ehmry/genode
ehmry
/
genode
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Fork of the Genode OS framework
9,172 Commits 8 Branches 38 Tags 41 MiB
C++ 69.9%
C 20.2%
Makefile 4.5%
PHP 2.2%
Tcl 1.5%
Other 1.4%
Go to file
Norman Feske 132569d12b base-linux: socket descriptor caps for RPC 
On Linux, Genode used to represent each RPC object by a socket
descriptor of the receiving thread (entrypoint) and a globally-unique
value that identifies the object. Because the latter was transferred as
plain message payload, clients had to be trusted to not forge the
values. For this reason, Linux could not be considered as a productive
Genode base platform but remained merely a development vehicle.

This patch changes the RPC mechanism such that each RPC object is
represented by a dedicated socket pair. Entrypoints wait on a set of
the local ends of the socket pairs of all RPC objects managed by the
respective entrypoint. The epoll kernel interface is used as the
underlying mechanism to wait for a set of socket descriptors at the
server side.

When delegating a capability, the remote end of the socket pair is
transferred to the recipient along with a plaintext copy of the
socket-descriptor value of the local end. The latter value serves as a
hint for re-identifiying a capability whenever it is delegated back to
its origin. Note that the client is not trusted to preserve this
information. The integrity of the hint value is protected by comparing
the inode values of incoming and already present capablities at the
originating site (whenever the capability is invoked or presented to the
owner of the RPC object).

The new mechanism effectively equips base-linux with Genode's capablity
model as described in the Chapter 3 of the Genode Foundations book.
That said, the sandboxing of components cannot be assumed at this point
because each component has still direct access to the Linux system-call
interface.

This patch is based on the extensive exploration work conducted by
Stefan Thoeni who strongly motivated the inclusion of this feature into
Genode.

Issue #3581
 		2020-04-17 12:40:13 +02:00
depot depot: update public key for cnuke 2020-02-27 14:46:57 +01:00
doc News item for Sculpt 20.02 2020-03-10 11:06:10 +01:00
repos base-linux: socket descriptor caps for RPC 2020-04-17 12:40:13 +02:00
tool seoul: add vm_stress script version 2020-04-17 12:40:13 +02:00
.gitignore Tool for assembling API/source/binary archives 2017-05-31 13:15:56 +02:00
LICENSE Update URLs in LICENSE 2020-03-26 11:38:54 +01:00
README Update README 2017-08-30 10:01:35 +02:00
VERSION version: 20.02 2020-02-28 12:19:49 +01:00

README 

                      =================================
                      Genode Operating System Framework
                      =================================


This is the source tree of the reference implementation of the Genode OS
architecture. For a general overview about the architecture, please refer to
the project's official website:

:Official project website for the Genode OS Framework:

  [https://genode.org/documentation/general-overview]

The current implementation can be compiled for 8 different kernels: Linux,
L4ka::Pistachio, L4/Fiasco, OKL4, NOVA, Fiasco.OC, seL4, and a custom
kernel for running Genode directly on ARM-based hardware. Whereas the Linux
version serves us as development vehicle and enables us to rapidly develop the
generic parts of the system, the actual target platforms of the framework are
microkernels. There is no "perfect" microkernel - and neither should there be
one. If a microkernel pretended to be fit for all use cases, it wouldn't be
"micro". Hence, all microkernels differ in terms of their respective features,
complexity, and supported hardware architectures.

Genode allows the use of each of the kernels listed above with a rich set of
device drivers, protocol stacks, libraries, and applications in a uniform way.
For developers, the framework provides an easy way to target multiple different
kernels instead of tying the development to a particular kernel technology. For
kernel developers, Genode contributes advanced workloads, stress-testing their
kernel, and enabling a variety of application use cases that would not be
possible otherwise. For users and system integrators, it enables the choice of
the kernel that fits best with the requirements at hand for the particular
usage scenario.


Documentation
#############

The primary documentation is the book "Genode Foundations", which is available
on the front page of Genode website:

:Download the book "Genode Foundations":

  [https://genode.org]

The book describes Genode in a holistic and comprehensive way. It equips you
with a thorough understanding of the architecture, assists developers with the
explanation of the development environment and system configuration, and
provides a look under the hood of the framework. Furthermore, it contains the
specification of the framework's programming interface.

The project has a quarterly release cycle. Each version is accompanied with
detailed release documentation, which is available at the documentation
section of the project website:

:Release documentation:

  [https://genode.org/documentation/release-notes/]


Directory overview
##################

The source tree is composed of the following subdirectories:

:'doc':

  This directory contains general documentation. Please consider the following
  document for a quick guide to get started with the framework:

  ! doc/getting_started.txt

  If you are curious about the ready-to-use components that come with the
  framework, please review the components overview:

  ! doc/components.txt

:'repos':

  This directory contains the so-called source-code repositories of Genode.
  Please refer to the README file in the 'repos' directory to learn more
  about the roles of the individual repositories.

:'tool':

  Source-code management tools and scripts. Please refer to the README file
  contained in the directory.

:'depot' and 'public':

  Local depot and public archive of Genode packages. Please refer to

  ! doc/depot.txt

  for more details.


Additional community-maintained components
##########################################

The components found within the main source tree are complemented by a growing
library of additional software, which can be seamlessly integrated into Genode
system scenarios.

:Genode-world repository:

  [https://github.com/genodelabs/genode-world]


Contact
#######

The best way to get in touch with Genode developers and users is the project's
mailing list. Please feel welcome to join in!

:Genode Mailing Lists:

  [https://genode.org/community/mailing-lists]


Commercial support
##################

The driving force behind the Genode OS Framework is the German company Genode
Labs. The company offers commercial licensing, trainings, support, and
contracted development work:

:Genode Labs website:

  [https://www.genode-labs.com]