mirror of
https://github.com/genodelabs/genode.git
synced 2024-12-19 05:37:54 +00:00
Genode OS Framework
armcpluspluscppframeworkgenodegoahypervisorlinuxmicrokernelnovaobject-capabilitiesoperating-systemosdevriscvsculpt-ossel4virtualizationx86
ab0bce77ec
Both the Wifi driver and the WireGuard port used local implementations for their source of randomness. Wifi used a Xoroshiro128+ PRNG for rapid generation of random values but initialized this PRNG always with the same static seed value. WireGuard, in contrast, requested each random byte directly from the jitterentropy lib, which is considered to be very time intensive. This commit removes the local variants of random.cc and introduces a new centralized lx_emul/random.cc . The new variant combines the former approaches, so, that jitterentropy is accessed only in order to generate a random seed for a Xoroshiro128+ PRNG. Front-end requests for random values are then fulfilled efficiently via the PRNG. :Warning: The output of the Xoroshiro128+ PRNG that is used in the new implementation of the lx_emul randomness functions has known statistical problems (see https://en.wikipedia.org/wiki/Xoroshiro128%2B#Statistical_Quality). Furthermore, the integration of Xoroshir128+ with the lx_emul code was not reviewed/audited for its security-related properties, so far, and has the known deficiency of seeding the PRNG only once during initialization. Thus, we strongly advise against the use of the lx_emul randomness functions for security-critical purposes. Ref #4397 |
||
|---|---|---|
| doc | ||
| repos | ||
| tool | ||
| .gitignore | ||
| LICENSE | ||
| README | ||
| VERSION | ||
=================================
Genode Operating System Framework
=================================
This is the source tree of the reference implementation of the Genode OS
architecture. For a general overview about the architecture, please refer to
the project's official website:
:Official project website for the Genode OS Framework:
[https://genode.org/documentation/general-overview]
The current implementation can be compiled for 8 different kernels: Linux,
L4ka::Pistachio, L4/Fiasco, OKL4, NOVA, Fiasco.OC, seL4, and a custom
kernel for running Genode directly on ARM-based hardware. Whereas the Linux
version serves us as development vehicle and enables us to rapidly develop the
generic parts of the system, the actual target platforms of the framework are
microkernels. There is no "perfect" microkernel - and neither should there be
one. If a microkernel pretended to be fit for all use cases, it wouldn't be
"micro". Hence, all microkernels differ in terms of their respective features,
complexity, and supported hardware architectures.
Genode allows the use of each of the kernels listed above with a rich set of
device drivers, protocol stacks, libraries, and applications in a uniform way.
For developers, the framework provides an easy way to target multiple different
kernels instead of tying the development to a particular kernel technology. For
kernel developers, Genode contributes advanced workloads, stress-testing their
kernel, and enabling a variety of application use cases that would not be
possible otherwise. For users and system integrators, it enables the choice of
the kernel that fits best with the requirements at hand for the particular
usage scenario.
Documentation
#############
The primary documentation is the book "Genode Foundations", which is available
on the front page of Genode website:
:Download the book "Genode Foundations":
[https://genode.org]
The book describes Genode in a holistic and comprehensive way. It equips you
with a thorough understanding of the architecture, assists developers with the
explanation of the development environment and system configuration, and
provides a look under the hood of the framework. Furthermore, it contains the
specification of the framework's programming interface.
The project has a quarterly release cycle. Each version is accompanied with
detailed release documentation, which is available at the documentation
section of the project website:
:Release documentation:
[https://genode.org/documentation/release-notes/]
Directory overview
##################
The source tree is composed of the following subdirectories:
:'doc':
This directory contains general documentation along with a comprehensive
collection of release notes.
:'repos':
This directory contains the source code, organized in so-called source-code
repositories. Please refer to the README file in the 'repos' directory to
learn more about the roles of the individual repositories.
:'tool':
Source-code management tools and scripts. Please refer to the README file
contained in the directory.
:'depot':
Directory used by Genode's package-management tools. It contains the public
keys and download locations of software providers.
Additional community-maintained components
##########################################
The components found within the main source tree are complemented by a growing
library of additional software, which can be seamlessly integrated into Genode
system scenarios.
:Genode-world repository:
[https://github.com/genodelabs/genode-world]
Contact
#######
The best way to get in touch with Genode developers and users is the project's
mailing list. Please feel welcome to join in!
:Genode Mailing Lists:
[https://genode.org/community/mailing-lists]
Commercial support
##################
The driving force behind the Genode OS Framework is the German company Genode
Labs. The company offers commercial licensing, trainings, support, and
contracted development work:
:Genode Labs website:
[https://www.genode-labs.com]