OS News Archive

In a paper out this week in Science, researchers Yaniv Erlich and Dina Zielinski report successfully using DNA to store and retrieve "a full computer operating system, movie, and other files".

Which operating system? Turns out it's KolibriOS, the all-assembler, floppy-based x86 operating system originally based on MenuetOS.

The just released version 17.02 of the Genode OS framework comes with greatly enhanced virtual file-system capabilities, eases the creation of dynamic system compositions, and adds a new facility for processing user input. Furthermore, the components have become binary-compatible across kernel boundaries by default such that entire system scenarios can be moved from one kernel to another without recompiling the components.

Genode's virtual file-system (VFS) infrastructure has a twisted history. Originally created as a necessity for enabling command-line-based GNU programs to run within Genode's custom Unix runtime, the VFS was later extracted as a separate library. This library eventually became an optional and later intrinsic part of Genode's C runtime. It also happened to become the basis of a file-system-server component. If this sounds a bit confusing, it probably is. But the resulting design takes the notion of virtual file systems to an new level.

First, instead of providing a system-wide VFS like Unix does, in Genode each component can have its own VFS. Technically, it is a library that turns a number of Genode sessions into a file-system representation according the component's configuration. Via those sessions, the component is able to access services provided by other components such as file systems, terminals, or block devices. Furthermore, several built-in file systems are provided locally from within the component. Since the VFS is local to each component, the view of the component's world can be shaped by its parent in arbitrary ways.

By default, each component runs in isolation. Whenever two components are meant to share a certain part of their VFS with one another, both mount a file-system session of the same server into their local VFS. This sharing is a deliberate decision by the component's common parent and thereby subjected to the parent's security policy. One particularly interesting file-system server is the so-called VFS server. It uses an arbitrarily configured VFS internally and exports its content as a file-system service, which can then be mounted in other components. This way, the VFS server can be used to emulate a "global" VFS, or to multiplex access to any file-system types supported by the VFS.

Speaking of supported file-system types, this is where the VFS becomes literally infinitely flexible. The VFS features a plugin interface that incorporates file system types provided in the form of shared libraries. If the VFS configuration refers to a file system type not known by the VFS, a corresponding plugin is loaded. For example, there exists a plugin for generating random numbers based of the jitter of CPU execution time. The file system, when mounted, hosts only a single read-only file that produces random numbers. But VFS plugins can become much more creative. Via the rump-kernel VFS plugin, one can incorporate the file systems of the NetBSD kernel into any VFS-using component. Genode 17.02 furthermore comes with a Plan-9-inspired VFS plugin that makes the Linux TCP/IP stack available as a file system. The C runtime then translates BSD-socket API calls to file-system operations on the socket file system, which, in turn, are handled by the Linux TCP/IP stack. The fascinating part is that this all happens within a single component. Such a component is in fact quite similar to a unikernel.

If two applications ought to share the same TCP/IP stack, the VFS server comes in handy. The Linux TCP/IP stack is then mounted once in the VFS server, which, in turn, provides file-system sessions to the applications. Each application then accesses the TCP/IP stack indirectly through those file-system sessions. In this scenario, the VFS server suddenly becomes a network multiplexer.

The VFS is not the only topic of the current release. Another highlight is the introduction of a application binary interface that makes all components binary compatible across kernel boundaries by default. Combined with the new kernel-independent build directories, it has become possible to move complete system scenarios from kernels as different as L4, NOVA, seL4, or Linux in matter of seconds. Further improvements of Genode 17.02 are the addition of a generic input-event processor, new SD-card drivers, the update to the version 0.8 of the Muen separation kernel, and a new mechanism for managing dynamic subsystems. All the improvements are described in detail in the release documentation.

The Z88 Development Team has released a new version of the system ROM for the Cambridge Z88 portable.

The team also outlines its plans for the future:

VSI (the men and women porting OpenVMS to x86 hardware) has released an update outlining some of the issues so far in porting this old battleship of an operating system to x86 and liberating it from IA64.

Jehanne is a new distributed operating system designed for programmers. The core values that lead the development are simplicity and security. Jehanne is a fork of Harvey (which in turn is a fork of Plan 9 from Bell Labs merged with Nix's kernel sources) but diverges from the design and conventions of its ancestors whenever they are at odds with its goals. Read about development progress made in 2016.

The year-in-review blogpost has a nice overview of where the project stands.

It's definitely an interesting case to make - and Ben Thomspon does it well - but I still have a very, very hard time seeing voice-driven interfaces as anything but a gimmick at this point in time. Every point I made about this subject in the Summer of 2016 still stands today - limited functionality, terrible speech recognition, inability to deal with dialects and accents, and the complete and utter lack of support for people who live multilingual lives.

I can't hammer this last point home often enough: not a single one of the voice-driven interfaces we have today - Alexa, Siri, Google Now, Google Assistant, Cortana, whatever - support multilingual use. Some of them may allow you to go deep into a menu structure to change input language (while some, like smartwatches, even require a full wipe and reset), but that's not a solution to the problem of switching language sometimes even several times a minute, something multilingual people have to do dozens of times every day. And again - there are literally hundreds of millions of people who lead multilingual lives.

Heck, Alexa is only available in English and German!

If voice-driven interfaces are really as important as people make them out to be, they've got at least a decade of development ahead of them before they become actually useful and usable for the vast majority of the world.

What is Harvey OS?

Two news items about alternative operating systems in a row?

The year's off to a good start.

Great Christmas gift.

This is a great idea.

Following the feature-rich release in August, with the new version 16.11, Genode's developers took the chance to work on long-standing architectural topics, most prominently the low-level interplay between parent and child components. Besides this low-level work, the release features much improved virtual-networking capabilities. Originally introduced in the previous version, Genode's network-routing mechanism has become more versatile and easier to use. Further topics include the added support for smart cards, kernel improvements of the NOVA hypervisor, and a virtual file system for generating time-based passcodes.

The efficient interaction between user-level components is one of the most important aspects of microkernel-based systems like Genode. The design space for this interplay is huge and there is no widely accepted consensus about the "right" way. The options include message passing between independent threads, the migration of threads between address spaces, shared memory, and various flavours of asynchronous communication.

When the Genode project originally emerged from the L4 community, it was somehow preoccupied with the idea that synchronous IPC is the best way to go. After all, the sole reliance on unbuffered synchronous IPC was widely regarded as the key for L4's excellent performance. Over the years, however, the mindset of the Genode developers shifted away from this position. Whereas synchronous IPC was found to be a perfect match for some use cases, it needlessly complicated others. It turns out that any IPC mechanism is ultimately a trade-off between low latency, throughput, simplicity, and scalability. Finding a single sweet spot that fits well for all parts of an operating system seems futile. Given this realization and countless experiments, Genode's inter-component protocols were gradually shaped towards the combination of synchronous IPC where low-latency remote procedure calls are desired, asynchronous notifications, and shared memory. That said, Genode's most fundamental inter-component communication protocol - the interplay between parent and child components to establish communication sessions between clients and servers - remained unchanged since the very first version. The current release reconsiders the architectural decisions made in the early days and applies Genode's modern design principles to these low-level protocols. The release documentation contrasts the original design that was solely based on synchronous IPC with the new way. Even though the new version overcomes long-standing limitations of the original design, at the first glance, it gives the impression to be more complicated and expensive in terms of the number of context switches. Interestingly, however, the change has no measurable effect on the performance of even the most dynamic system scenarios. The apparent reason is that the parent-child interactions make up a minuscule part of the overall execution time in real-world scenarios.

Even though the architectural work mentioned above is fundamental to the Genode system as a whole, it is barely visible to users of the framework. With respect to user-visible changes, the most prominent improvement is the vastly improved infrastructure for virtual networking, which is covered in great detail in the release documentation. Further topics are the added support for using smart cards, a new VFS plugin for generating time-based passcodes, and updated versions of VirtualBox 4 and 5 running of top of NOVA. Speaking of NOVA, the release improves this kernel in several respects, in particular by adding support for asynchronous map operations. Each of the topics is covered in more depth in the release documentation.

Kaspersky Labs has developed its own operating system for switches and other networking devices.

More details will follow soon, the company promises.

Some light reading for your late Tuesday afternoon.