Language Selection

English French German Italian Portuguese Spanish

Compartmentalized computing with CLIP OS

Filed under
OS
Gentoo

The design of CLIP OS 5 includes three elements: a bootloader, a core system, and the cages. The system uses secure boot with signed binaries. Only the x86 architecture was supported in the previous versions, and there are no other architectures in the plan for now. The core system is based on Hardened Gentoo. Finally, the cages provide user sessions, with applications and documents.

Processes running in separate cages cannot communicate directly. Instead, they must pass messages using special services on the core system; these services are unprivileged and confined on the cage system, but privileged on the core. These communication paths are shown in this architecture diagram from the documentation. Cages are also isolated from the core system itself — all interactions (system calls, for example) are checked and go through mediation services. The isolation between applications will be using containers, and the team plans to use the Flatpak format. The details of the CLIP OS 5 implementation are not available yet, as this feature is planned for the stable release.

A specific Linux security module (LSM) inspired from Linux-VServer will be used to add additional isolation between the cages, and between the cages and the core system. Linux-VServer is a virtual private server implementation designed for web hosting. It implements partitioning of a computer system in terms of CPU time, memory, the filesystem, and network addressing into security contexts. Starting and stopping a new virtual server corresponds to setting up and tearing down a security context.

Read more

More in Tux Machines

Graphics: Red Hat's Wayland Agenda and AMD Begins Queueing Graphics Driver Changes For The Linux 5.3 Kernel

  • Hans de Goede: Wayland itches summary
    1. Middle click on title / header bar to lower the Window does not work for native apps. Multiple people have reported this issue to me. A similar issue was fixed for not being able to raise Windows. It should be easy to apply a similar fix for the lowering problem. There are bugs open for this here, here and here. 2. Running graphical apps via sudo or pxexec does not work. There are numerous examples of apps breaking because of this, such as lshw-gui and usbivew. At least for X11 apps this is not that hard to fix. But sofar this has deliberately not been fixed. The reasoning behind this is described in this bug. I agree with the reasoning behind this, but I think it is not pragmatic to immediately disallow all GUI apps to connect when run as root starting today.
  • Hans de Goede: Better support for running games under Wayland (with GNOME3/mutter as compositor)
    First of all I do not want people to get their hopes up about $subject of this blogpost. Improving gaming support is a subjects which holds my personal interest and it is an issue I plan to spend time on trying to improve. But this will take a lot of time (think months for simple things, years for more complex things).
  • AMD Begins Queueing Graphics Driver Changes For The Linux 5.3 Kernel
    Being past the Linux 5.2 kernel merge window, AMD's open-source Linux graphics driver developers have already begun queuing changes anticipated for Linux 5.3 via a work-in-progress tree. Given the short time that this 5.3 WIP tree has been around, there isn't too much exciting about the changes -- yet. But surely over the weeks ahead it will get interesting. Making things particularly interesting is that we are expecting initial Navi support to make it for Linux 5.3... In recent weeks AMD began pushing AMDGPU LLVM compiler back-end changes for GFX10/Navi and we expect the AMDGPU DRM kernel driver enablement to come for Linux 5.3. Linux 5.3 will already be arriving after the rumored release of the first Navi graphics cards so having to wait past 5.3 for mainline support would already be tragic. But given the recent LLVM activity, we expect AMD to push out the Navi kernel driver changes soon. For that likely massive patch-set to be reviewed in time, the Navi patches would need to make their debut within the next few weeks.

today's howtos and programming

Fedora 30 Workstation review - Smarter, faster and buggier

Fedora 30 is definitely one of the more interesting releases of this family in a long-time. It brings significant changes, including solid improvements in the desktop performance and responsiveness. Over the years, Fedora went from no proprietary stuff whatsoever to slowly acknowledging the modern needs of computing, so now it gives you MP3 codecs and you can install graphics drivers and such. Reasonable looks, plus good functionality across the board. However, there were tons of issues, too. Printing to Samba, video screenshot bug, installer cropped-image slides, package management complications, mouse cursor lag, oopses, average battery life, and inadequate usability out of the box. You need to change the defaults to have a desktop that can be used in a quick, efficient way without remembering a dozen nerdy keyboard shortcuts. All in all, I like the freshness. In general, it would seem the Linux desktop is seeing a cautious revival, and Fedora's definitely a happy player. But there are too many rough edges. Well, we got performance tweaks after so many years, and codecs, we might get window buttons and desktop icons one day back, too. Something like 6/10, and definitely worth exploring. I am happy enough to do two more tests. I will run an in-vivo upgrade on the F29 instance on this same box, and then also test the distro on an old Nvidia-powered laptop, which will showcase both the support for proprietary graphics (didn't work the last time) and performance improvements, if they scale for old hardware, too. That's all for now. Read more

Events: Automotive at LF, Linux Clusters Institute, Linux Plumbers Conference (LPC)

  • Automotive Linux Summit and Open Source Summit Japan Keynote Speakers and Schedule Announced
    The Linux Foundation, the nonprofit organization enabling mass innovation through open source has announced the speaker line up for Open Source Summit Japan and Automotive Linux Summit. One registration provides access to all content at both events, which will be held July 17-19 at the Toranomon Hills Forum in Tokyo. Open Source Summit Japan (OSSJ) and Automotive Linux Summit (ALS) will bring together top talent from companies on the leading edge of innovation including Toyota Motor Corporation, Uber, Intel, Sony, Google, Microsoft and more. Talks will cover a range of topics, with ALS talks on everything from infrastructure and hardware to compliance and security; and OSSJ sessions on AI, Linux systems, cloud infrastructure, cloud native applications, open networking, edge computing, safety and security and open source best practices.
  • Register Now for the 2019 Introductory Linux Clusters Institute Workshop
    Registration is now open for the 2019 Linux Clusters Institute (LCI) Introductory Workshop,which will be held August 19-23, 2019 at the Rutgers University Inn & Conference Center in New Brunswick, NJ. This workshop will cover the fundamentals of setting up and administering a high-performance computing (HPC) cluster and will be led by leading HPC experts.
  • Additional early bird slots available for LPC 2019
    The Linux Plumbers Conference (LPC) registration web site has been showing “sold out” recently because the cap on early bird registrations was reached. We are happy to report that we have reviewed the registration numbers for this year’s conference and were able to open more early bird registration slots. Beyond that, regular registration will open July 1st. Please note that speakers and microconference runners get free passes to LPC, as do some microconference presenters, so that may be another way to attend the conference. Time is running out for new refereed-track and microconference proposals, so visit the CFP page soon. Topics for accepted microconferences are welcome as well.