Guest post by The new Genode version 14.08 extends the graphical abilities of the framework to the level of flexibility expected from a general-purpose OS. In contrast to contemporary GUI stacks, Genode approaches the problem from the angle of maximizing security. This premise led to a fairly unique design. Further highlights of the new version are a new port of OpenVPN, an upgraded DDE Linux, vast performance improvements of the base-hw kernel, and networking for VirtualBox on top of the NOVA microhypervisor.
It goes without saying that a flexible and dynamic GUI stack is needed for a general-purpose operating system. Since Genode strives to become such a system, this problem had to be covered at some point. The starting point was the existing nitpicker GUI server, which is a secure multiplexer for the physical display and input devices. Regarding widget sets, the framework already featured a few custom graphical applications talking directly to nitpicker, and came with support for Qt and libSDL. However, there was a missing link between the low-level nitpicker GUI server and the applications, namely a window manager and desktop environment. The open question was how to maintain the rigid security provided by nitpicker while also supporting sophisticated window management, visually appealing window decorations, and customizability.
The solution took the Genode team more than a year to fall into place. At its core, it is a clever combination of small components that use existing Genode interfaces and facilitate two features unique to Genode: the virtualization of arbitrary OS services and the sandboxing of each individual process. The solution that comes with the new release adds merely 3000 lines of code to the trusted computing base of graphical applications while enabling advanced dynamic GUIs. The complex parts of the GUI such as the rendering and behavior of window decorations and window-layout management are stuffed away in sandboxes so that those complex (and potentially bug-prone) parts cannot compromise the privacy of the user. In fact, the security of the GUI stack does not even depend on a correctly working C runtime. So its attack surface is orders of magnitude smaller compared with commodity OSes. Of course, the current version is just a step on the road towards an integrated desktop environment but now, in contrast to one year ago, the path to walk on is clear.
Besides addressing the GUI stack, the new release comes with an updated execution environment for device drivers of the Linux 3.14.5 kernel. Thanks to DDE Linux, Linux subsystems such as the TCP/IP stack and the USB stack can be executed directly on the microkernels supported by Genode. The primary motivation behind the update was ongoing work on bringing the Intel wireless stack to Genode.
Functionality-wise, the highlights of the new release are a new port of the OpenVPN client that can now be used as Genode component, added networking support for guest OSes running in VirtualBox on top of NOVA, the use of multiple processors by the Seoul virtual-machine monitor, and the addition of pluggable file systems. Those and many more topics are covered in the detailed release documentation.
While I truly appreciate the depth of detail in this post, it might have been nice to have a little background on Genode in there as well.
The Genode website itself seems to have a hard time describing itself. Lots of technical detail, lots of jargon, no elevator pitch.
http://genode.org/about/index
This section is what you’re looking for.
No that is what I was referring to when I said the site didn’t do a good job of explaining itself.
It is a description that presupposes you know and understand the subject and terms involved. I happen to be familiar with secure hypervisors, but god help someone who isn’t make sense of that wall of text.
Maybe someone should explain the difference between Gnode and qubes-os.org.
To my limited understanding, both of these OSes are designed to offer the user a secure environment platform. Qubes-os is using Virtualization, the Zen hypervisor, to isolate applications and processes while Gnode is more difficult to comprehend.
I feel like that it is unnecessary since there were already a numerous posts about new releases of Genode OS Framework. Do we need description whenever there is a new release? If not, should this post have the description but not on others? What if in the future release announcement new visitor who has not heard about it before comes along and ask for the description?
First off, than you for submitting that story.
[qDo we need description whenever there is a new release? [/q]
Well aren’t you presupposing that people here have been reading the site and don’t skip over anything?
My personal opinion is that every post on a News-ish site should contain some kind of basic description, or at least a pointer to one. Doubly so in this case, where someone new who then tries to google for an explanation won’t really be helped.
No, it’s not needed because everyone reads every single news source possible …
Thanks for the remark. Having written that “About” text six years ago (just after leaving academia), I have to agree with you that it’s quite intangible. We kept it because it is still valid, technically. But maybe we should replace it by another attempt at a project description that I wrote recently for the L4hq website: http://l4hq.org/projects/os/
Would that be a better fit for an “About” page in your opinion?
I like that description a lot more. It is well written, and explains its terms.
Good job!
Didn’t we have this discussion in one of previous Genode news? Something about building blocks like Legos?…
This. I have read most of the news about Genode here and even spent some time on their website, but i don’t have a clear ideia of what Genode truly is. They call it a OS framework and i somewhat get the idea, but beyond that there really needs to have an elevator pitch.
Besides academic tinkering what the hell is it good for?
Edited 2014-08-29 11:57 UTC
Nice to see performance improvements of the base-hw kernel (up to 50% as I understand)
@nfeske
Can you give us some data how the base-he now compare performance wise against other microkernels (L4) ?
The performance of base-hw and Fiasco.OC (as the only L4 kernel of Genode’s base platforms that supports the Pandaboard) is largely on par. For highly dynamic workloads such as the “noux_tool_chain” test, base-hw is up to 25% faster than Fiasco.OC. That result possibly stems from the fact that the base-hw interface matches the Genode API more closely.
What is more interesting though, is that the application performance of base-hw tends to outperform Linux. E.g., loading a complex website (spiegel.de) on the Arora version of Ubuntu 14.04 takes longer than on Genode’s Arora version, both running on the same Pandaboard ES.
In short, the performance of base-hw looks quite good. In particular, the universally presumed “microkernel overhead” is really nothing to write home about.
I downloaded the Live CD and tried it out in Virtual Box. The performance was very inconsistent, with long periods of time spent as the mouse very very slowly track some input I’d given it a minute previously. It even locks up Virtual Box, as it wouldn’t even respond to the “host” key to regain OS mouse control. Perhaps it’s because I am on a Mac – but Virtual Box should be a pretty consistent environment.
There were some periods of time where it was more responsive – then I ran the GL demo and it froze up again.
Is the base-hw kernel generic enough to be used outside of Genode easily or is it inherently tied to Genode?