sel4介绍

        seL4微内核是一种操作系统内核，旨在实现安全、可靠和为各种应用领域的系统提供可靠的基础。作为微内核，它为应用程序提供少量服务，例如创建和管理虚拟地址空间、线程和进程间通信（IPC）。seL4提供的少量服务直接转化为小型实现大约8700行C代码。

        The seL4 microkernel is an operating-system kernel designed to be a secure, safe, and
reliable foundation for systems in a wide variety of application domains. As a microkernel,
it provides a small number of services to applications, such as abstractions to create
and manage virtual address spaces, threads, and inter-process communication (IPC).
The small number of services provided by seL4 directly translates to a small implementation
of approximately 8700 lines of C code.

This has allowed the ARMv6 version of the kernel to be formally proven in the Isabelle/HOL theorem prover to adhere to its formal specification [Boy09,CKS08,DEK+06,EKE08,KEH+09,TKN07,WKS+09], which in turn enabled proofs of the kernel’s enforcement of integrity [SWG+11] and confidentiality [MMB+13]. The kernel’s small size was also instrumental in performing a complete and sound analysis of worst-case execution time [BSC+11,BSH12]. This manual describes the seL4 kernel’s API from a user’s point of view. The document starts by giving a brief overview of the seL4 microkernel design, followed by a reference of the high-level API exposed by the seL4 kernel to userspace.

While we have tried to ensure that this manual accurately reflects the behaviour of the
seL4 kernel, this document is by no means a formal specification of the kernel. When
the precise behaviour of the kernel under a particular circumstance needs to be known,
users should refer to the seL4 abstract specification, which gives a formal description
of the seL4 kernel.