contrasts with typical operating systems of the era, which require a single large program that can handle the entire task, or alternately, used files to pass data, which was resource-expensive and time-consuming.[citation needed]

Pipes were built on the underlying input/output system. This system is, in turn, based on a model where drivers are expected to periodically "block" while they wait for tasks to complete. For instance, a printer driver might send a line of text to a line printer and then have nothing to do until the printer completes printing that line. In this case, the driver indicates that it was blocked, and the operating system allows some other program to run until the printer indicates it is ready for more data. In the pipes system the limited resource was memory, and when one program filled the memory assigned to the pipe, it would naturally block. Normally this would cause the consuming program to run, emptying the pipe again. In contrast to a file, where the entire file has to be read or written before the next program can use it, pipes made the movement of data across multiple programs occur in a piecemeal fashion without any programmer intervention.[citation needed]

However, implementing pipes in memory buffers forced data to be copied from program to program, a time-consuming and resource intensive operation. This made the pipe concept unsuitable for tasks where quick turnaround or low latency was needed, such as in most device drivers. The operating system's kernel and most core functionality was instead written in a single large program. When new functionality, such as computer networking, was added to the operating system, the size and complexity of the kernel grew, too.[citation needed]

New concepts

[edit]

Unix pipes offered a conceptual system that could be used to build arbitrarily complex solutions out of small cooperating programs. These smaller programs were easier to develop and maintain, and had well-defined interfaces that simplified programming and debugging. These qualities are even more valuable for device drivers, where small size and bug-free performance was extremely important. There was a strong desire to model the kernel on the same basis of small cooperating programs.[citation needed]

One of the first systems to use a pipe-like system underpinning the operating system was the Aleph kernel developed at the University of Rochester. This introduced the concept of ports, which were essentially a shared memory implementation. In Aleph, the kernel was reduced to providing access to the hardware, including memory and the ports, while conventional programs using the ports system implemented all behavior, from device drivers to user programs. This concept greatly reduced the size of the kernel, and permitted users to experiment with different drivers simply by loading them and connecting them together at runtime. This greatly eased the problems when developing new operating system code, which would otherwise require the machine to be restarted. The overall concept of a small kernel and external drivers became known as a microkernel.[citation needed]

Aleph was implemented on Data General Eclipse minicomputers and was tightly bound to them. This machine was far from ideal, since it required memory to be copied between programs, which resulted in considerable performance overhead. It was also quite expensive. Nevertheless, Aleph proved that the basic system was sound, and went on to demonstrate computer clustering by copying the memory over an early Ethernet interface.[citation needed]

Around this time a new generation of central processors (CPUs) were coming to market, offering a 32-bit address space and (initially optional) support for a memory management unit (MMU). The MMU handled the instructions needed to implement a virtual memory system by keeping track of which pages of memory were in use by various programs. This offered a new solution to the port concept, using the copy-on-write (COW) mechanism provided by the virtual memory system. Instead of copying data between programs, all that was required was to instruct the MMU to provide access to that same memory. This system would implement the interprocess communications (IPC) system with dramatically higher performance.[citation needed]

This concept was picked up at Carnegie-Mellon, who adapted Aleph for the PERQ workstation and implemented it using copy-on-write. The port was successful, but the resulting Accent kernel was of limited practical use because it did not run existing software. Moreover, Accent was as tightly tied to PERQ as Aleph was to the Eclipse.[citation needed]

Mach

[edit]

The major change between these experimental kernels and Mach was the decision to make a version of the existing 4.2BSD kernel re-implemented on the Accent message-passing concepts. Such a kernel would be binary compatible with existing BSD software, making the system immediately available for everyday use while still being a useful experimental platform. Additionally, the new kernel would be designed from the start to support multiple processor architectures, even allowing heterogeneous clusters to be constructed. In order to bring the system up as quickly as possible, the system would be implemented by starting with the existing BSD code, and gradually re-implementing it as inter-process communication-based (IPC-based) programs. Thus Mach would begin as a monolithic system similar to existing UNIX systems, and progress toward the microkernel concept over time.[4]

Mach started largely being an effort to produce a clearly defined, UNIX-based, highly portable Accent. The result was a short list of generic concepts:[7][8]

  • a "task" is a set of system resources that produce "threads" to run
  • a "thread" is a single unit of execution, existing within the context of a task and shares the task's resources
  • a "port" is a protected message queue for communication between tasks; tasks own send and receive rights (permissions) to each port.
  • "messages" are collections of typed data, they can only be sent to ports—not specifically tasks or threads

Mach developed on Accent's IPC concepts, but made the system much more UNIX-like in nature, making it possible to run UNIX programs with little or no modification. To do this, Mach introduced the port, representing each endpoint of a two-way IPC. Ports had a concept of permissions like files under UNIX, permitting a very UNIX-like model of protection to be applied to them. Additionally, Mach allowed any program to handle privileges that would normally be given to the operating system only, in order to permit user space programs to handle things such as controlling hardware.

Under Mach, and like UNIX, the operating system again becomes primarily a collection of utilities. As with UNIX, Mach keeps the concept of a driver for handling the hardware. Therefore, all the drivers for the present hardware have to be included in the microkernel. Other architectures based on hardware abstraction layer or exokernels could move the drivers out of the microkernel.

The main difference with UNIX is that instead of utilities handling files, they can handle any "task". More operating system code was moved out of the kernel and into user space, resulting in a much smaller kernel and the rise of the term microkernel. Unlike traditional systems, under Mach a process, or "task", can consist of a number of threads. While this is common in modern systems, Mach was the first system to define tasks and threads in this way. The kernel's job was reduced from essentially being the operating system to running the "utilities" and providing them access to the hardware.

The existence of ports and the use of IPC is perhaps the most fundamental difference between Mach and traditional kernels. Under UNIX, calling the kernel consists of an operation named a system call or trap. The program uses a library to place data in a well known location in memory and then causes a fault, a type of error. When a system is first started, its kernel is set up to be the "handler" of all faults; thus, when a program causes a fault, the kernel takes over, examines the information passed to it, then carries out the instructions.

Under Mach, the IPC system was used for this role instead. To call system functionality, a program would ask the kernel for access to a port, then use the IPC system to send messages to that port. Although sending a message requires a system call, just as a request for system functionality on other systems requires a system call, under Mach sending the message is pretty much all the kernel does; handling the actual request would be up to some other program.

Thread and concurrency support benefited by message passing with IPC mechanisms since tasks now consist of multiple code threads which Mach could freeze and unfreeze during message handling. This permits the system to be distributed over multiple processors, either by using shared memory directly as in most Mach messages, or by adding code to copy the message to another processor if needed. In a traditional kernel this is difficult to implement; the system has to be sure that different programs do not try to write to the same region of memory from different processors. However, using Mach ports makes this well defined and easy to implement, so Mach ports were made first-class citizens in that system.

The IPC system initially had performance problems, so a few strategies were developed to improve performance. Like its predecessor, Accent, Mach used a single shared-memory mechanism for physically passing the message from one program to another. Physically copying the message would be too slow, so Mach relies on the machine's memory management unit (MMU) to quickly map the data from one program to another. Only if the data is written to would it have to be physically copied, a process called "copy-on-write".

Messages were also checked for validity by the kernel, to avoid bad data crashing one of the many programs making up the system. Ports were deliberately modeled on the UNIX file system concepts. This permits the user to find ports using existing file system navigation concepts, as well as assigning rights and permissions as they would on the file system.

Development under such a system would be easier. Not only would the code being worked on exist in a traditional program that could be built using existing tools, it could also be started, debugged and killed off using the same tools. With a monokernel a bug in new code would take down the entire machine and require a reboot, whereas under Mach this would require only that the program be restarted. Additionally the user could tailor the system to include, or exclude, whatever features they required. Since the operating system was simply a collection of programs, they could add or remove parts by simply running or killing them as they would any other program.

Finally, under Mach, all of these features were deliberately designed to be extremely platform neutral. To quote one text on Mach:

Unlike UNIX, which was developed without regard for multiprocessing, Mach incorporates multiprocessing support throughout. Its multiprocessing support is also exceedingly flexible, ranging from shared memory systems to systems with no memory shared between processors. Mach is designed to run on computer systems ranging from one to thousands of processors. In addition, Mach is easily ported to many varied computer architectures. A key goal of Mach is to be a distributed system capable of functioning on heterogeneous hardware.[9]

There are a number of disadvantages, however. A relatively mundane one is that it is not clear how to find ports. Under UNIX this problem was solved over time as programmers agreed on a number of "well known" locations in the file system to serve various duties. While this same approach worked for Mach's ports as well, under Mach the operating system was assumed to be much more fluid, with ports appearing and disappearing all the time. Without some mechanism to find ports and the services they represented, much of this flexibility would be lost.

Development

[edit]

Mach was initially hosted as additional code written directly into the existing 4.2BSD kernel, allowing the team to work on the system long before it was complete. Work started with the already functional Accent IPC/port system, and moved on to the other key portions of the OS: tasks, threads, and virtual memory. As portions were completed various parts of the BSD system were re-written to call into Mach, and a change to 4.3BSD was also made during this process.

By 1986 the system was complete to the point of being able to run on its own on the DEC VAX. Although doing little of any practical value, the goal of making a microkernel was realized. This was soon followed by versions on the IBM RT PC and for Sun Microsystems 68030-based workstations, proving the system's portability. By 1987 the list included the Encore Multimax and Sequent Balance machines, testing Mach's ability to run on multiprocessor systems. A public Release 1 was made that year, and Release 2 followed the next year.

Throughout this time the promise of a "true" microkernel had not yet been delivered. These early Mach versions included the majority of 4.3BSD in the kernel, a system known as a POE Server, resulting in a kernel that was actually larger than the UNIX it was based on. The idea, however, was to move the UNIX layer out of the kernel into user-space, where it could be more easily worked on and even replaced outright. Unfortunately performance proved to be a major problem, and a number of architectural changes were made in order to solve this problem. Unwieldy UNIX licensing issues also plagued researchers, so this early effort to provide a non-licensed UNIX-like system environment continued to find use, well into the further development of Mach.

The resulting Mach 3 was released in 1990, and generated intense interest. A small team had built Mach and ported it to a number of platforms, including complex multiprocessor systems which were causing serious problems for older-style kernels. This generated considerable interest in the commercial market, where a number of companies were considering changing hardware platforms. If the existing system could be ported to run on Mach, it seemed it would then be easy to change the platform underneath.

Mach received a major boost in visibility when the Open Software Foundation (OSF) announced they would be hosting future versions of OSF/1 on Mach 2.5, and were investigating Mach 3 as well. Mach 2.5 was also selected for the NeXTSTEP system and a number of commercial multiprocessor vendors. Mach 3 led to a number of efforts to port other operating systems parts for the microkernel, including IBM's Workplace OS and several efforts by Apple to build a cross-platform version of the classic Mac OS.[10] Support for running DOS applications in a Mach 3.0 environment was demonstrated by researchers, following on from earlier work running the classic Mac OS and MultiFinder under Mach 2.5.[11] A research project at Digital Equipment Corporation investigated the feasibility of hosting OpenVMS on top of the Mach 3 kernel, and created a proof of concept with a subset of VMS' features.[12]

Performance issues

[edit]

Mach was originally intended to be a replacement for classical monolithic UNIX, and for this reason contained many UNIX-like ideas. For instance, Mach provided a permissions and security system similar to that used by UNIX's file system. Since the kernel was privileged (running in kernel-space) over other OS servers and software, it was possible for malfunctioning or malicious programs to send it commands that would cause damage to the system, and for this reason the kernel checked every message for validity. Additionally most of the operating system functionality was to be located in user-space programs, so this meant there needed to be some way for the kernel to grant these programs additional privileges, e.g. to directly access hardware.

Some of Mach's more esoteric features were also based on this same IPC mechanism. For instance, Mach was able to support multi-processor machines with ease. In a traditional kernel extensive work needs to be carried out to make it reentrant or interruptible, as programs running on different processors could call into the kernel at the same time. Under Mach, the bits of the operating system are isolated in servers, which are able to run, like any other program, on any processor. Although in theory the Mach kernel would also have to be reentrant, in practice this is not an issue because its response times are so fast it can simply wait and serve requests in turn. Mach also included a server that could forward messages not just between programs, but even over the network, which was an area of intense development in the late 1980s and early 1990s.

Unfortunately, the use of IPC for almost all tasks turned out to have serious performance impact. Benchmarks on 1997 hardware showed that Mach 3.0-based UNIX single-server implementations were about 50% slower than native UNIX.[13][14]

Study of the exact nature of the performance problems turned up a number of interesting facts. One was that the IPC was not the problem: there was some overhead associated with the memory mapping needed to support it, but this added only a small amount of time to making a call. The rest, 80% of the time being spent, was due to additional tasks the kernel was running on the messages. Primary among these was the port rights checking and message validity. In benchmarks on an 486DX-50, a standard UNIX system call took an average of 21μs to complete, while the equivalent operation with Mach IPC averaged 114μs. Only 18μs of this was hardware related; the rest was the Mach kernel running various routines on the message.[15] Given a syscall that does nothing, a full round-trip under BSD would require about 40μs, whereas on a user-space Mach system it would take just under 500μs.

When Mach was first being seriously used in the 2.x versions, performance was slower than traditional monolithic operating systems, perhaps as much as 25%.[1] This cost was not considered particularly worrying, however, because the system was also offering multi-processor support and easy portability. Many felt this was an expected and acceptable cost to pay. When Mach 3 attempted to move most of the operating system into user-space, the overhead became higher still: benchmarks between Mach and Ultrix on a MIPS R3000 showed a performance hit as great as 67% on some workloads.[16]

For example, getting the system time involves an IPC call to the user-space server maintaining system clock. The caller first traps into the kernel, causing a context switch and memory mapping. The kernel then checks that the caller has required access rights and that the message is valid. If it is, there is another context switch and memory mapping to complete the call into the user-space server. The process must then be repeated to return the results, adding up to a total of four context switches and memory mappings, plus two message verifications. This overhead rapidly compounds with more complex services, where there are often code paths passing through many servers.

This was not the only source of performance problems. Another centered on the problems of trying to handle memory properly when physical memory ran low and paging had to occur. In the traditional monolithic operating systems the authors had direct experience with which parts of the kernel called which others, allowing them to fine-tune their pager to avoid paging out code that was about to be used. Under Mach this was not possible because the kernel had no real idea what the operating system consisted of. Instead they had to use a single one-size-fits-all solution, which added to the performance problems. Mach 3 attempted to address this problem by providing a simple pager, relying on user-space pagers for better specialization. But this turned out to have little effect. In practice, any benefits it had were wiped out by the expensive IPC needed to call it in.

Other performance problems were related to Mach's support for multiprocessor systems. From the mid-1980s to the early 1990s, commodity CPUs grew in performance at a rate of about 60% a year, but the speed of memory access grew at only 7% a year. This meant that the cost of accessing memory grew tremendously over this period, and since Mach was based on mapping memory around between programs, any "cache miss" made IPC calls slow.

Potential solutions

[edit]

IPC overhead is a major issue for Mach 3 systems. However, the concept of a multi-server operating system is still promising, though it still requires some research. The developers have to be careful to isolate code into modules that do not call from server to server. For instance, the majority of the networking code would be placed in a single server, thereby minimizing IPC for normal networking tasks.

Most developers instead stuck with the original POE concept of a single large server providing the operating system functionality.[17] In order to ease development, they allowed the operating system server to run either in user-space or kernel-space. This allowed them to develop in user-space and have all the advantages of the original Mach idea, and then move the debugged server into kernel-space in order to get better performance. Several operating systems have since been constructed using this method, known as co-location, among them Lites, MkLinux, OSF/1, and NeXTSTEP/OPENSTEP/macOS. The Chorus microkernel made this a feature of the basic system, allowing servers to be raised into the kernel space using built-in mechanisms.

Mach 4 attempted to address these problems with a more radical set of upgrades. In particular, it was found that program code was typically not writable, so potential hits due to copy-on-write were rare. Thus it made sense to not map the memory between programs for IPC, but instead migrate the program code being used into the local space of the program. This led to the concept of "shuttles" and it seemed performance had improved, but the developers moved on with the system in a semi-usable state. Mach 4 also introduced built-in co-location primitives, making it a part of the kernel.

By the mid-1990s, work on microkernel systems was largely stagnant, although the market had generally believed that all modern operating systems would be microkernel based by the 1990s. The primary remaining widespread uses of the Mach kernel are Apple's macOS and its sibling iOS, which run atop a heavily modified hybrid Open Software Foundation Mach Kernel (OSFMK 7.3) called "XNU"[18] also used in OSF/1.[10] In XNU, the file systems, networking stacks, and process and memory management functions are implemented in the kernel; and file system, networking, and some process and memory management functions are invoked from user mode via ordinary system calls rather than message passing;[19][20] XNU's Mach messages are used for communication between user-mode processes, and for some requests from user-mode code to the kernel and from the kernel to user-mode servers.

Second-generation microkernels

[edit]

Further analysis demonstrated that the IPC performance problem was not as obvious as it seemed. Recall that a single-side of a syscall took 20μs under BSD[3] and 114μs on Mach running on the same system.[2] Of the 114, 11 were due to the context switch, identical to BSD.[14] An additional 18 were used by the MMU to map the message between user-space and kernel space.[3] This adds up to only 29μs, longer than a traditional syscall, but not by much.

The rest, the majority of the actual problem, was due to the kernel performing tasks such as checking the message for port access rights.[6] While it would seem this is an important security concern, in fact, it only makes sense in a UNIX-like system. For instance, a single-user operating system running a cell phone or robot might not need any of these features, and this is exactly the sort of system where Mach's pick-and-choose operating system would be most valuable. Likewise Mach caused problems when memory had been moved by the operating system, another task that only really makes sense if the system has more than one address space. DOS and the early Mac OS have a single large address space shared by all programs, so under these systems the mapping did not provide any benefits.

These realizations led to a series of second generation microkernels, which further reduced the complexity of the system and placed almost all functionality in the user space. For instance, the L4 kernel (version 2) includes only seven system calls and uses 12k of memory,[3] whereas Mach 3 includes about 140 functions and uses about 330k of memory.[3] IPC calls under L4 on a 486DX-50 take only 5μs,[20] faster than a UNIX syscall on the same system, and over 20 times as fast as Mach. Of course this ignores the fact that L4 is not handling permissioning or security; but by leaving this to the user-space programs, they can select as much or as little overhead as they require.

The potential performance gains of L4 are tempered by the fact that the user-space applications will often have to provide many of the functions formerly supported by the kernel. In order to test the end-to-end performance, MkLinux in co-located mode was compared with an L4 port running in user-space. L4 added about 5%–10% overhead,[14] compared to Mach's 29%.[14]

Software based on Mach

[edit]

The following is a list of operating system kernels derived from Mach and operating systems with kernels derived from Mach:

See also

[edit]

References

[edit]
[edit]
Revisions and contributorsEdit on WikipediaRead on Wikipedia

Mach (kernel)

View on Grokipedia
from Grokipedia
Mach is a microkernel originally developed at Carnegie Mellon University (CMU) in the 1980s as a flexible and extensible foundation for building operating systems, particularly emphasizing support for multiprocessing, distributed computing, and compatibility with Unix environments. Conceived by Richard Rashid and Avie Tevanian, among others, as an evolution from the earlier Accent kernel, Mach aimed to simplify kernel design by minimizing core functionality and delegating higher-level services like file systems and device drivers to user-space servers, enabling easier customization and portability across hardware architectures. Key innovations in Mach include its interprocess communication (IPC) mechanism using ports and messages for secure, location-independent data exchange; integrated virtual memory management with support for memory objects and copy-on-write optimization; and lightweight threads within tasks to facilitate parallelism without the overhead of full processes. The project, active from 1985 to 1994, produced notable versions such as Mach 3.0, which achieved full compatibility with 4.3BSD Unix and was ported to platforms including VAX, Sun-3, IBM RT-PC, and multiprocessors like the IBM RP3. Mach's design principles influenced subsequent systems, including the Open Software Foundation's OSF/1 (precursor to OS X's XNU kernel), NeXTSTEP, and the GNU Hurd project, establishing it as a cornerstone of microkernel research.

Introduction

Overview

Mach is a microkernel operating system developed at (CMU) starting in 1985 by and his team, including , to facilitate research in operating systems, particularly distributed and multiprocessor environments. The project, evolving from the earlier Accent kernel, aimed to create a foundational platform that could replace the kernel in systems like Berkeley UNIX 4.3BSD, allowing for advanced experimentation in OS design while maintaining compatibility with existing UNIX applications. The core goal of Mach was to provide a flexible, modular kernel that prioritized extensibility, portability, and separation of OS services into user-space components over raw performance in its initial iterations. This design enabled researchers to experiment with novel OS structures, such as moving traditional kernel functions like file systems and device drivers outside the kernel proper, using message-passing for . By emphasizing modularity, Mach supported heterogeneous hardware and , influencing subsequent OS research and implementations. Mach's development spanned from its inception in through early versions in the mid-1980s, culminating in Mach 3.0 around 1989, which established it as a pure with UNIX emulation in user space. The project at CMU concluded in 1994, but Mach's innovations significantly impacted designs, such as Apple's kernel used in macOS.

Key Features

Mach adopts a philosophy, providing a minimal set of primitive kernel functions while delegating most operating services—such as file systems and device drivers—to user-space servers implemented as separate tasks. This design emphasizes extensibility and , allowing the kernel to focus solely on core mechanisms like and , with higher-level functionality provided by external servers. Central to Mach's is its port-based object model, where ports serve as the primary for kernel objects, enabling secure and flexible communication between components. Ports function as protected queues that represent resources such as threads, regions, or devices, supporting capability-based by allowing tasks to grant or revoke through port operations. In the task-port model, tasks own ports as capabilities, which facilitates location-transparent and secure interactions, as operations on tasks or their contents are invoked via messages sent to these ports. Mach provides robust multithreading support by separating the concepts of tasks and threads: a task represents a collection of resources including an , while lightweight threads within a task handle execution and concurrency. This allows multiple threads to share the task's resources efficiently, enabling fine-grained parallelism particularly suited for multiprocessor environments. The kernel's design prioritizes portability across diverse hardware architectures, with machine-independent components for and communication that enable deployment on platforms ranging from uniprocessors like the VAX to multiprocessors such as the Encore MultiMax. This separation of hardware-dependent code minimizes porting efforts, allowing the same kernel binary to run on compatible systems without modification.

Historical Development

Origins and Influences

The development of the Mach kernel was deeply rooted in Carnegie Mellon University's (CMU) research on distributed and multiprocessor operating systems during the early . The project, initiated in 1981, aimed to create a network of personal scientific workstations and produced the Accent kernel as a communication-oriented system emphasizing for (IPC). Accent evolved from earlier CMU efforts like the RIG system at the , which introduced port-based but was limited by small message sizes and lack of integration. These projects shifted focus from models to , drawing inspiration from external systems such as , a portable developed at the that prioritized explicit message exchanges for modularity and reliability in distributed environments. A key influence on Mach's IPC design came from the Unix pipe concept, introduced by in 1973 as a mechanism for unidirectional data streaming between processes, enabling modular program composition without complex shared state. This idea, formalized in early Unix implementations, demonstrated how lightweight, asynchronous communication could simplify system extensibility and influenced Mach's ports and messages as a generalized, capability-secured extension of for both local and remote interactions. By abstracting communication channels, Mach aimed to retain Unix's simplicity while supporting advanced features like multiprocessor synchronization and . By 1983, limitations in existing systems like VAX/UNIX—based on (BSD) implementations—became evident to CMU researchers, including inadequate support for multiprocessors, poor integration of with communication, and challenges in Unix applications to distributed environments. Accent's own struggles with Unix compatibility on non-VAX hardware, such as the PERQ workstations, highlighted the need for a new kernel foundation that could provide full BSD binary compatibility while incorporating modern abstractions. This realization prompted the decision to develop Mach starting in 1984 as a clean-slate redesign, building directly on Accent's lessons to address these shortcomings in a multiprocessor context.

Creation and Early Versions

The Mach kernel project was initiated in 1984 at Carnegie Mellon University (CMU) as a research effort to develop an advanced operating system kernel supporting distributed and parallel computing. Led by Richard F. Rashid, with key contributions from Avie Tevanian, a graduate student at CMU since 1983, who helped conceive the project alongside Mike Young and Bob Baron, the team aimed to create a modular foundation for operating systems research. The work began as a successor to CMU's earlier Accent kernel, focusing on multiprocessor environments and efficient interprocess communication. Funded primarily by the Defense Advanced Research Projects Agency (DARPA) under ARPA Order No. 4864, monitored by the Space and Naval Warfare Systems Command, the project emphasized academic exploration of kernel abstractions like tasks and ports, initially targeting unclassified research applications. Mach 1.0, released internally in 1985, introduced a basic design featuring ports for and threads for lightweight concurrency, marking a shift from monolithic kernels toward modular components. This version was implemented on VAX hardware, including models like the VAX-11/780 and VAX 784 multiprocessor configurations, enabling early testing of in shared-memory systems. The kernel provided core abstractions such as tasks for resource containers and threads for execution, with an emphasis on portability across processor architectures, though initial development centered on VAX for its prevalence in academic computing. To facilitate practical use and compatibility with existing software, early Mach versions adopted a hybrid approach by integrating a (BSD) Unix compatibility layer directly into the kernel space, allowing most 4.3BSD code to run as a server thread. This design ensured binary compatibility for Unix applications while layering Mach's innovations beneath. The first public release, known as Release 0, occurred in December 1986 and demonstrated robust multiprocessor support, with the kernel operational on systems like the Encore MultiMax, enabling parallel workloads such as applications.

Evolution and Milestones

In 1988, the Mach project transitioned from (CMU) to the (OSF), an industry consortium formed to develop open UNIX standards, marking a shift toward broader commercial and research adoption. This handover allowed OSF to integrate Mach 2.5 into , leveraging its modular design for enhanced portability across hardware platforms. Mach 2.0, released in 1987, introduced significant improvements in (IPC) efficiency through optimized port-based messaging and scatter-gather operations, reducing overhead for large data transfers via mechanisms. It also expanded support for distributed systems by enabling location-transparent IPC across networked nodes, facilitating communication between heterogeneous architectures such as VAX and Sun workstations. These enhancements built on the kernel's foundational message-passing model, making it suitable for multiprocessor environments with added thread support. The release of Mach 3.0 in 1990 represented a major milestone, implementing a pure by relocating BSD UNIX compatibility and most services to user-space servers, which reduced kernel size by approximately 50% compared to prior versions. Key advancements included full management with external pagers—user-level processes handling paging decisions—and improved IPC throughput, doubling the speed of null remote procedure calls to 95 microseconds on contemporary hardware. This version gained widespread adoption in academic research, powering experiments in distributed and real-time systems due to its flexibility in supporting diverse memory objects and port rights. During the 1990s, subsequent releases and derivatives, such as those in and experimental ports, focused on enhancing multiprocessor scalability through refined thread scheduling with per-processor queues and optimized kernel locks, enabling efficient operation on systems with up to thousands of processors. A pivotal commercial milestone occurred in 1988 with Mach's integration into the initial release of , NeXT Computer's operating system for its workstations, where it provided the foundation for multitasking and object-oriented services, paving the way for its influence in later systems like macOS.

Architecture and Design

Core Components

The Mach kernel is built around a small set of fundamental abstractions that enable its design, emphasizing and extensibility. These core components include tasks, threads, ports, port sets, and memory objects, which together provide the basic mechanisms for , execution, communication, and handling. By limiting the kernel to these primitives, Mach separates from mechanism, allowing higher-level functionality to be implemented in user space. Tasks and threads form the foundation for execution and resource allocation in Mach. A task serves as the basic unit of resource ownership, providing a protected , a for port rights, and the container for one or more threads; it does not execute code itself but allocates resources such as memory and communication capabilities to its threads. Threads, in contrast, are the basic units of CPU utilization, representing the executable entities that run within a task and share its resources, including the ; this separation allows multiple threads to execute concurrently within a single task, supporting efficient with minimal kernel overhead for thread creation and switching. This task/thread model, refined in Mach from the earlier Accent kernel, decouples resource containers from execution contexts, enabling flexible process structures unlike traditional monolithic designs where processes bundle both. Ports and port sets provide the primary mechanism for (IPC) and object referencing in Mach. A is a kernel-protected , functioning as a bounded queue for with capabilities (port rights) that control access: send rights allow message transmission, receive rights enable dequeuing, and send-once rights support one-time sends; serve as secure handles to kernel objects like tasks or threads, ensuring location transparency and . sets extend this by grouping multiple receive rights into a single entity with a shared , allowing a thread to perform a single receive operation that blocks until a arrives on any in the set; this facilitates efficient multiplexing of communication channels for servers handling multiple clients. Memory objects abstract the management of persistent or shared memory regions in Mach's virtual memory system. These are kernel-managed entities representing units of backing storage, such as files or anonymous regions, that can be mapped into one or more task address spaces; they support operations like paging, sharing, and , with the kernel handling physical memory allocation while delegating content provision to user-level pagers. This design allows experimentation with memory policies outside the kernel, such as custom paging algorithms implemented by external servers. The Mach kernel itself operates as a minimal arbitrator, implementing only the essential primitives for thread scheduling, IPC via ports, and basic operations like mapping and handling; it avoids embedding complex policies or device-specific code, instead providing these abstractions through message-based interfaces to promote portability and reliability. In contrast to monolithic kernels, where I/O, file systems, and device drivers reside within the kernel for direct hardware access, Mach delegates such functionality to user-mode servers that interact with the kernel via ports and memory objects; this enhances fault isolation and allows multiple operating system personalities, like UNIX or real-time extensions, to coexist without kernel modifications.

Message Passing and IPC

Mach's inter-process communication (IPC) is fundamentally based on a using as the primary abstraction for communication endpoints. serve as kernel-protected queues that enable secure and location-independent data exchange between tasks, with each supporting multiple senders but only a single receiver task holding receive rights. Messages sent to a are queued in a kernel-managed buffer, ensuring that communication remains from the specific addressing of tasks or threads. Messages in Mach consist of a fixed-length header followed by variable-sized, typed data payloads, which the kernel validates for during transmission to prevent errors in heterogeneous environments. Data within messages can be either inline, where small payloads are directly embedded in the message for efficient short transfers, or out-of-line, where larger data is referenced via memory descriptors that the kernel either copies or maps as needed to optimize performance. rights—capabilities granting send, receive, or send-once permissions—are themselves transferable via messages, allowing dynamic delegation of communication authority without exposing underlying kernel structures. This capability-based approach enforces a model where access to a port is strictly controlled by possession of the appropriate right, providing inherent protection against unauthorized interactions. IPC operations include synchronous and asynchronous variants to support diverse interaction patterns. The msg_send primitive attempts to deliver a to a ; if the queue is full, it blocks the calling thread until space is available, with options for timeout or notification to alter this behavior, while msg_receive blocks the calling thread until a arrives, enabling rendezvous-style . For remote procedure calls (RPC), Mach provides built-in support through msg_rpc, which atomically sends a request and awaits a reply on the same , facilitating client-server paradigms across task boundaries with minimal kernel intervention beyond transport. Asynchronous messaging is used in kernel-initiated calls, such as those to data managers, where no explicit reply is expected, allowing non-blocking notifications. To handle port lifecycle events gracefully, Mach implements dead name notifications, which alert holders of send or send-once when the underlying is destroyed—typically upon destruction of its receive . A task can register a dead name request on a send right using kernel calls, prompting the kernel to queue a special notification to a specified upon the original 's death, thus avoiding dangling references and enabling cleanup in distributed systems. When a dies, any queued messages are discarded, and all associated send convert to dead names, with notifications generated only for those that have pending requests, ensuring efficient resource reclamation. This mechanism integrates seamlessly with the port model, maintaining the integrity of IPC in dynamic, multi-task environments.

Virtual Memory Management

Mach's virtual memory management is designed to externalize much of the paging responsibility to user-level servers, known as pagers, which handle page faults and data provision outside the kernel. When a page fault occurs, the kernel sends a request message to the port associated with the memory object backing the faulted region, rather than managing the backing store itself. This external memory management allows for flexible policies, such as custom paging strategies implemented by user-level processes, decoupling the kernel's mechanism from specific content management decisions. Central to this system are memory objects and regions, which abstract the backing storage for . A object represents a sequence of pages managed by a , and it can be mapped into a task's via kernel calls like vm_map. For efficient sharing and modification, Mach employs shadow objects, which are temporary overlays on existing objects to support (CoW) operations. In CoW scenarios, such as process forking, a new shadow object is created to hold private modifications, while unchanged pages are referenced from the original object; this avoids full duplication and enables read-only sharing until a write fault triggers copying into the shadow. Shadow objects also facilitate read-write sharing through sharing maps that track multiple references, with the kernel automatically garbage-collecting unreferenced intermediate shadows to prevent chain proliferation. The port-based approach integrates virtual memory control with Mach's interprocess communication (IPC) framework, where each memory object is represented by a port held by its . Tasks acquire rights to memory via port references, allowing the kernel to forward fault requests directly to the over the network if desired, thus enabling distributed paging across machines. This port-centric design treats memory regions as capabilities, permitting secure and of access. Amalgamation allows multiple distinct memory objects—each potentially backed by different —to be combined into a single, contiguous within a task, using address maps that reference a tree of objects and shadows. These features provide significant advantages, particularly in distributed environments, where pagers can reside on remote hosts to support network-transparent file systems or migration without kernel modifications. The user-level pager model also accommodates custom allocators, such as those for garbage-collected languages, by allowing specialized servers to manage object-specific policies like demand loading or compression, enhancing overall system modularity and extensibility.

Implementations and Derivatives

Primary Implementations

The primary implementations of the Mach kernel were developed and distributed by (CMU) as open-source releases to support operating system research and experimentation. Mach 2.6, released in 1990, represented a mature extension of earlier versions, integrating advanced features like external while maintaining compatibility with 4.3BSD Unix on supported platforms. This version was distributed via CMU's public archives, enabling academic and industrial ports, though it retained a more monolithic structure compared to later iterations. Mach 3.0, released in 1994, marked the culmination of CMU's Mach project and shifted toward a purer design by moving Unix emulation to user space. As an open-source distribution, it included for the kernel, utilities, and interfaces, available through CMU's AFS-based repository, which facilitated widespread adoption and modification. A key enhancement in Mach 3.0 was the addition of the cthreads library, a user-space threading package built on Mach primitives to provide lightweight, coroutine-based concurrency without kernel-level overhead. Mach 3.0 was notably embedded within , a operating system developed by the and released in 1990, where it served as the core layered with BSD-derived components for compatibility. This integration demonstrated Mach's modularity, allowing to leverage Mach's message-passing and features while providing a full environment. Implementations of Mach supported multiple hardware architectures, including MIPS, SPARC, Intel x86, and DEC Alpha, through ports developed at CMU and collaborating institutions. These ports enabled deployment on diverse systems, from workstations to multiprocessors, emphasizing Mach's architecture-independent design principles such as abstract ports and threads. In the 1990s, the GNU Mach project emerged as a free software reimplementation of Mach, primarily derived from the University of Utah's Mach 4 codebase, to serve as the microkernel foundation for the GNU Hurd operating system. This effort focused on enhancing portability and integrating with GNU tools, with the first stable release (version 1.0) in 1997 and versions like 1.3 in 2001 while maintaining compatibility with Mach 3.0 interfaces.

Software Systems Based on Mach

NeXTSTEP, developed by and first released in September 1989, utilized Mach 2.5 as its core kernel, integrating it with BSD subsystems to provide a multitasking, object-oriented operating environment for NeXT's hardware workstations. This foundation enabled advanced features like protected memory and efficient , positioning NeXTSTEP as a commercial embodiment of Mach's principles during the late 1980s and early 1990s. NeXTSTEP continued to use Mach 2.5 in subsequent upgrades, including version 3.0 in 1992. , the specification and non-proprietary successor released in 1994, extended this architecture by allowing implementations on various kernels while retaining Mach compatibility in NeXT's primary version, fostering portability across platforms like Sun and systems until NeXT's acquisition by Apple in 1997. These systems demonstrated Mach's viability in production environments, influencing object-oriented OS design. Mac OS X, later rebranded as macOS, builds directly on Mach through the kernel, a hybrid design combining Mach 3.0's for , inter-process messaging, and with BSD-derived components for compliance and file systems, plus Apple's I/O Kit for device drivers. Introduced in 2001 as the successor to , powers Darwin, the open-source foundation of macOS, , and related platforms, enabling features like and real-time services while maintaining with UNIX standards. Over time, has evolved to support diverse hardware, including the transition to ARM-based processors starting with in 2020, with optimizations for unified memory architecture and performance isolation. In macOS 26 Tahoe, released in September 2025, continues to underpin the system on Macs (M1 and later), incorporating enhancements for security, such as improved kernel integrity protection and support for up to 128 GB of unified on M5-series chips. The GNU Hurd operating system, initiated by the GNU Project in 1990, employs as its , a implementation compatible with Mach 3.0 that provides essential IPC mechanisms for running multiple servers as user-space processes to handle file systems, networking, and other services. , first stable release (version 1.0) in 1997 and maintained under the GNU GPL, emphasizes modularity and stability, with device drivers adapted from sources via an emulation layer, supporting x86 architectures and for scalable multi-server operation. Development has focused on refining IPC efficiency and translator servers since the 1990s, with ongoing efforts as of 2025 integrating it into distributions like GNU/Hurd; in August 2025, GNU/Hurd 2025 was released, providing a snapshot of Debian 'Trixie' with full 64-bit support for and amd64 architectures, though full production deployment remains experimental. MkLinux represents an early effort to host as a on Mach, porting 2.0 to PowerPC-based Macintosh hardware using the OSF Mach 3.0 developed by the . Launched in 1996 as a between Apple and the , MkLinux ran the as a server atop Mach, leveraging the for hardware abstraction while providing native application support on Power Macs, achieving boot times comparable to native distributions of the era. The project transitioned to community maintenance in 1998, influencing later hybrid approaches but ceasing active development by the early 2000s as Apple shifted focus to Darwin. Research operating systems like the draw indirect influence from Mach's design, particularly in advancing IPC and management to address Mach's performance overheads identified in the early 1990s. Originating with Jochen Liedtke's L3 in 1991 and evolving into L4 by 1996, these kernels prioritize and fast synchronous communication, inspiring derivatives such as seL4, which formalize security properties absent in earlier Mach implementations. While not direct ports, L4's optimizations—reducing kernel entry costs by up to 50% compared to Mach—have shaped modern embedded and secure OS , with commercial adaptations in systems like NOVA and OKL4.

Performance and Criticisms

Issues Identified

One of the primary performance challenges in the Mach kernel stems from the overhead associated with its (IPC) mechanism, which relies on between kernel and user-space servers. Benchmarks on Mach 3.0 showed that a basic (RPC) required approximately 3478 processor cycles, translating to latencies around 70-100 microseconds on hardware of the era, compared to monolithic kernels where equivalent operations were often 10-20 times faster due to direct in-kernel execution. This high latency arose from multiple data copies, kernel traps, and message queuing, making even simple system calls significantly slower than in traditional UNIX implementations. Frequent kernel-user transitions further exacerbated throughput degradation, as each server invocation necessitated context switches and protection domain crossings. In Mach 3.0, a typical UNIX system call to a user-space server involved at least two context switches (client to kernel, kernel to server), adding roughly 178 cycles per switch plus trap handling overhead, which cumulatively reduced system responsiveness in workloads with high server interaction rates. For instance, unoptimized no-op calls to the UNIX server measured 92.7 microseconds, highlighting how these transitions accumulated to degrade overall performance. A notable issue in Mach 3.0 was the overhead observed in its UNIX emulation layer, where the translation of calls into Mach primitives led to excessive instruction execution and memory accesses. Studies from the early 1990s revealed that Mach executed 1.4 times more non-idle instructions than monolithic systems like for equivalent workloads, primarily due to the emulation library's overhead in handling system calls and I/O operations. This resulted in higher memory cycle penalties (e.g., 0.57 MCPI versus 0.43 in ), particularly pronounced in emulation-heavy scenarios. Scalability problems on multiprocessor systems were another key limitation, with Mach exhibiting poor handling of fine-grained parallelism due to its shared memory access patterns and demands. Analysis of applications like THOR and PERO under Mach showed frequent "clinging" references to shared data blocks (median interval of 25 time units), leading to high invalidation traffic and bus contention in multiprocessor configurations. Broadcast-based coherence schemes proved inadequate, with up to 0.138 bus transactions per reference, constraining effective parallelism as processor counts increased. In I/O-bound workloads, Mach underperformed compared to BSD-based systems like , primarily due to the modularity costs of routing requests through user-space servers and the emulation layer. For tasks such as text processing (e.g., ), Mach issued fewer but more expensive disk requests, leading to comparable overall execution times (0.58 s vs. 0.57 s) but elevated system instruction counts (1.4 times more non-idle instructions) and memory penalties attributable to IPC and context management overhead. This modularity-induced penalty made Mach less competitive in environments dominated by I/O operations.

Proposed Solutions and Improvements

To address the performance overheads inherent in Mach's inter-process communication (IPC) mechanisms, Jochen Liedtke developed the L4 in the early as a direct evolution, achieving IPC latencies 10 to 20 times faster than Mach through redesigned primitives that employed shallow copying of message data instead of Mach's deep copying approach. This optimization minimized data duplication during transfers, enabling sub-microsecond IPC on contemporary hardware while preserving principles of modularity and security. Within Mach itself, later implementations and patches introduced optimizations such as refined representations for and port rights, reducing IPC-related usage by up to 50% in systems emulating Unix workloads. These enhancements included integrated handling of threads and IPC to streamline context switches and , allowing kernel threads to be more efficiently multiplexed onto user-level abstractions without excessive overhead. Similarly, the Open Software Foundation's MK7 project in the 1990s experimented with real-time extensions to Mach for , incorporating scheduler optimizations and reduced kernel intervention in time-critical paths to improve in embedded and multiprocessor environments. Hybrid kernel designs emerged as a pragmatic response, exemplified by Apple's kernel, which integrates BSD subsystems and device drivers directly into kernel space atop the Mach microkernel core to bypass frequent IPC calls for performance-critical operations. This approach maintained Mach's and while accelerating I/O and system calls, resulting in latencies closer to monolithic kernels for common workloads. Second-generation microkernels, building on L3 and L4 lineages, further mitigated overheads through concepts like recursive addressing, where processes could map portions of their own address spaces into others without kernel-mediated copying, thus streamlining interactions and reducing costs in hierarchical systems. These advancements enabled more scalable implementations, with L4 variants demonstrating sustained improvements in multi-threaded and distributed scenarios.

Legacy and Influence

Impact on Microkernel Design

Mach introduced a pioneering model that fundamentally reshaped operating system architecture by confining the kernel to basic hardware management—such as process scheduling, (IPC), and abstractions—while delegating higher-level services like file systems and device drivers to user-space servers. Central to this design were ports, capability-protected endpoints for message-based IPC, which enabled secure, modular communication between kernel and user-space components without requiring kernel modifications for new services. This approach, detailed in the seminal 1986 paper by Accetta et al., established ports and user-space servers as foundational elements in design, influencing subsequent systems that prioritized modularity and extensibility. For instance, and adopted analogous mechanisms, using message-passing IPC and user-mode drivers to achieve fault isolation and reliability in embedded and real-time environments. The modular paradigm of Mach accelerated a broader shift from monolithic kernels to distributed, component-based systems, inspiring research into even leaner architectures. By demonstrating how OS functionality could be externalized to user space, Mach encouraged the development of exokernels, which further minimize kernel mediation by exposing raw hardware resources to applications via secure bindings, as explored in Engler et al.'s 1995 SOSP paper. This evolution also advanced capability-based systems, where Mach's port capabilities served as a precursor to fine-grained access controls that enhance security and prevent in modern kernels. Overall, Mach's emphasis on laid the groundwork for hybrid and verifiable OS designs, prioritizing reliability over integrated complexity. Mach's message-passing paradigm, relying on asynchronous IPC via ports, profoundly influenced verified microkernels like seL4, which refined it into a synchronous, capability-aware mechanism for thread communication and calls. As noted in Elphinstone and Klein's 2016 ACM Computing Surveys article on 20 years of L4 microkernels, seL4 builds on Mach's low-level abstractions but eliminates higher-level semantics like memory objects to reduce overhead, enabling of kernel correctness. This adoption underscores Mach's role in standardizing as a secure alternative to in safety-critical s. Academically, Mach's legacy is evident in its extensive citation record, with the core 1986 paper alone garnering over 1,200 citations and serving as a cornerstone for thousands of subsequent works on distributed and real-time systems. It forms the basis for operating systems courses worldwide, illustrating principles of , IPC, and multiprocessor support. However, Mach's real-world performance—particularly IPC latency—sparked the "microkernel wars" of the 1990s, a heated on balancing architectural purity with efficiency, as critiqued in Hartig et al.'s 1997 analysis of overheads compared to monolithic designs.

Modern Uses

The XNU kernel, which incorporates the Mach microkernel as its foundation, continues to power Apple's operating systems, including macOS, iOS, and watchOS, across devices with Apple Silicon processors such as the M-series chips. In 2024 and 2025 updates, including macOS Sequoia (version 15), XNU has seen enhancements to its virtual memory management inherited from Mach, optimizing shared memory allocation for unified architectures that integrate CPU and GPU resources, thereby supporting efficient on-device AI workloads like those in Apple Intelligence features. These adaptations leverage Mach's virtual memory abstractions to handle heterogeneous computing demands, enabling low-latency processing for machine learning tasks without relying on cloud offloading. The GNU Hurd project maintains persistent development into the 2020s, with the release of GNU/Hurd 2025 marking significant progress, including support for architectures, integration, and (SMP). Hurd continues to operate on the Mach , currently at version 1.8, which provides the core abstractions for and in this ongoing effort to build a complete GNU operating system. While explorations of newer Mach variants like 4.x have not materialized in production releases, the 2025 port demonstrates improved stability and package compatibility, covering about 72% of the archive. Mach derivatives persist in research and embedded applications, particularly through second-generation microkernels like the L4 family, which evolved from Mach's design principles to support real-time systems. The L4Re operating system framework, for instance, incorporates a real-time scheduler and scales from resource-constrained embedded devices to prototypes, enabling predictable execution in safety-critical environments such as automotive and industrial controls. In cloud OS prototypes, L4-based systems influence modular designs for and isolation, facilitating secure, distributed in experimental cloud infrastructures. Recent 2025 analyses of XNU's evolution highlight Mach's enduring role in enhancing secure boot processes and virtualization capabilities within Apple's ecosystem. For example, the introduction of "exclaves" in XNU—secure, isolated domains for sensitive resources like shared memory and sensors—builds on Mach's compartmentalization to protect against kernel compromises, with implementations tied to Apple Silicon's Secure Enclave and rolled out in macOS 14.4 and later. In macOS Sequoia, Mach-derived abstractions support an in-kernel hypervisor for ARM64, allowing lightweight virtual machines via the Virtualization.framework, including features like Apple ID authentication and USB passthrough for improved isolation and usability. Google's Fuchsia operating system indirectly draws on Mach through its adoption of microkernel principles in the Zircon kernel, emphasizing capability-based security and minimalism to achieve robust isolation without direct code inheritance from Mach. This approach enhances Fuchsia's suitability for embedded and IoT devices, where microkernel ideas inspired by Mach contribute to updatability and performance in diverse hardware environments.

References

  1. https://users.soe.ucsc.edu/~sbrandt/221/Papers/Kernel/accetta-usenix86.pdf
  2. https://srl.cs.jhu.edu/courses/600.439/syskernel.pdf
  3. https://www.cs.cmu.edu/afs/cs/project/mach/public/www/mach.html
  4. https://web.eecs.utk.edu/~qcao1/cs560/papers/mach.pdf
  5. https://www.gnu.org/software/hurd/microkernel/mach/history.html
  6. https://www.acm.org/media-center/2015/april/software-system-award-2014
  7. https://www.semanticscholar.org/paper/Mach%253A-A-New-Kernel-Foundation-for-UNIX-Development-Accetta-Baron/67ac8e37fd240844e0726a2d171e20042c7648f4
  8. https://cseweb.ucsd.edu/classes/wi11/cse221/papers/accetta86.pdf
  9. https://www.seltzer.com/margo/teaching/CS508.19/papers/rashid86.pdf
  10. http://www.bitsavers.org/pdf/osf/Design_of_the_OSF1_Operating_System_Release_1.2_1990.pdf
  11. https://people.eecs.berkeley.edu/~kubitron/courses/cs262a-F18/handouts/papers/microkernel-mach.pdf
  12. https://kilthub.cmu.edu/ndownloader/files/12123620
  13. https://www.gnu.org/software/hurd/gnumach-doc/Port-Sets.html
  14. https://www.cs.princeton.edu/courses/archive/fall07/cos518/papers/mach.pdf
  15. https://www.gnu.org/software/hurd/gnumach-doc/Message-Send.html
  16. https://www.gnu.org/software/hurd/gnumach-doc/Request-Notifications.html
  17. https://www.gnu.org/software/hurd/gnumach-doc/Port-Destruction.html
  18. https://www.gnu.org/software/hurd/microkernel/mach/external_pager_mechanism.html
  19. https://www.cs.cornell.edu/courses/cs6410/2010fa/lectures/07-virtual-memory.pdf
  20. https://swift.sites.cs.wisc.edu/classes/cs736-fa18/wiki/uploads/Main/Lectures/11%20-%20Mach%20Memory.pdf
  21. https://dsf.berkeley.edu/cs262/2005/lecs/mach.pdf
  22. https://www.krsaborio.net/bsd/research/acrobat/900823.pdf
  23. https://www.cs.cmu.edu/afs/cs/project/mach/public/src/mkernel/src/kernel/kern/ast.c
  24. https://www.cs.cmu.edu/afs/cs/project/mach/public/www/sources/sources_top.html
  25. https://www.usenix.org/publications/library/proceedings/mach3/full_papers/dean.ps
  26. https://www.usenix.org/event/usenix99/full_papers/braam/braam_html/
  27. http://reports-archive.adm.cs.cmu.edu/anon/1994/CMU-CS-94-142.pdf
  28. http://jklp.org/profession/papers/mach/paper.html
  29. https://www.gnu.org/software/hurd/faq/system_port.html
  30. https://developer.apple.com/library/archive/documentation/Cocoa/Conceptual/CocoaFundamentals/WhatIsCocoa/WhatIsCocoa.html
  31. https://www.openstep.org/
  32. https://developer.apple.com/library/archive/documentation/Darwin/Conceptual/KernelProgramming/Architecture/Architecture.html
  33. https://github.com/apple-oss-distributions/xnu
  34. https://opensource.apple.com/releases
  35. https://www.apple.com/newsroom/2025/09/macos-tahoe-is-available-today/
  36. https://www.gnu.org/software/gnumach/
  37. https://www.debian.org/ports/hurd/hurd-news.en.html
  38. https://www.mklinux.org/
  39. https://www.linuxjournal.com/article/2093
  40. https://dl.acm.org/doi/10.1145/2893177
  41. https://sigops.org/s/conferences/sosp/2013/papers/p133-elphinstone.pdf
  42. https://www.usenix.org/legacy/publications/library/proceedings/mach3/full_papers/golub/golub.pdf
  43. https://dl.acm.org/doi/pdf/10.1145/173668.168629
  44. https://apps.dtic.mil/sti/tr/pdf/ADA207318.pdf
  45. https://dl.acm.org/doi/pdf/10.1145/2517349.2522720
  46. https://cs.nyu.edu/~mwalfish/classes/15fa/ref/liedtke93improving.pdf
  47. https://dl.acm.org/doi/pdf/10.1145/219282.219296
  48. https://www.academia.edu/41024405/MK7_3a_Real_Time_Microkernel_for_the_OSF_1_OS_Release_Notes
  49. https://courses.cms.caltech.edu/cs124/lectures-wi2017/CS124Lec04.pdf
  50. https://www.osnews.com/story/142069/apples-darwin-os-and-xnu-kernel-deep-dive/
  51. https://www.cs.cornell.edu/courses/cs6410/2025fa/slides/07-microkernels.pdf
  52. https://cacm.acm.org/research/lessons-learned-from-30-years-of-minix/
  53. https://web.stanford.edu/class/archive/cs/cs240/cs240.1136/readings/engler_exo.pdf
  54. https://tansanrao.com/blog/2025/04/xnu-kernel-and-darwin-evolution-and-architecture/
  55. https://mbsdirect.com/featured-solutions/apple-for-business/benefits-of-apple-silicon-for-artificial-intelligence
  56. https://www.debian.org/ports/hurd/
  57. https://www.theregister.com/2025/08/18/debian_hurd_13/
  58. https://l4re.org/
  59. https://www.theregister.com/2025/03/08/kernel_sanders_apple_rearranges_xnu/
  60. https://eclecticlight.co/2024/06/17/how-sequoia-changes-virtualisation-on-apple-silicon/
  61. https://developer.apple.com/documentation/virtualization
  62. https://a13xp0p0v.github.io/2022/05/24/pwn-fuchsia.html
Add your contribution
Related Hubs
User Avatar
No comments yet.