Compartmentalized computing with CLIP OS


The design of CLIP OS 5 includes three elements: a bootloader, a core system, and the cages. The system uses secure boot with signed binaries. Only the x86 architecture was supported in the previous versions, and there are no other architectures in the plan for now. The core system is based on Hardened Gentoo. Finally, the cages provide user sessions, with applications and documents.
Processes running in separate cages cannot communicate directly. Instead, they must pass messages using special services on the core system; these services are unprivileged and confined on the cage system, but privileged on the core. These communication paths are shown in this architecture diagram from the documentation. Cages are also isolated from the core system itself — all interactions (system calls, for example) are checked and go through mediation services. The isolation between applications will be using containers, and the team plans to use the Flatpak format. The details of the CLIP OS 5 implementation are not available yet, as this feature is planned for the stable release.
A specific Linux security module (LSM) inspired from Linux-VServer will be used to add additional isolation between the cages, and between the cages and the core system. Linux-VServer is a virtual private server implementation designed for web hosting. It implements partitioning of a computer system in terms of CPU time, memory, the filesystem, and network addressing into security contexts. Starting and stopping a new virtual server corresponds to setting up and tearing down a security context.
-
- Login or register to post comments
Printer-friendly version
- 2228 reads
PDF version
More in Tux Machines
- Highlights
- Front Page
- Latest Headlines
- Archive
- Recent comments
- All-Time Popular Stories
- Hot Topics
- New Members
Variscite unveils two i.MX8 QuadMax modules
Variscite announced Linux-powered “VAR-SOM-MX8” and “SPEAR-MX8” modules with an up to an i.MX8 QuadMax SoC plus up to 8GB LPDDR4 and 64GB eMMC. It also previewed a VAR-SOM-6UL COM.
At Embedded World next week in Nuremberg, Germany, Variscite will showcase its Linux and Android driven i.MX8-family computer-on-modules, including new VAR-SOM-MX8 and SPEAR-MX8 modules that feature NXP’s highest-end i.MX8 SoC up to a QuadMax model (see farther below). We have already covered most of the other showcased products, including the 14nm fabricated, quad -A53 i.MX8M Mini based DART-MX8M-Mini. When we covered the DART-MX8M-Mini in September, Variscite didn’t have an image or product page, but both are now available here
| Android Leftovers
|
Programming: Developer Happiness, Rblpapi 0.3.8 and Python
| Games: Steam, Devil Engine, City Game Studio and More
|
Recent comments
11 hours 20 min ago
22 hours 32 min ago
23 hours 12 min ago
1 day 2 hours ago
1 day 4 hours ago
1 day 4 hours ago
1 day 5 hours ago
1 day 6 hours ago
1 day 12 hours ago
1 day 12 hours ago