Minix 3

[1] The project's main goal is for the system to be fault-tolerant by detecting and repairing its faults on the fly, with no user intervention.

[10] The project has been dormant since late 2018,[11] and the latest release is 3.4.0 rc6 from 2017,[12] although the Minix 3 discussion group is still active.

[14][15] It was debated that Minix could have been the most widely used OS on x86/AMD64 processors, with more installations than Microsoft Windows, Linux, or macOS, because of its use in the Intel ME.

[20] Minix 3 was publicly announced on 24 October 2005 by Andrew Tanenbaum during his keynote speech on top of the Association for Computing Machinery (ACM) Symposium Operating Systems Principles conference.

Although it still serves as an example for the new edition of Tanenbaum and Woodhull's textbook, it is comprehensively redesigned to be "usable as a serious system on resource-limited and embedded computers and for applications requiring high reliability."

Monolithic operating systems such as Linux and FreeBSD and hybrids like Windows have millions of lines of kernel code.

Drivers cannot execute privileged instructions, change the page tables, perform arbitrary input/output (I/O), or write to absolute memory.

In monolithic kernels, a driver can write to any word of memory and thus accidentally corrupt user programs.

In Minix 3, when a user expects data from, for example, the file system, it builds a descriptor telling who has access and at what addresses.

In monolithic kernels, dereferencing a bad pointer in a driver normally leads to a system crash.

Eventually the reincarnation server will see that it is not responding to status requests, so it will kill and restart the looping driver.

However, attacks which rely on running legitimately executable memory in a malicious way (return-to-libc, return-oriented programming) are not prevented by this mitigation.

A special process, called the reincarnation server, periodically pings each device driver.

If the driver dies or fails to respond correctly to pings, the reincarnation server automatically replaces it with a fresh copy.

It also supports an application programming interface (API) of about 30 kernel calls that authorized servers and drivers can make.

The kernel calls perform functions such as setting interrupts and copying data between address spaces.

While there is a small amount of overhead in doing this (typically 500 ns), this scheme makes it possible for the kernel to check authorization, so that, for example, the audio driver cannot write on the disk.

[citation needed] Minix 1.0, 1.5, and 2.0 were developed as tools to help people learn about the design of operating systems.

Source code of the kernel, memory manager, and file system of Minix 1.0 are printed in the book.

Minix 1.5, released in 1991, included support for MicroChannel IBM PS/2 systems and was also ported to the Motorola 68000 and SPARC architectures, supporting the Atari ST, Commodore Amiga, Apple Macintosh and Sun Microsystems SPARCstation computer platforms.

Minix-vmd was created by two Vrije Universiteit researchers, and added virtual memory and support for the X Window System.

Another feature of this version, which will be improved in future ones, is the ability of the system to withstand device driver crashes, and in many cases having them automatically replaced without affecting running processes.

Structure of monolithic kernel and microkernel -based operating systems, respectively
The architecture of Minix 3
Diagram of the relationships between several Unix-like systems
MINIX 3.1.7 running X11 with the EDE
Rocky Raccoon, the mascot of Minix 3.