Genode OS Framework 20.05 release May 31, 2020

Genode version 20.05 introduces new driver infrastructure for ARM, unifies ARM virtualization support, sandboxes components on the Linux version, and reaches feature-completion of our custom block encrypter.

Just yesterday, we published the version 20.05 of the Genode OS framework, bearing the fruit of our tireless optimization and consolidation work. Two architectural topics stand out most:

First, after having presented the initial version of Sculpt OS on 64-bit ARM hardware in February, we further intensified our ARM-related developments. The release comes with new device- driver framework infrastructure that introduces fine-grained access control to device hardware and fosters the separation between driver mechanisms and platform-specific parametrization. Functionality-wise, we achieved the unification of the formerly distinct virtual machine monitors for 32-bit and 64-bit ARM.

Second, the use of Linux as base platform has become much more tangible. Originally meant as a development vehicle only, this version of Genode used to lack the enforcement of fine-grained access control. However, thanks to the joint efforts with our friends at gapfruit AG, the new version revamps the low-level Linux-specific parts of the framework, sandboxes components via the seccomp mechanism and implements Genode's fine-grained object-capability model based of socket descriptors. This way, the use of Genode on Linux for production is no longer a pipe dream.

Regarding framework features, the most prominent topic is the feature completion of our custom block-level encryption component that we first introduced in Genode 19.11. The new version has become able to perform the cryptographic re-keying and the resizing of the virtual block device on the fly.

Among the many further topics are the improved management of CPU affinities on x86, new tracing utilities, and the updated version of the Genode Foundations book, reflecting the changes of the framework since one year ago. All topics are covered in great detail by the official release documentation...

