Exploring Sculpt a component-based operating system Josef Sntgen - - PowerPoint PPT Presentation

Exploring Sculpt

a component-based operating system

Josef Söntgen <josef.soentgen@genode-labs.com>

Outline

• 1. Background
• 2. Sculpt OS overview
• 3. Extending the system
• 4. Sculpt Road Map

Exploring Sculpt a component-based operating system 2

Outline

• 1. Background
• 2. Sculpt OS overview
• 3. Extending the system
• 4. Sculpt Road Map

Exploring Sculpt a component-based operating system 3

Background

Observation: commodity OSes are (too) complex “Ingredients” for building low-complex systems are there Prototype in 2006 Founding of Genode Labs in 2008 to develop the prototype further

Exploring Sculpt a component-based operating system 4

Clean-slate operating-system architecture

Exploring Sculpt a component-based operating system 5

Clean-slate operating-system architecture

Least privilege → Capability-based security

Exploring Sculpt a component-based operating system 5

Clean-slate operating-system architecture

Least privilege → Capability-based security Mixed criticality → Isolated components, application-specific TCBs

Exploring Sculpt a component-based operating system 5

Clean-slate operating-system architecture

Least privilege → Capability-based security Mixed criticality → Isolated components, application-specific TCBs Dependability → Accounting, trading, and tracking of physical resources

Exploring Sculpt a component-based operating system 5

Clean-slate operating-system architecture

Least privilege → Capability-based security Mixed criticality → Isolated components, application-specific TCBs Dependability → Accounting, trading, and tracking of physical resources Scalability → Recursive system structure

Exploring Sculpt a component-based operating system 5

Genode OS Architecture

Application-specific TCB (red area)

Exploring Sculpt a component-based operating system 6

Genode OS Framework

Construction kit for special-purpose OSes Scales from embedded systems to general-purpose computing Hundreds of ready-to-use components Integration of existing OSes (virtualization, TrustZone) Dual licensing, open source (AGPLv3) and commercial licenses

Exploring Sculpt a component-based operating system 7

The Book “Genode Foundations”

GENODE

Operating System Framework

Foundations

Norman Feske

https://genode.org/documentation/genode-foundations-18-05.pdf

Exploring Sculpt a component-based operating system 8

Outline

• 1. Background
• 2. Sculpt OS overview
• 3. Extending the system
• 4. Sculpt Road Map

Exploring Sculpt a component-based operating system 9

System integration and composition

Static “Turmvilla” scenario in 2014 → Changeable OS, limited to components at integration time Dynamic “Sculpt” OS in 2018 → shapeable general-purpose OS at run-time

◮ Sculpt for Early Adopters (EA) 18.02 (end of February) ◮ Sculpt for The Curious (TC) 18.05 (end of May)

→ Image available at https://genode.org/download/sculpt

Exploring Sculpt a component-based operating system 10

System overview

Microkernel / Core Init Init Init Init

Drivers Leitzentrale Runtime static system

Exploring Sculpt a component-based operating system 11

Static part of the system

Microkernel / Core Init Init Init Init

Drivers Leitzentrale Runtime static system

Exploring Sculpt a component-based operating system 12

Static part of the system

Nitpicker GUI Server Report Report FS ROM Config FS Global Policy Leitzentrale Drivers Runtime initial config

Exploring Sculpt a component-based operating system 13

Drivers subsystem

Microkernel / Core Init Init Init Init

Drivers Leitzentrale Runtime static system

Exploring Sculpt a component-based operating system 14

Drivers subsystem

Microkernel / Core

Drivers

Dynamic Init Driver Manager USB Driver PS2 Driver Platform Driver ACPI Discovery Framebuffer Driver Block Driver Input Filter

platform input usb framebuffer block

config config state device info I/O MEM I/O PORT IRQ Exploring Sculpt a component-based operating system 15

Leitzentrale subsystem

Microkernel / Core Init Init Init Init

Drivers Leitzentrale Runtime static system

Exploring Sculpt a component-based operating system 16

Leitzentrale subsystem

Sulpt Manager /config/managed /config /report Fader nitpicker Log Noux /report Terminal Nit FB Fader Init Init Nitpicker Report FS Config FS

Leitzentrale

global policy

static system

Exploring Sculpt a component-based operating system 17

Tweaking and inspecting the system

System is managed by the Sculpt Manager component

◮ Managed configurations stored in /config/managed/ ◮ Manual configuration override possible via /config/ ◮ Access via inspect option from the GUI

Provides GUI for manging aspects of the system

Exploring Sculpt a component-based operating system 18

Runtime subsystem

Microkernel / Core Init Init Init Init

Drivers Leitzentrale Runtime static system

Exploring Sculpt a component-based operating system 19

Runtime subsystem

Run-time is also managed by the Sculpt Manager component User controlled management via /config/deploy

◮ Uses deploy-mechanism to deploy and start additional

components

Exploring Sculpt a component-based operating system 20

Outline

• 1. Background
• 2. Sculpt OS overview
• 3. Extending the system
• 4. Sculpt Road Map

Exploring Sculpt a component-based operating system 21

Installing software

Storage location for downloads Storage location for installed software Source of software (download URL) Public key of software provider

Exploring Sculpt a component-based operating system 22

Installing software

Download Manager What’s missing? Get download info Fetch Verify Extract archive list download URL, public key archives, signatures good or bad archive content

Exploring Sculpt a component-based operating system 23

Installing software

read-only config (installation) What’s missing? Get download info Fetch Verify Extract Dynamic Init Download Manager Depot Query config state missing content file system network file system /public /depot

Exploring Sculpt a component-based operating system 24

Installing software

read-only What’s missing? Get download info Fetch Verify Extract Dynamic Init Download Manager Depot Query config state public key, URL file system network file system /public /depot

Exploring Sculpt a component-based operating system 25

Installing software

write What’s missing? Get download info Fetch Verify Extract Dynamic Init Download Manager fetchurl

libcurl libssl TCP/IP

config state file system network file system /public /depot

Exploring Sculpt a component-based operating system 26

Installing software

read-only What’s missing? Get download info Fetch Verify Extract Dynamic Init Download Manager verify

GnuPG libgcrypt

config state good / bad file system network file system /public /depot

Exploring Sculpt a component-based operating system 27

Installing software

read-only write write What’s missing? Get download info Fetch Verify Extract Dynamic Init Download Manager extract chroot /<origin>

libarchive liblzma

config state file system network file system /public /depot

Exploring Sculpt a component-based operating system 28

Installation ↔ Deployment

/depot is a cache Installation driven by deploy configuration Multiple versions/vendors side by side → Arbitrary rollback User-defined policy

Exploring Sculpt a component-based operating system 29

Outline

• 1. Background
• 2. Sculpt OS overview
• 3. Extending the system
• 4. Sculpt Road Map

Exploring Sculpt a component-based operating system 30

Sculpt road map for 2018

Sculpt by Visual Composition (VC) → 18.08 (end of August) Sculpt as a Community Experience (CE) → 18.11 (end of the year) Details at https://genode.org/about/road-map

Exploring Sculpt a component-based operating system 31

Thank you

Genode OS Framework https://genode.org Genode Labs GmbH https://www.genode-labs.com Source code at GitHub https://github.com/genodelabs/genode

Exploring Sculpt a component-based operating system 32