Microkernel and Component-based OS
Unhackable across 30 Years, End in Sight
<p>As tech lead on commercial UNIX at Bell Labs, an opportunity arose in 1988 to write a nano-kernel to end all nano-kernels, complete with an unhackable boot requirement. It was clear that a cryptographically secure chip level boot assistance was required, which guided subsequent patented ECC work at NeXT and Apple. Post Apple, in a “Social Purpose” company of his own, work has continued to fully realize this dream. The 1988 nanokernel had no threads and delivered messages across upcall channels to a thread simulation, yet that was unsatisfactory. The social element of phishing etc. is now the most feared secuirity breach, and in new work, discussed, the complete solution space is described, in the first half. New hardware is underway, solving such issues as weak memory models.</p>
<p>In the second half of the talk, key lockless queuing primitives are discussed that form the basis fo a multi-core actor runtime (MART) to subsume most if not all duties of the executive. Far richer than a hypervisor, the executive manages memory in new manners, in a memory safe programmer nature. In practice, a single core actor runtime (START), running across 32, 64 arm, x86, and extensa cpu architectures is available. The language and runtime are destined to the Open Source world, unless the larger project, TheDew, makes file systems and databases obsolete in its first rollout, which will include unhackable identity. Ask: Join us!</p>
Additional information
| Type | devroom |
|---|
More sessions
| 2/5/22 |
<p>Welcome talk and introduction to the Microkernel and Component-based OS devroom at FOSDEM 2022.</p>
|
| 2/5/22 |
<p>Concurrent code is hard to get right, but at the same time also hard to test. It gets worse when hardware interaction is required. This leads to a comparatively poor culture of unit testing in kernel code, where both come together.</p> <p>In this talk, I’m going to highlight one particular method of unit testing the page table manipulation code in Hedron, a microkernel written in C++ specially geared towards virtualization workloads. This code safely modifies page tables that are ...
|
| 2/5/22 |
<p>GNU/Hurd is the original Free Software operating system started in the 1980s. Its microkernel design has been evolving over the years and the project has not quite hit mainstream use. I believe this is due to one main reason: the lack of drivers for peripherals and hardware. In this talk, I explain how NetBSD kernel drivers have been reused in a microkernel setting and demonstrate their use to boot up a GNU/Hurd system via a userspace rump disk driver, with a driverless Hurd kernel, gnumach. ...
|
| 2/5/22 |
<p>Driven by the vision of a truly trustworthy smartphone, I dedicated the past year to bringing the component-based Genode OS to the Pinephone. The talk presents my experience story, touching on the hardware, booting, the porting of the kernel, component-architecture concerns, and device drivers.</p>
|
| 2/5/22 |
<p>In this talk, we explore the design of Managarm's microkernel. Managarm is a pragmatic microkernel-based OS with a focus on asynchronous operations. The talk covers various aspects of the microkernel, such as its IPC model, resource management, and user space API. Managarm's microkernel employs a capability-based design to manage hardware resources. In contrast to current mainstream OSes, Managarm's system calls never block but report completion asynchronously whenever possible. This includes ...
|
| 2/5/22 |
<p>Unikernels are hard to debug? Unikernels cannot be easily administrated or monitored? While unikernels have the potential to revolutionize our infrastructures and take cloud computing into the next era, many worry that unikernels cannot be seamlessly integrated into today’s development and production workflows. At the Unikraft team, we are heavily working on addressing these concerns and changing the status quo. Although unikernels are monolithic bundles of only necessary kernel functions ...
|
| 2/5/22 |
<p>Serverless computing facilitates the use of resources without the burden of administering and maintaining infrastructure. The simplification of IaaS appears ideal (in theory) but providers and users are presented with several challenges: providers aim to reduce infrastructure maintenance overheads; users require isolation, flexibility and programming freedom.</p> <p>Serverless deployments are mostly backed by sandboxed containers. To enable programming freedom for users, providers allow the ...
|
