If you want two processes to communicate (IPC) normally, you would set up some shared memory, so that in each process’s virtual memory some pages are shared between them both, so when process A writes to that memory it is visible to process B and vice versa. There are other ways to do IPC but this is the fastest since it doesn’t involve any syscalls (context switch to the kernel which is slow).
However it still requires each process to copy its private data into and out of the shared memory. Also it still requires a context switch from process A to process B.
A common use of IPC is for RPC (Remote Procedure Calls). Basically you want to run a function in the other process. This solution does that but differently and faster.
First, both processes share the same virtual memory. This is normally a recipe for disaster since it completely destroys the normal process memory sandboxing (a memory error in one process can now crash the other one!). However they use a new Intel MPK hardware feature that allows splitting the pages into one of 16 groups (“keys”), and you can control read/write access to each group independently.
Next when process A wants to call a function in process B, the RPAL code does a lightweight context switch in user space. I guess this just means changing the MPK key, and normal saving of registers for the function call. I’m not sure what else you’d need to change. It’s a little unclear about how you pass heap data from process A to process B. I guess both processes just have read access to the entire address space? That doesn’t really change the security model on Unix since any process can already debug any other process with no extra permissions.
It sounds very similar to running two processes as if they were threads in the same process. Why not just use threads? Probably a better option if you can, but I guess if you are e.g. running processes written in different languages that might be tricky?
The linked patch actually explains it really well.
If you want two processes to communicate (IPC) normally, you would set up some shared memory, so that in each process’s virtual memory some pages are shared between them both, so when process A writes to that memory it is visible to process B and vice versa. There are other ways to do IPC but this is the fastest since it doesn’t involve any syscalls (context switch to the kernel which is slow).
However it still requires each process to copy its private data into and out of the shared memory. Also it still requires a context switch from process A to process B.
A common use of IPC is for RPC (Remote Procedure Calls). Basically you want to run a function in the other process. This solution does that but differently and faster.
First, both processes share the same virtual memory. This is normally a recipe for disaster since it completely destroys the normal process memory sandboxing (a memory error in one process can now crash the other one!). However they use a new Intel MPK hardware feature that allows splitting the pages into one of 16 groups (“keys”), and you can control read/write access to each group independently.
Next when process A wants to call a function in process B, the RPAL code does a lightweight context switch in user space. I guess this just means changing the MPK key, and normal saving of registers for the function call. I’m not sure what else you’d need to change. It’s a little unclear about how you pass heap data from process A to process B. I guess both processes just have read access to the entire address space? That doesn’t really change the security model on Unix since any process can already debug any other process with no extra permissions.
It sounds very similar to running two processes as if they were threads in the same process. Why not just use threads? Probably a better option if you can, but I guess if you are e.g. running processes written in different languages that might be tricky?