Join the microkernel developer room at FOSDEM 2020 Nov 29, 2019

The world's most important gathering of Free-Software and Open-Source enthusiasts opens its doors again in 2020. It goes without saying, that Genode is on board.

We are speaking - of course - of FOSDEM in Brussels, held during the weekend of 1st, 2nd of February:

https://fosdem.org/2020/

Since 2012, FOSDEM has a special place in our heart because it hosts a dedicated developer room for microkernel and component-based operating systems. Genode participated in the developer room each year and 2020 won't be an exception - thanks to Julian Stecklina who shepherds the developer room this time.

Note that the call for participation is still open until December 1st:

https://lists.fosdem.org/pipermail/microkernel-devroom/2019-November/000156.html

Genode OS Framework 19.11 released Nov 28, 2019

We released the version 19.11 of the Genode OS framework, introducing a custom block-device encrypter, 64-bit ARM virtualization, and new tooling for application development.

As with every release, the accompanied documentation presents the technical achievements along with background stories:

https://genode.org/documentation/release-notes/19.11

One particularly exciting story is the development of our custom block- device encrypter. It is the first non-trivial Genode component written primarily in the SPARK programming language, which was designed for the application of formal verification methods to real-world software.

The second major addition is a new virtual machine monitor for 64-bit ARM platforms. It leverages the proof of concept we developed in 2015 for ARMv7, which we pursued as a technology exploration. In contrast, our aspiration with the new virtual machine monitor is a product- quality solution.

With respect to tooling, the new release explores an intriguing new direction for Genode. Whereas Genode's regular development tools were designed for whole-systems development, our new tool called Goa puts the development of application software into focus. In particular, it bridges Genode with popular commodity tools like CMake.

Among the further topics addressed by the current release are vast improvements of Genode's POSIX compatibility, multi-core support on 64-bit i.MX8 SoCs, and improved device-driver support for x86.

Review of the Genode Community Summer Oct 01, 2019

We experimented with a new type of event, fostering the community spirit among users and developers of Genode.

From the get-go, we tried to foster Genode as a healthy community of operating-system enthusiasts. In our professional relationships, we tirelessly advocate the transparent model of developing Free and Open-Source Software in public sight. This model cultivates the dissemination of knowledge and experience, and thereby the empowerment of individuals. It is in stark contrast to business ventures that commercially exploit know-how as an exclusive asset that needs protection. In the Free-Software world, we are free to let ideas flow, share our findings, seek assistance from others, and develop friendships.

In this spirit, we came up with the idea to open our office doors to the Genode community, thereby giving enthusiasts and professional users alike the opportunity to enjoy our collaborative environment, tap the brains of seasoned Genode developers, and get to know each other.

To our surprise, our rather short-term announcement was met with great interest. We enjoyed hosting 11 participants from 5 different countries. The two weeks were filled with topics ranging from NOVA kernel work, over various ARM platforms, virtualization, great advances of Genode on Linux, stressing our OpenGL stack, to the adventures of porting highly complex software. The feedback from the attendees left us with no doubt: A come-together like this calls for more!

Genode OS Framework 19.08 released Sep 30, 2019

End of August, we celebrated the 44th Genode release, which was focused on a variety of practical concerns, ranging from the handling of keyboard layouts, over the management of system time, to the secure copy-and-pasting of text between mutually distrusting programs.

Genode's development of new features goes always hand in hand with the consolidation of the existing code base. On that account, the new version kicks off our effort to harmonize the execution of Unix-based software along with native Genode components. Programs that formerly required our Noux runtime environment - a virtual Unix kernel running in user space on top of Genode - or a virtual machine have now become able to run directly on top of Genode's regular C runtime. This will greatly ease the porting of existing software to the native Genode world.

Feature-wise, the new version brings the ability to use our base-hw kernel on 64-bit ARM, adds networking on NXP's i.MX8 SoC, introduces a new tracing tool, updates Qt5 to version 5.13, extracts SMBIOS information on x86, and comes with a new browser VM appliance. Those and many more topics are covered in detail by the release documentation.

Speaking of Security Jul 30, 2019

When speaking with IT-security professionals, we often encounter very different interpretations of the term "security".

During such conversations, we found that our intuitive notion of IT security as resilience - and in particular the examination of attack surfaces - is rather uncommon. This prompted us to put our use of the term into a broader perspective:

https://genodians.org/nfeske/2019-07-11-security

The article tries to systematize various disciplines in the field of IT security, ranging from cryptography, network security, operational security, posthumous security, over reactive security and attack mitigations, to resilience.

Sculpt OS 19.07 released Jul 29, 2019

Sculpt OS 19.07 features a smoother user experience and the ability to copy and paste text between virtual machines, terminals, and graphical applications.

Sculpt OS is our custom general-purpose operating system we develop as a showcase for the flexibility of the Genode OS framework. The release of Sculpt OS 19.07 at the beginning of July wraps up its extensive design-exploration story.

The story began in May 2018 with the release of Sculpt OS for Early Adopters (EA), which featured the interactive system composition using a text-based user interface as a visual overlay. At this point, it was geared to die-hard Genode enthusiasts only. The second step followed in June in the form of Sculpt for The Curious (TC), which introduced a graphical user interface for common tasks like the management of storage and networking. It was followed by Sculpt with Visual Composition (VC) in September, which extended the graphical user interface with an interactive component graph. The final step - Sculpt as a community experience (CE) - followed in March 2019, which introduced our unique federated way of installing and safely deploying software from trusted and untrusted sources.

After this rapid and intensive design-exploration ride, Sculpt OS enters a calmer phase of steady evolution. In this spirit, the new version 19.07 improves the overall performance thanks to the massive infrastructure improvements that came with Genode 19.05. The most prominent new user-visible feature is the ability of copy and paste text between terminals, graphical applications, and virtual machines. Our unique take on this feature is described in a dedicated article.

The new release can be obtained from the Sculpt download page and is accompanied by updated documentation.

Meet us at TU Dresden's Output exhibition Jun 11, 2019

We will participate at TU Dresden's Output exhibition at a joint booth with Cyberus Technology. update: changed date

Update: The original announcement wrongly stated the 20th of June as date. Output is a two-day event on 19/20th of June. We will be present only on the first day.

The university of Dresden celebrates the 50th anniversary of its faculty for computer science this year:

Date 19th of June 2019

Location Fakultät Informatik der TU Dresden

Website https://output-dd.de

Since Genode Labs is located in Dresden and most members of our team studied at this department, we join the celebration in the form of a joint booth with the company Cyberus Technology. Both companies are maintaining the NOVA kernel as a concerted effort. Hence, at the booth, you will see different uses of the NOVA kernel, ranging from Cyberus' security analysis tools to Genode's Sculpt OS.

Genode OS Framework release 19.05 May 30, 2019

With the second Genode release this year, we are focussing on the framework's platform support at various levels. In particular, the added support for the 64-bit ARM architecture (AARCH64) paves the ground for running Genode on modern ARM-based platforms.

The added support of the ARM 64-bit architecture involved a profound update of Genode's infrastructure, including the tool chain, the dynamic linker, and the C runtime. These changes are accompanied with improved tooling to keep the diversity of kernels, CPU architectures, and boards easily manageable.

The flagship feature of Genode 19.05 is without any doubt our long-term effort to unify the implementation of virtual machines on top of the various kernels supported by the framework. One year ago, we still regarded virtual machine monitors as inherently tied to a particular kernel interface. With Genode 19.05, we ultimately have become able to run the same virtual machine monitor on kernels as different as NOVA, seL4, and Fiasco.OC - with no recompilation needed!

Further highlights of the new version are new options for user- level networking, the ability to run the Spring application framework and the Tomcat web server with our port of OpenJDK, and improved network drivers for Zynq and Intel hardware. These and many more topics are covered in great detail in the release documentation...

Release of the Sculpt CE operating system Mar 28, 2019

The fourth version of our Genode-based general-purpose OS marks the final stage of the plan we envisioned one and a half years ago and is subtitled as "Community Experience" (CE).

The background of this slogan is our ambition to remove the need for any middleman between developers and users. In contrast to today's mainstream OSes, which rely on ultimately trusted distributions or app stores, Sculpt works completely federated. The integrity of the installed software is protected by digital signatures of the software providers while each piece of software is sandboxed both at installation time and at runtime. This way, users don't need to be faithful but enter a position of ultimate control.

This is capability-based security at work!

As explained in the accompanying blog posting, Sculpt CE features a new user interface to integrate software into the running system and to reveal the trusted computing base of each component:

Sculpt CE is available as a ready-to-use disk image bootable from a USB stick. The release is accompanied with comprehensive documentation that covers both the use the system and the philosophy behind it.

Without a middleman between software providers and users in Sculpt OS, there is the obvious question: How can a user find software? This is where our recently started community blog - Genodians.org - enters the picture.

It gives developers a way to announce new software while users can share their perspectives and ideas. Just like Sculpt OS, the content of Genodians.org is managed in a federated fashion. In the previous newsletter, we already announced the beta version of this blogging platform. In the meantime, we launched the site officially. We are happy that there are already more than 10 authors participating.

Boot2Java - a system for Java-based network appliances Mar 27, 2019

With Boot2Java, we present a Genode-based operating system that boots directly into a Java network application.

Embedded systems - in particular in the world of Internet of Things (IoT) - call for specially tailored and hardened appliance-like operating systems. The business logic of such systems is usually defined by experts in their product domain, and expressed in productivity languages, in particular Java. However, such domain experts are rarely operating-system specialists. Hence, IoT products often rely on off-the-shelf or vendor-provided variants of GNU/Linux or Android-based distributions and host higher-level language runtimes on top. The price for the quick time to market is the enormous complexity of the hardly-understood base system and the implicit dependency from regular software updates provided by the used OS vendor or distribution.

With our new exemplary Boot2Java system, we offer the prospect to break free from such dependencies and risks. This Genode-based system boots directly into our version of the OpenJDK Java runtime to execute a Java network application. The application can communicate over one or more network interfaces with the outside world. The underlying Genode-based operating system is three orders of magnitude less complex compared to the current state-of-the-art solutions. This is good because with less complexity, less things can go wrong.

The best part is that the system can be customized without diving deep into operating-system details. Changes like replacing the Java application, defining the network policy, or supplying a custom SSL certificate can be done directly on the boot medium (usually an SD card) without any further integration work.

Genode OS Framework release 19.02 Feb 28, 2019

Version 19.02 enhances Sculpt OS with a federated software provisioning model, showcases the use of Java for an IoT network appliance and the creation of a component-based web service, improves the runtime support for Ada and SPARK, and adds board support for i.MX6 Quad Sabrelite and Nitrogen6 SoloX.

Our first release of 2019 pays tribute to this year's road map topic of making Genode relevant and attractive for a broader community.

First, it enhances Sculpt OS with an easy-to-use way to discover, install, and integrate software originating from different providers into a running Sculpt system. Conversely, software providers get a distribution channel directly to the user, secured by cryptographic signatures. Unlike commodity OSes that rely on app stores or distributions, there is no middleman between software providers and users in Sculpt OS.

Second, it makes the world's most popular programming language - Java - available. Our port of OpenJDK facilitates just-in-time compilation on both 32-bit ARM and 64-bit x86 architectures. The use of Java within a Genode system is nicely showcased by an exemplary IoT network appliance.

Third, to foster a strong sense of community, the release introduces a Genode-based federated blogging platform, which enables users and developers alike to share ideas, practical tips and tricks, and announcements. Genodians.org is open for everyone to participate.

Other highlights of Genode 19.02 are the improved runtimes for the Ada/SPARK and OCaml programming languages, and the added support for the i.MX6 Quad Sabrelite and Nitrogen6 SoloX boards. For more details, please refer to the release documentation of version 19.02...

Road map for 2019 Jan 16, 2019

Our just-published road map for 2019 puts emphasis on making Genode relevant and appealing for a broader community.

We continue our tradition of publicly discussing Genode's road map at the turn of the year. The initial posting prompted a vivid discussion about our vision, mid-term ambitions, and potential areas of improvement. After the success of past year's evolution of our Genode-based general-purpose OS called Sculpt, we now face the question: How to make Sculpt relevant and appealing for a broader community of users and developers?

During the discussion, we identified three directions. First, we will focus on making Sculpt - and thereby Genode - easier to approach and to use. This comes along with fostering a sense of one joint community among users and developers. Second, we strive to make Genode more valuable by easing the use of existing applications and programming languages in Genode systems. And third, we aim at the seamless integration of Genode with established protocols and infrastructure.

To see how we broke down these high-level ideas into a sequence of tangible steps, please have a look at our official road map published earlier this week: https://genode.org/about/road-map.

Microkernel developer room at FOSDEM Jan 15, 2019

FOSDEM in Brussels is the go-to venue for the Free-Software and Open-Source community. This year, we have the honor of hosting the microkernel developer room at FOSDEM.

To our excitement, our call for participation received far more responses than anticipated. We are happy to announce a tight schedule of diverse and thought-provoking topics:

Schedule of FOSDEM's microkernel developer room

On Genode's account, Alexander Böttcher will present his current line of work about harmonizing the virtualization interfaces of different microkernels. Apart from Alexander, you can expect to catch up with Emery, Sebastian, Martin, Stefan, and Norman of our team at the developer room.

postal address:

  Genode Labs GmbH
  Dammweg 2
  D-01097 Dresden

visiting address:

  Genode Labs GmbH
  Friedrichstr. 26
  D-01067 Dresden

phone:

  +49 351 3282613

email:

  info@genode-labs.com