-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
Hi,
We are proud to announce the availability of Muen version 0.7.
The following major features and improvements have been implemented since the last announcement:
=== Support for Genode VM subjects
Through the close collaboration with Genodelabs in Dresden [1], the Genode OS framework has been ported to run as subject on top of the Muen separation kernel. This allows the robust combination of the static, low-complexity Muen SK with the feature-rich and extensive Genode ecosystem. The result is a flexible platform for the construction of component-based high-assurance systems.
For more information about our work in this area see the Genode release notes [2].
=== Subject time mechanism
Giving untrusted subjects access to high-resolution time sources is often problematic from a security perspective as it makes way to measure subtle timing differences in execution behavior, enabling side-channel attacks. One mechanism to make such attacks harder is to provide only coarse grained time sources to untrusted code. To this end we implemented a time virtualization mechanism by providing a timeserver component in SPARK 2014, which exports time information with microsecond granularity via shared memory. Only the timeserver has access to the TSC high-resolution timer of the CPU and the Real-Time Clock (CMOS/RTC).
Other subjects derive the absolute and relative time from the exported values without the need to access hardware time sources. For Linux, we implemented a paravirtualized TSC driver and CMOS/RTC emulation in the associated subject monitor (SM).
=== Hardware and platform policy abstractions
The XML system policy has been augmented with hardware resource and platform description abstractions.
The hardware section describes the hardware resources provided by the target machine and can be automatically generated using the mugenhwcfg [3] tool. By providing an automated mechanism for hardware information collection, the process of supporting new target hardware has been greatly simplified.
Using the platform layer, an unified view of the hardware resources across different physical machines can be achieved. This enables integrators to deploy the same system policy across a wide range of hardware targets.
=== Linux virtual filesystem and network interface drivers
The muenfs [4] Linux kernel module implements a virtual file system that facilitates user-space access to inter-subject memory channels. Filesystem operations are used to exchange data with other subjects.
The muennet [5] Linux kernel module implements a virtual network interface driver which sends and receives data via shared memory channels. From the perspective of a Linux user-space application, a network interface created using the muennet kernel module behaves just like an ordinary network interface.
These new modules enable applications running on Linux to conveniently communicate and interact with other subjects of a component-based system running on Muen.
Further changes and improvements include:
* Support for Message Signaled Interrupts (MSI) * Debugserver subject written in Ada 2012 * VT subject written in Ada 2012 * Various toolchain improvements and optimizations
One particularly exciting aspect of our work related to the aforementioned Genode framework is that we were able to utilize the base-hw x86_64_muen kernel port to execute 32-bit Windows (7-10) guest VMs using the Genode VirtualBox support on top of Muen. To achieve this, we implemented a VirtualBox hardware execution layer for hw_x86_64_muen. We plan to pursue this line of work in order to properly integrate Windows VM support as a feature of Muen.
The mugenhwcfg tool for automated generation of hardware configuration is the result of a 12-week internship by Chen Chin Jieh, a student from the Nanyang Technological University Singapore. We are very happy with the result and would like to thank him for his contribution to the Muen project.
Further information about Muen is available on the project website [6] and the git repository can be found at [7].
Please feel free to give the latest development version of Muen a try. Feedback is much appreciated!
Kind regards, - - reto
[1] - http://genode-labs.com/ [2] - http://genode.org/documentation/release-notes/15.08 [3] - http://git.codelabs.ch/?p=muen/mugenhwcfg.git [4] - http://git.codelabs.ch/?p=muen/linux/muenfs.git [5] - http://git.codelabs.ch/?p=muen/linux/muennet.git [6] - http://muen.codelabs.ch/ [7] - http://git.codelabs.ch/?p=muen.git