Hi Althaf, > specifications, however i realised its an adaptive framework. I will > give a notion of what i had expected, well i envisioned it to be one > like DDEkit- or Secure Userspace Execution Enviroment kit ( SUEEkit) > over 'any' mono/micro/hypervisor kernel, though it is correct, I > conclude from your reply that there is no solid bottom layer specification?
the Base API can be regarded as a "bottom layer specification" (its implementation is typically less than 10KLOC) of the whole system but there is no fixed base-internal interface. This gives each platform maximum flexibility about how the API is implemented. Given the vast differences of the mechanisms used, this flexibility is needed. E.g., by comparing the ways processes are created and address spaces are managed on Linux and L4, you will see that the respective base code has almost nothing in common. On Linux, 'rm_session()->attach()' is implemented locally by the calling process using mmap. In contrast, on L4, the same API function is an RPC to core, which, in turn, manipulates the address space on demand (using L4's map/unmap) when a page fault occurs. > About my requirement, well i would like to adapt Genode for daily use > (on the long run) over a stripped down linux, ie not related to current > base-linux which only a dev / proof of concept platform than complying > to genode policy. I actually wondered why genode port to linux was using > sockets, than other secure linux mechanism like Shared memory and et > al.Now i understood why. ;-). Thanks for this very interesting insight. Is your idea in line with the topic "Microkernelizing Linux" described on our "Challenges" Wiki page? http://genode.org/community/wiki/Challenges Let me suggest two pointers that we stumbled upon when we brain-stormed this idea. First, we were pointed to Linux' "resource containers", which promise to allow the assignment of fine-grained resource constraints to individual processes. This looks like an interesting mechanism to support Genode's resource-trading concept. Secondly, we were made aware of the Capsicum project, which brings capability-based security to Linux. http://www.cl.cam.ac.uk/research/security/capsicum/ This looks like it may fit for securing the IPC communication between Genode processes on Linux. Best regards Norman -- Dr.-Ing. Norman Feske Genode Labs http://www.genode-labs.com · http://genode.org Genode Labs GmbH · Amtsgericht Dresden · HRB 28424 · Sitz Dresden Geschäftsführer: Dr.-Ing. Norman Feske, Christian Helmuth ------------------------------------------------------------------------------ Simplify data backup and recovery for your virtual environment with vRanger. Installation's a snap, and flexible recovery options mean your data is safe, secure and there when you need it. Data protection magic? Nope - It's vRanger. Get your free trial download today. http://p.sf.net/sfu/quest-sfdev2dev _______________________________________________ Genode-main mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/genode-main
