Genode does not describe an entire operating system, but an architecture of how to build processes based on a microkernel to collaborate in a secure way. The developers have developed a hierarchical model for this and ensure that the individual components can only communicate within the hierarchy in a predefined area called “trusted computing base”. Among other things, Genode can use Linux as a kernel, various variants of the microkernel L4 or even a further development of the micro-hypervisor NOVA. Sculpt OS is a self-contained operating system based on Genode.
Six weeks ago, Genode’s new version 19.05 focused on platform support improvements. Thus, a port was made to the 64-bit ARM architecture. In the course of this porting, the platform code was standardized. The compiler was updated to GCC 8.3 for all platforms, which enabled C ++ 17 to be turned on as standard C ++ syntax. A further result of the unification was a kernel-independent virtualization interface, with which a single implementation of a virtual machine monitor (VMM) with the kernels NOVA, seL4 and Fiasco.OC can be used.
Due to the many enhancements to the platform, fewer changes than planned were made to Sculpt OS. These are now being released with a new version of Sculpt OS. The biggest change in Sculpt OS 19.07 is copying and pasting between terminals, graphical applications and virtual machines. Because using the clipboard between otherwise isolated applications can pose a security risk, novel measures have been implemented to eliminate the risk. Among other things, the measures are intended to prevent two malicious programs from using the clipboard for secret data exchange.
Submitted by: Arnfried Walbrecht
Comments are closed.