Introducing Genode. Norman Feske Genode Labs

Size: px

Start display at page:

Download "Introducing Genode. Norman Feske Genode Labs"

Jane Hamilton
5 years ago
Views:

1 Introducing Genode Norman Feske Genode Labs FOSDEM Feb 4, 2012

2 Overview 1. Why do we need another operating system? 2. Genode OS architecture at a glance 3. Features of the framework 4. Showcases 5. Plans for 2012 FOSDEM Feb 4,

3 Genode OS Architecture Why do we need another operating system? FOSDEM Feb 4,

4 Traditional technology, pimped up Copyright Tessloff-Verlag / MOSAIK Steinchen für Steinchen Verlag FOSDEM Feb 4,

5 Traditional technology, pimped up Copyright Tessloff-Verlag / MOSAIK Steinchen für Steinchen Verlag FOSDEM Feb 4,

6 We are getting there... Work in progress Copyright Tessloff-Verlag / MOSAIK Steinchen für Steinchen Verlag FOSDEM Feb 4,

7 We are getting there... Work in progress Security features Copyright Tessloff-Verlag / MOSAIK Steinchen für Steinchen Verlag FOSDEM Feb 4,

8 We are getting there... Work in progress Security features Thriving community Copyright Tessloff-Verlag / MOSAIK Steinchen für Steinchen Verlag FOSDEM Feb 4,

9 But... What happens in the event of Storm Fire Leak Sabotage Directed remote attack FOSDEM Feb 4,

10 Genode OS architecture - Why? FOSDEM Feb 4,

11 Genode OS architecture - Why? FOSDEM Feb 4,

12 Bulkhead to the rescue FOSDEM Feb 4,

13 Genode OS architecture - Why? FOSDEM Feb 4,

14 Genode OS architecture - Why? FOSDEM Feb 4,

15 Compromises Solution is Rather inflexible Costly (additional material) Adding weight (overhead) Bureaucratic (additional policy) FOSDEM Feb 4,

16 Genode OS architecture Central question: How to organize all those components in order to scale? FOSDEM Feb 4,

17 Genode OS architecture Leitmotif: Minimize trusted computing base (TCB) per application FOSDEM Feb 4,

18 Genode OS architecture - Universal truths (?) Ease of use Security FOSDEM Feb 4,

19 Genode OS architecture - Universal truths (??) Ease of use Security Resource utilization Resource accountability FOSDEM Feb 4,

20 Genode OS architecture - Universal truths (???) Ease of use Security Resource utilization Resource accountability Simplicity Scalability FOSDEM Feb 4,

21 Genode OS architecture Genode sets out to solve these conflicts. FOSDEM Feb 4,

22 Principles of the architecture Recursive system structure User Application GUI User Session Init Core FOSDEM Feb 4,

23 Principles of the architecture (II) Announcing services User Application GUI User Session announce("gui") Init Core FOSDEM Feb 4,

24 Principles of the architecture (III) Using services GUI 4 User Session User Application session("gui", "input:read label:terminal") 1 session("input:none; label:olaf.xterm") 3 Init session("gui", "label:olaf.xterm; input:read") 2 Core FOSDEM Feb 4,

25 Principles of the architecture (IV) Core - the root of the process tree Provides fundamental services: RAM, ROM, IRQ, I/O, RM, CPU, PD, CAP, LOG, SIGNAL Abstracts physical platform resources Policy-free Bootstraps the init process FOSDEM Feb 4,

26 Principles of the architecture (V) Physical resources Physical resources are assigned to processes A client can lend its resources to services A server uses client resources by contract A client can regain resources FOSDEM Feb 4,

27 Principles of the architecture (VI) Delegation of rights Each process lives in a virtual environment use it (invoke) delegate it A process that possesses a right (capability) can FOSDEM Feb 4,

28 Demonstration One demo tells more than thousand slides. FOSDEM Feb 4,

29 Framework features Pick one of 8 different kernels FIASCO.OC OKL4 FIASCO NOVA Microhypervisor CODEZERO FOSDEM Feb 4,

30 Ways for reusing existing software 1. Support for existing APIs POSIX (FreeBSD libc), libsdl, OpenGL, Qt4 enables Freetype, libpng, Python, MuPDF, Runtime environments Linux / ipxe Device Driver Environment, Noux 3. Virtualization Paravirtualized Linux (on OKL4, Fiasco.OC) runs unmodified Linux applications Faithful virtualization (Vancouver on NOVA) FOSDEM Feb 4,

31 Virtualization-enabled application compatibility FOSDEM Feb 4,

32 Expressing policy Security Uniform configuration concept Mandatory access control Real-time Assign hard priorities to subsystems FOSDEM Feb 4,

33 Application-specific trusted computing base FOSDEM Feb 4,

34 Trusted computing base in numbers Lines of code (OKL4 version) Demo 3 34,200 Demo 2 + PNG support Demo 2 20,600 Demo 1 + Liquid-FB, Nitlog, Scout Demo 1 15,000 PS/2, Timer, Nitpicker, Test Application Core + Init 10,800 Core 9,400 FOSDEM Feb 4,

35 Trusted computing base in numbers Lines of code (OKL4 version) Demo 4 634,200 Demo 3 + simple Qt4 application Demo 3 34,200 Demo 2 + PNG support Demo 2 20,600 Demo 1 + Liquid-FB, Nitlog, Scout Demo 1 15,000 PS/2, Timer, Nitpicker, Test Application Core + Init 10,800 Core 9,400 FOSDEM Feb 4,

Components User-level device drivers Platform drivers for

graphics (Intel GEM) Audio out (Linux drivers) Networking

SATA, SD-card, USB) Protocol stacks GUI, Qt4 DDE Kit

36 Components User-level device drivers Platform drivers for x86 and ARM USB, PCI, PS/2, timer, framebuffer 3D graphics (Intel GEM) Audio out (Linux drivers) Networking (ipxe drivers, Lan9118, MadWifi) Block devices (ATAPI, SATA, SD-card, USB) Protocol stacks GUI, Qt4 DDE Kit (device driver API) TCP/IP (lwip) Mesa/Gallium3D FOSDEM Feb 4,

37 Showcase - Secure GUI X Window System Linux Kernel Tutorial Browser Virtual Framebuffer Input Nitpicker GUI Frame buffer Init Core User Mode Microkernel Privileged Mode FOSDEM Feb 4,

38 Showcase - Secure browser plugins Plugin Plugin Web Browser Loader Nitpicker GUI TCP/IP Init FOSDEM Feb 4,

39 Showcase - Application-level virtualization Genode Process Service session RAM RM CPU Core FOSDEM Feb 4,

40 Showcase - Application-level virtualization Genode Process as Debugging Target RAM RM CPU GDB Monitor Service Terminal Service session RAM RM CPU Core GNU Debugger FOSDEM Feb 4,

41 Showcase - OS-level virtualization Recompiled UNIX program FreeBSD libc libc plugin Noux session open read write select ioctrl stat readdir VFS TarFS Noux I/O channels Terminal ROM session Init Terminal session Core FOSDEM Feb 4,

42 Showcase - Enslaving services (I) Where to boot from? USB storage SATA??? ATAPI Init FOSDEM Feb 4,

43 Showcase - Enslaving services (II) Probing for a magic file "magic" USB storage iso9660! iso9660 Block ROM ROM Block open "magic" open "magic" ATAPI d3m Init FOSDEM Feb 4,

44 Showcase - Enslaving services (III) Announce boot device "magic" USB storage iso9660 iso9660 ATAPI Block ROM ROM Block open "magic" open "magic" d3m Init FOSDEM Feb 4,

45 Plans for 2012 Eating our own dog food Goal: Genode as our primary OS by end of year FOSDEM Feb 4,

46 Inventory of our computing needs Fundamentals VIM Tool chain Shell Fallback VM Tiled window manager Web browser PDF viewer Git client GNUPG SSH client, Rsync Persistent storage IM client FOSDEM Feb 4,

47 Nice to have EMACS Intel Wireless Qemu Thinkpad ACPI Music player Mail-user agent Tuxpaint High-performance graphics Additional command-line tools FOSDEM Feb 4,

48 Roadmap 2012 Offline Unix tools PDF Live CD Online Unix tools Drivers Storage Music player SMP website Tiled GUI Thinkpad support January July December FOSDEM Feb 4,

49 Questions? Thank you. FOSDEM Feb 4,

General-purpose computing with VirtualBox on Genode/NOVA. Norman Feske

General-purpose computing with VirtualBox on Genode/NOVA Norman Feske Outline 1. VirtualBox 2. NOVA microhypervisor and Genode 3. Transplantation of VirtualBox to NOVA 4.