Archive

KolibriOS stored on DNA

In a paper out this week in Science, researchers Yaniv Erlich and Dina Zielinski report successfully using DNA to store and retrieve "a full computer operating system, movie, and other files".

DNA has the potential to provide large-capacity information storage. However, current methods have only been able to use a fraction of the theoretical maximum. Erlich and Zielinski present a method, DNA Fountain, which approaches the theoretical maximum for information stored per nucleotide. They demonstrated efficient encoding of information - including a full computer operating system - into DNA that could be retrieved at scale after multiple rounds of polymerase chain reaction.

Which operating system? Turns out it's KolibriOS, the all-assembler, floppy-based x86 operating system originally based on MenuetOS.

The story of Firefox OS

So I'd like to tell you my version of the story of Firefox OS, from the birth of the Boot to Gecko open source software project as a mailing list post and an empty GitHub repository in 2011, through its commercial launch as the Firefox OS mobile operating system, right up until the "transition" of millions of lines of code to the community in 2016.

During this five year journey hundreds of members of the wider Mozilla community came together with a shared vision to disrupt the app ecosystem with the power of the open web. I'd like to reflect on our successes, our failures and the lessons we can learn from the experience of taking an open source browser based mobile operating system to market.

Genode 17.02 uses Linux TCP/IP stack as file system

The just released version 17.02 of the Genode OS framework comes with greatly enhanced virtual file-system capabilities, eases the creation of dynamic system compositions, and adds a new facility for processing user input. Furthermore, the components have become binary-compatible across kernel boundaries by default such that entire system scenarios can be moved from one kernel to another without recompiling the components.

Genode's virtual file-system (VFS) infrastructure has a twisted history. Originally created as a necessity for enabling command-line-based GNU programs to run within Genode's custom Unix runtime, the VFS was later extracted as a separate library. This library eventually became an optional and later intrinsic part of Genode's C runtime. It also happened to become the basis of a file-system-server component. If this sounds a bit confusing, it probably is. But the resulting design takes the notion of virtual file systems to an new level.

First, instead of providing a system-wide VFS like Unix does, in Genode each component can have its own VFS. Technically, it is a library that turns a number of Genode sessions into a file-system representation according the component's configuration. Via those sessions, the component is able to access services provided by other components such as file systems, terminals, or block devices. Furthermore, several built-in file systems are provided locally from within the component. Since the VFS is local to each component, the view of the component's world can be shaped by its parent in arbitrary ways.

By default, each component runs in isolation. Whenever two components are meant to share a certain part of their VFS with one another, both mount a file-system session of the same server into their local VFS. This sharing is a deliberate decision by the component's common parent and thereby subjected to the parent's security policy. One particularly interesting file-system server is the so-called VFS server. It uses an arbitrarily configured VFS internally and exports its content as a file-system service, which can then be mounted in other components. This way, the VFS server can be used to emulate a "global" VFS, or to multiplex access to any file-system types supported by the VFS.

Speaking of supported file-system types, this is where the VFS becomes literally infinitely flexible. The VFS features a plugin interface that incorporates file system types provided in the form of shared libraries. If the VFS configuration refers to a file system type not known by the VFS, a corresponding plugin is loaded. For example, there exists a plugin for generating random numbers based of the jitter of CPU execution time. The file system, when mounted, hosts only a single read-only file that produces random numbers. But VFS plugins can become much more creative. Via the rump-kernel VFS plugin, one can incorporate the file systems of the NetBSD kernel into any VFS-using component. Genode 17.02 furthermore comes with a Plan-9-inspired VFS plugin that makes the Linux TCP/IP stack available as a file system. The C runtime then translates BSD-socket API calls to file-system operations on the socket file system, which, in turn, are handled by the Linux TCP/IP stack. The fascinating part is that this all happens within a single component. Such a component is in fact quite similar to a unikernel.

If two applications ought to share the same TCP/IP stack, the VFS server comes in handy. The Linux TCP/IP stack is then mounted once in the VFS server, which, in turn, provides file-system sessions to the applications. Each application then accesses the TCP/IP stack indirectly through those file-system sessions. In this scenario, the VFS server suddenly becomes a network multiplexer.

The VFS is not the only topic of the current release. Another highlight is the introduction of a application binary interface that makes all components binary compatible across kernel boundaries by default. Combined with the new kernel-independent build directories, it has become possible to move complete system scenarios from kernels as different as L4, NOVA, seL4, or Linux in matter of seconds. Further improvements of Genode 17.02 are the addition of a generic input-event processor, new SD-card drivers, the update to the version 0.8 of the Muen separation kernel, and a new mechanism for managing dynamic subsystems. All the improvements are described in detail in the release documentation.

Cryptographers show collision in SHA-1 algorithm

From the EFF:

On February 23rd, a joint team from the CWI Amsterdam and Google announced that they had generated the first ever collision in the SHA-1 cryptographic hashing algorithm. SHA-1 has long been considered theoretically insecure by cryptanalysts due to weaknesses in the algorithm design, but this marks the first time researchers were actually able to demonstrate a real-world example of the insecurity. In addition to being a powerful Proof of Concept (POC), the computing power that went into generating the proof was notable.

So what's the big deal?

Unfortunately, the migration away from SHA-1 has not been universal. Some programs, such as the version control system Git, have SHA-1 hard-baked into its code. This makes it difficult for projects which rely on Git to ditch the algorithm altogether. The encrypted e-mail system PGP also relies on it in certain places.

AROS adding 64bit and SMP support

After many years of active development, AROS finally seems to be able to 'evolve' the now 30+ years old architecture of the Amiga API. The original Amiga computers from Commodore brought to home users and professionals the first pre-emptive, window based operating system at affordable prices, although its kernel was tailored to the single Motorola 68000 CPU mounted on the machines. After Commodore's demise in 1994, a long debate started about the evolution of the Amiga platform and, although many announcements were made, current AmigaOS 4.1 is still a 32bit-based, single-core oriented operating system, and the same is true for Amiga-like alternatives MorphOS and AROS.

Things, however, are changing. In his weekly survey about AROS progress on AROS-EXEC.org and Amigaworld.net, Krzysztof Smiechowicz talked about "Work on handling additional CPU cores in x86_64 AROS kernel", adding "Initial version of SMP scheduler has been introduced in AROS i386/x86_64 kernel" just a week later. In the following weeks, a screenshot from coder Nick Andrews and a video on Youtube showed a 64-bit version of AROS, runnning on multicore AMD and Intel processors, handling 4 and 8 cores correctly.

SMP is being added to AROS by experienced coders Nick Andrews and Michal Schulz, and while it is not available in public nightly builds just yet, there is finally the chance to see an Amiga-like operating system handling modern CPUs properly.

Linux 4.10 released

Linux 4.10 has been released. This release adds support for virtualized GPUs, a new 'perf c2c' tool for cacheline contention analysis in NUMA systems, a new 'perf sched timehist' command for a detailed history of task scheduling, improved writeback management that should make the system more responsive under heavy writing load, a new hybrid block polling method that uses less CPU than pure polling, support for ARM devices such as the Nexus 5 & 6 or Allwinner A64, a feature that allows to attach eBPF programs to cgroups, an experimental MD RAID5 writeback cache, support for Intel Cache Allocation Technology, and many other improvements and new drivers. Here is the full list of changes.

“A great disturbance in the force…”

The news is that after 15 years the IMDb is closing down its message boards, but the story is their creation in the first place: a tale of Apache, mod_perl, PostgreSQL, C, and XEMacs, all served up on a BeOS bun in a Bristol-area cafeteria; of missed deadlines, missed opportunities and misplaced innocence given the scale of comments, comment spam and trolling up to that point. Brought to you by Colin M. Strickland, a developer whose CV has long read "you can blame me for the message boards" (and yes, he does go by the initials cms).

Solaris moving to a ‘continuous delivery model’

After the recent removal of Solaris 12 from the Solaris road map inspired much speculation on the future of Solaris, Oracle has finally published a blog post detailing the cause of the removal, and the future of Solaris

Oracle Solaris is moving to a continuous delivery model using more frequent updates to deliver the latest features faster, while fully preserving customer and ISV qualification investment in the vast array of ISV applications available on Oracle Solaris 11 today. New features and functionality will be delivered in Oracle Solaris through dot releases instead of more disruptive major releases, consistent with trends seen throughout the industry.

In addition, support for current versions of Solaris 11 has been extended to beyond 2030. The actual updated roadmap is light on details, though, but it does appear that Solaris at least isn't dead just yet.

OpenVMS port to x86 update

VSI (the men and women porting OpenVMS to x86 hardware) has released an update outlining some of the issues so far in porting this old battleship of an operating system to x86 and liberating it from IA64.

This update provides a high level view of our current efforts to port OpenVMS to the Intel x86 hardware platform. The report highlights topics including: Compilers, Objects & Images, Early Boot Path, Virtual Machines, Dump Kernel, Paravirtualization, and Condition Handling.

Still a long way to go, but it is exciting for VMS fans.

Jehanne: a Plan 9-based operating system

Jehanne is a new distributed operating system designed for programmers. The core values that lead the development are simplicity and security. Jehanne is a fork of Harvey (which in turn is a fork of Plan 9 from Bell Labs merged with Nix's kernel sources) but diverges from the design and conventions of its ancestors whenever they are at odds with its goals. Read about development progress made in 2016.

Rux: a hobbyist microkernel written in Rust

Rux's goal is to become a safe general-purpose microkernel. It tries to take advantage of Rust's memory model - ownership and lifetime. While the kernel will be small, unsafe code should be kept minimal. This makes updating functionalities of the kernel hassle-free.

Rux uses a design that is similar to seL4. While there won't be formal verification in the short term, it tries to address some design issues of seL4, for example, capability allocation.

The code is very approachable for anyone interested in capability-based microkernel design.

Genode 16.11 revisits low-level protocols

Following the feature-rich release in August, with the new version 16.11, Genode's developers took the chance to work on long-standing architectural topics, most prominently the low-level interplay between parent and child components. Besides this low-level work, the release features much improved virtual-networking capabilities. Originally introduced in the previous version, Genode's network-routing mechanism has become more versatile and easier to use. Further topics include the added support for smart cards, kernel improvements of the NOVA hypervisor, and a virtual file system for generating time-based passcodes.

The efficient interaction between user-level components is one of the most important aspects of microkernel-based systems like Genode. The design space for this interplay is huge and there is no widely accepted consensus about the "right" way. The options include message passing between independent threads, the migration of threads between address spaces, shared memory, and various flavours of asynchronous communication.

When the Genode project originally emerged from the L4 community, it was somehow preoccupied with the idea that synchronous IPC is the best way to go. After all, the sole reliance on unbuffered synchronous IPC was widely regarded as the key for L4's excellent performance. Over the years, however, the mindset of the Genode developers shifted away from this position. Whereas synchronous IPC was found to be a perfect match for some use cases, it needlessly complicated others. It turns out that any IPC mechanism is ultimately a trade-off between low latency, throughput, simplicity, and scalability. Finding a single sweet spot that fits well for all parts of an operating system seems futile. Given this realization and countless experiments, Genode's inter-component protocols were gradually shaped towards the combination of synchronous IPC where low-latency remote procedure calls are desired, asynchronous notifications, and shared memory. That said, Genode's most fundamental inter-component communication protocol - the interplay between parent and child components to establish communication sessions between clients and servers - remained unchanged since the very first version. The current release reconsiders the architectural decisions made in the early days and applies Genode's modern design principles to these low-level protocols. The release documentation contrasts the original design that was solely based on synchronous IPC with the new way. Even though the new version overcomes long-standing limitations of the original design, at the first glance, it gives the impression to be more complicated and expensive in terms of the number of context switches. Interestingly, however, the change has no measurable effect on the performance of even the most dynamic system scenarios. The apparent reason is that the parent-child interactions make up a minuscule part of the overall execution time in real-world scenarios.

Even though the architectural work mentioned above is fundamental to the Genode system as a whole, it is barely visible to users of the framework. With respect to user-visible changes, the most prominent improvement is the vastly improved infrastructure for virtual networking, which is covered in great detail in the release documentation. Further topics are the added support for using smart cards, a new VFS plugin for generating time-based passcodes, and updated versions of VirtualBox 4 and 5 running of top of NOVA. Speaking of NOVA, the release improves this kernel in several respects, in particular by adding support for asynchronous map operations. Each of the topics is covered in more depth in the release documentation.

Unix history repository, now on GitHub

The history and evolution of the Unix operating system is made available as a revision management repository, covering the period from its inception in 1970 as a 2.5 thousand line kernel and 26 commands, to 2016 as a widely-used 27 million line system. The 1.1GB repository contains about half a million commits and more than two thousand merges. The repository employs Git system for its storage and is hosted on GitHub. It has been created by synthesizing with custom software 24 snapshots of systems developed at Bell Labs, the University of California at Berkeley, and the 386BSD team, two legacy repositories, and the modern repository of the open source FreeBSD system. In total, about one thousand individual contributors are identified, the early ones through primary research. The data set can be used for empirical research in software engineering, information systems, and software archaeology.

The project aims to put in the repository as much metadata as possible, allowing the automated analysis of Unix history.

Samsung buys Harman for $8 billion

Samsung has announced that it has acquired Harman, the company behind over 20 brands including audio companies AKG, JBL and Harman/Kardon, as well as a suite of connected car technologies.

Although you're probably more familiar with Harman for their audio brands, the company earns around two thirds of its revenues from automotive-related segments where it produces telematics, security and 'embedded infotainment' solutions.

Darling is still trying to run macOS software on Linux

Darling, the project to bring macOS binaries to Linux, is still active. After a period of inactivity, the project has picked up speed, according to phoronix.com.

Darling is still progressing but in its latest state can not run any macOS GUI applications but rather only basic command-line apps with both 32-bit and 64-bit capabilities. From the Darling Shell there is support for working with DMG images and even using Apple's Xcode toolchain for compiling basic "Hello World!" type applications for macOS and running from a Linux system.

Project Mortar wants Pepper API Flash & PDFium in Firefox

PDFium is the Google open-source project for PDF support in Google Chrome. PDFium was previously closed-source based upon Foxit PDF technology while now it's been fully open-source since 2014.

The Pepper API Flash implementation is also what's used by Google's Chrome web-browser. By switching to the PAPI-based Flash, Firefox would be able to finish getting rid of their NPAPI support with the Firefox Flash support still relying upon it with Shumway and other projects not panning out.

MenuetOS 1.23.60 released

Recent additions to MenuetOS include SMP support for up to 32 processors, support for 32GB RAM, support for time-critical, non-preempting processes, additions to window transparency, improved USB webcam and storage support, context-mixing compressor, WebCall (IP to IP with audio and video), streaming audio (internet radio) and video support - all written 100% in 64bit x86 assembly.