Choosing a Kernel
Martin Stein
martin.stein at ...1...
Thu Oct 24 12:26:41 CEST 2013
Hi Neal,
The Genode base provided by base-hw
follows the approach to minimalize the
code running in privileged CPU mode.
Its kernel (base-hw/src/core/kernel*) is a
single-threaded state machine that tries
to hand over handling of caught hardware-
exceptions as fast as possible to userland.
Additionally we try to keep the kernel
interface (base-hw/include/kernel/syscalls.h)
small and expressive.
Nethertheless I'm afraid that base-hw kernel
isn't yet what your looking for. It doesn't
handle real capabilities by now. Instead it
links kernel objects to global names that are
provided to the userland. Genodes capabilities
are only carriers of these global names but
they're not backed by an in-kernel right-
management. If a thread guesses a global
name right, it is allowed to acces the
according kernel object.
However, adding capability based right
management is one of the next profound
issues in base-hw, so it might be a solution
for your requirements in the near future.
I'm not that skilled at the other base
repositories of Genode but I'm sure the other
Genode fellows can help you with this. If
you have further questions don't hesitate
to ask.
Best regards,
Martin
On 24.10.2013 11:28, Neal H. Walfield wrote:
> Hi,
>
> I'm looking to run Genode on an ARM Cortex A8. I'm primarily
> interested in the security properties of the resulting system. I'm
> explicitly not interested in running multiple OS personalities or
> doing virtualization. What I do want is as pure an object capability
> system as possible and as small an attack surface as possible. This
> seems to suggest Fiasco.OC or OKL4, but perhaps the bare hardware
> kernel is better. I think NOVA doesn't come into question, because it
> only runs on x86.
>
> I couldn't find much information about the bare hardware kernel. I'd
> appreciate any pointers.
>
> Thanks!
>
> :) Neal
>
> ------------------------------------------------------------------------------
> October Webinars: Code for Performance
> Free Intel webinars can help you accelerate application performance.
> Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from
> the latest Intel processors and coprocessors. See abstracts and register >
> http://pubads.g.doubleclick.net/gampad/clk?id=60135991&iu=/4140/ostg.clktrk
> _______________________________________________
> Genode-main mailing list
> Genode-main at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/genode-main
More information about the users
mailing list