[ANN] Muen development version 0.7 released

Reto Buerki reet at ...309...
Mon Feb 22 12:35:34 CET 2016

Hash: SHA256


We are proud to announce the availability of Muen version 0.7.

The following major features and improvements have been implemented
since the last announcement:

=== Support for Genode VM subjects

Through the close collaboration with Genodelabs in Dresden [1], the
Genode OS framework has been ported to run as subject on top of the
Muen separation kernel. This allows the robust combination of the
static, low-complexity Muen SK with the feature-rich and extensive
Genode ecosystem. The result is a flexible platform for the
construction of component-based high-assurance systems.

For more information about our work in this area see the Genode
release notes [2].

=== Subject time mechanism

Giving untrusted subjects access to high-resolution time sources is
often problematic from a security perspective as it makes way to
measure subtle timing differences in execution behavior, enabling
side-channel attacks. One mechanism to make such attacks harder is to
provide only coarse grained time sources to untrusted code. To this
end we implemented a time virtualization mechanism by providing a
timeserver component in SPARK 2014, which exports time information
with microsecond granularity via shared memory. Only the timeserver
has access to the TSC high-resolution timer of the CPU and the
Real-Time Clock (CMOS/RTC).

Other subjects derive the absolute and relative time from the exported
values without the need to access hardware time sources. For Linux, we
implemented a paravirtualized TSC driver and CMOS/RTC emulation in the
associated subject monitor (SM).

=== Hardware and platform policy abstractions

The XML system policy has been augmented with hardware resource and
platform description abstractions.

The hardware section describes the hardware resources provided by the
target machine and can be automatically generated using the mugenhwcfg
[3] tool. By providing an automated mechanism for hardware information
collection, the process of supporting new target hardware has been
greatly simplified.

Using the platform layer, an unified view of the hardware resources
across different physical machines can be achieved. This enables
integrators to deploy the same system policy across a wide range of
hardware targets.

=== Linux virtual filesystem and network interface drivers

The muenfs [4] Linux kernel module implements a virtual file system
that facilitates user-space access to inter-subject memory channels.
Filesystem operations are used to exchange data with other subjects.

The muennet [5] Linux kernel module implements a virtual network
interface driver which sends and receives data via shared memory
channels. From the perspective of a Linux user-space application, a
network interface created using the muennet kernel module behaves just
like an ordinary network interface.

These new modules enable applications running on Linux to conveniently
communicate and interact with other subjects of a component-based
system running on Muen.

Further changes and improvements include:

 * Support for Message Signaled Interrupts (MSI)
 * Debugserver subject written in Ada 2012
 * VT subject written in Ada 2012
 * Various toolchain improvements and optimizations

One particularly exciting aspect of our work related to the
aforementioned Genode framework is that we were able to utilize the
base-hw x86_64_muen kernel port to execute 32-bit Windows (7-10) guest
VMs using the Genode VirtualBox support on top of Muen. To achieve
this, we implemented a VirtualBox hardware execution layer for
hw_x86_64_muen. We plan to pursue this line of work in order to
properly integrate Windows VM support as a feature of Muen.

The mugenhwcfg tool for automated generation of hardware configuration
is the result of a 12-week internship by Chen Chin Jieh, a student
from the Nanyang Technological University Singapore. We are very happy
with the result and would like to thank him for his contribution to
the Muen project.

Further information about Muen is available on the project website [6]
and the git repository can be found at [7].

Please feel free to give the latest development version of Muen a try.
Feedback is much appreciated!

Kind regards,
- - reto

[1] - http://genode-labs.com/
[2] - http://genode.org/documentation/release-notes/15.08
[3] - http://git.codelabs.ch/?p=muen/mugenhwcfg.git
[4] - http://git.codelabs.ch/?p=muen/linux/muenfs.git
[5] - http://git.codelabs.ch/?p=muen/linux/muennet.git
[6] - http://muen.codelabs.ch/
[7] - http://git.codelabs.ch/?p=muen.git

Version: GnuPG v2


More information about the users mailing list