Guest post by With the just released version 10.05, the Genode OS Framework reaches out to new application areas by providing a solution for subjecting all processes to mandatory access control, and adding the infrastructure needed for high-quality audio processing. On the way towards running general-purpose OS workloads, the port of the Webkit-based Arora web browser running as a native Genode process marks a pivotal point for the project.
Genode’s new configuration concept puts the full the power of the its hierarchic process structure into the hands of the user. With previous versions, specialized policies for subsystems used to require hand-crafted source code. Now, a new configuration concept allows for subjecting child processes to least-privilege policies, but it also enables the arbitrary definition of client-server relationships. Furthermore, it has become possible to define whole trees of processes at one central place. The new concept is detailed in a dedicated section of the release notes.
Because improving device-driver support remains to be an ongoing high-priority topic, the added support for audio output marks an important step, in two ways. On the one hand, it proofs the practical use of Genode’s high-performance inter-process packet-streaming facility. But it also shows off how to put the Linux device driver environment (DDE) to practice. Thanks to DDE, is was possible to reuse Linux drivers for popular sound hardware directly on Genode. Combined with the recently introduced support for real-time priorities and the new configuration concept, the road is now paved for high-quality audio-processing on Genode.
Many use cases of Genode require existing Linux-based applications. For this reason the project continuously improves the integration of the paravirtualized OKLinux kernel with Genode services. The current release adds support for the seamless integration of the X Window System running on OKLinux with Genode’s GUI. This way, multiple OKLinux instances and GUI-based Genode applications can be operated in one integrated window environment. This screenshot shows two Linux instances and the launchpad application running side by side. The nitpicker GUI server is a slightly modified version, tinting each client with a different color when the user activates the X-Ray mode.
Among the other major improvements are a new build system optimized for multi-processor systems, the port of libSDL, and support for flexible page sizes. Check out the release notes for a complete list of changes.
GenodeOS rides into the future. I am waiting for real Hurd progress.
Now all we need is a liveCD for the new release so we can test it…
Can someone give me a clear explanation of what Genode *IS*? Is it a userland?
It is a kernel. Only that as it is based on a micro-kernel(L4?) it actually is a “userland”.
The whole concept of turtles-all-the-way-down privilege separation model sounds interesting.
I wonder how expensive all that IPC is, though, if the only way to OS services is through all the ancestor processes, and how it applies to all the Linux/posix stuff they are porting.
http://genode.org/documentation/general-overview
Genode is a user land that is able to run directly on 6 different kernels (OKL4, L4/Fiasco, L4ka::Pistachio, Codezero, NOVA hypervisor, and Linux). But more importantly, it is an integral OS architecture that applies the microkernel paradigm of minimizing critical complexity to each component of the user land.