With the just released version 10.05, the Genode OS Framework reaches out to new application areas by providing a solution for subjecting all processes to mandatory access control, and adding the infrastructure needed for high-quality audio processing. On the way towards running general-purpose OS workloads, the port of the Webkit-based Arora web browser running as a native Genode process marks a pivotal point for the project.
Genode’s new configuration concept puts the full the power of the its hierarchic process structure into the hands of the user. With previous versions, specialized policies for subsystems used to require hand-crafted source code. Now, a new configuration concept allows for subjecting child processes to least-privilege policies, but it also enables the arbitrary definition of client-server relationships. Furthermore, it has become possible to define whole trees of processes at one central place. The new concept is detailed in a dedicated section of the release notes.
Because improving device-driver support remains to be an ongoing high-priority topic, the added support for audio output marks an important step, in two ways. On the one hand, it proofs the practical use of Genode’s high-performance inter-process packet-streaming facility. But it also shows off how to put the Linux device driver environment (DDE) to practice. Thanks to DDE, is was possible to reuse Linux drivers for popular sound hardware directly on Genode. Combined with the recently introduced support for real-time priorities and the new configuration concept, the road is now paved for high-quality audio-processing on Genode.
Many use cases of Genode require existing Linux-based applications. For this reason the project continuously improves the integration of the paravirtualized OKLinux kernel with Genode services. The current release adds support for the seamless integration of the X Window System running on OKLinux with Genode’s GUI. This way, multiple OKLinux instances and GUI-based Genode applications can be operated in one integrated window environment. This screenshot shows two Linux instances and the launchpad application running side by side. The nitpicker GUI server is a slightly modified version, tinting each client with a different color when the user activates the X-Ray mode.
Among the other major improvements are a new build system optimized for multi-processor systems, the port of libSDL, and support for flexible page sizes. Check out the release notes for a complete list of changes.