Puffs - Pass-To-Userspace Framework File System

Total Page:16

File Type:pdf, Size:1020Kb

Puffs - Pass-To-Userspace Framework File System puffs - Pass-to-Userspace Framework File System Antti Kantee <[email protected].fi> Helsinki University of Technology ABSTRACT Fault tolerant and secure operating systems are a worthwhile goal. Aknown method for accomplishing fault tolerance and security is isolation. This means running separate operating system services in separate protection domains so that theycannot interfere with each other,and can communicate only via well-defined messaging inter- faces. Isolation and message passing brings inherent overhead when compared to ser- vices doing communication by accessing each others memory directly.Toaddress this, the ultimate goal would be to be able to run the kernel subsystems in separate domains during development and testing, but have a drop-in availability to makethem run in ker- nel mode for performance critical application scenarios. Still today,most operating sys- tems are written purely with C and some assembly using the monolithic kernel approach, where all operating system code runs within a single protection domain. Asingle error in anysubsystem can bring the whole operating system down. This work presents puffs -the Pass-to-Userspace Framework File System - shipped with the NetBSD Operating System. It is a framework for implementing file systems out- side of the kernel in a separate protection domain in a user process. The implementation is discussed in-depth for a kernel programmer audience. The benefits in implementation simplicity and increased security and fault tolerance are argued to outweigh the measured overhead when compared with a classic in-kernel file system. Aconcrete result of the work is a completely BSD-licensed sshfs implementation. Keywords:userspace file systems, robust and secure operating systems, message-passing subsystems, BSD-licensed sshfs 1. Introduction protection domain with the popular argument "Microkernels have won",isafamous being an advantage in performance. Even if we quote from the Tanenbaum - Torvalds debate from were to disregard research which states that the the early 90’s. Microkernel operating systems are performance difference is irrelevant [2], we might associated with running the operating system ser- be willing to makeatradeofffor a more robust vices, such as file systems and networking proto- system. cols, in separate domains, and component com- Aseparate argument is that we do not need munication via message passing through channels to see issues only in black-and-white. An operat- instead of direct memory references. This is ing system’score can be monolithic with the known as isolation and provides an increase in associated tradeoffs, but offer the interfaces to system security and reliability in case of a misbe- implement some services in separate domains. having component [1]; at worst the component An HTTP server or an NFS server can be imple- can corrupt only itself instead of the entire sys- mented either as part of the monolithic kernel or tem. However, most contemporary operating sys- as a separate user process, eventhough theyboth tems still run all services inside a single have their "correct" locations of implementation. There is obviously room for both a microkernel The best known userspace file system and a monolithic kernel approach within the same framework is FUSE, Filesystem in USErspace operating system. Another relevant argument is [6]. It supports already hundreds of file systems the use of inline assembly in an operating system: written against it. On a technical level, puffs is almost everyone agrees that it is wrong, yet not fairly similar to FUSE, since theyboth export using it makes the system less performant. similar virtual file system interfaces to userspace. Clearly,performance is not everything. However, the are differences already currently in, This work presents puffs,the Pass-To- for example, pathname handling and concurrency Userspace Framework File System for NetBSD. control. The differences are expected to growas puffs provides an interface similar to the kernel the puffs project reaches future goals. Even so, virtual file system interface, vfs [3], to a user providing a source compatible interface with process. puffs attaches itself to the kernel vfs FUSE is an important goal to leverage all the layer.Itpasses requests it receivesfrom the vfs existing file systems (see Chapter 5). In the sum- interface in the kernel to userspace, waits for a mer of 2005 FUSE was available only for Linux, result and provides the caller with the result. buthas since been ported to FreeBSD in the Applications and the rest of the kernel outside of Fuse4BSD [7] project. Aderivate project of the the vfs module cannot distinguish a file system FreeBSD porting effort, MacFUSE [8], recently implemented on top of puffs from a file system added support for Mac OS X. Adownside from implemented purely in the kernel. For the the BSD point-of-viewisthat userspace library userspace implementation a library,libpuffs, is for FUSE is available only under LGPL and that provided. libpuffs not only provides a program- file systems written on top of it have a tendency ming interface to implement the file system on, of being GPL-licensed. butalso includes convenience routines commonly Apart from frameworks merely exporting required for implementing file systems. the Unix-style vfs/vnode interface to userspace puffs is envisioned to be a step in moving for file system implementation, there are systems towards a more flexible NetBSD operating sys- which completely redesign the whole concept. tem. It clearly adds a microkernel touch with the Plan 9 is Bell Labs’ operating system where the associated implications for isolation and robust- adage "everything is a file" really holds: there are ness, but also provides an environment in which no special system calls for services likethere are programming a file system is much easier than on Unix-style operating systems, where, for compared to the same task done in the kernel. example, opening a network connection requires a And instead of just creating a userspace file sys- special type of system call. Plan 9 was also tem framework, the lessons learned from doing so designed to be a distributed operating system, so will be turned upside down and the whole system all the file operations are encoded in such a way will also be improvedtobetter facilitate creating that a remote machine can decode them. As a functionality such as puffs.The latter part, how- roughly equivalent counterpart to the Unix virtual ev er, isout of the scope of this paper. file system, Plan 9 provides the 9P [9] transport protocol, which is used by clients to communicate Related Work with file servers. 9P has been adapted to for example Linux [10], but the greater problem with There are several other packages available 9P is that it is relatively different from the for building file systems in userspace. When this (Net)BSD vfs interface and it makes some project was begun in the summer of 2005, the assumptions about file systems in general not only option available for BSD was nnpfs, which is valid on Unix [10]. Therefore, it was not directly supplied as part of the Arla [4] AFS implementa- considered for the userspace library interface. tion. Arla is a portable implementation of AFS. It relies on a small kernel module, nnpfs, which DragonFly BSD has started putting forth attaches to the host operating system’skernel and effort in creating a VFS transport protocol, which, provides an interface for the actual userspace AFS like9P, would be suitable for distributed environ- implementation to talk to. Ahuge drawback was ments in which the server can exist on a different that at the time it only supported caching on a file network node than the client [11]. It is also level. Since, it has developed block levelcaching usable for implementing a file system in and some documentation on howtowrite file sys- userspace, but is a huge undertaking and restruc- tems on top of it [5]. tures much of the kernel file system code. The main reason for writing a framework from scratch is that the ultimate goal of the work puffs architecture is not to develop a userspace file system frame- work, but rather to improve the flexibility and robustness of the operating system itself. While taking a more flexible route such as that of 9P file server (4) may eventually prove tobethe right thing to do, it libpuffs (3) is easier to takensmall steps in reaching a goal and keep the system functional all the time. Cur- user rently,especially the kernel side of puffs is very /dev/puffs (2) lightweight and tries to be a good kernel citizen in not modifying the rest of the kernel. The ultimate puffs vfs module (1) goal is to gradually change this in creating a more kernel secure and reliable operating system. kernel Paper Contents user syscall Chapter 2 discusses the architecture and implementation of puffs on an in-depth technical application level. Chapter 3presents a fewfile systems built on top of puffs.Itdiscusses experiences in devel- oping them. Chapter 4 presents performance measurements and analyses the measured results. The vfs layer is made up of twoseparate Chapter 5 contains work being done currently and interfaces: the actual virtual file system interface outlines some future visions for development. and the vnode interface. The former deals with Finally,Chapter 6 provides conclusions. calls involving file system leveloperations, such as mount and unmount, while the latter always involves an operation on a file; the vnode or vir- 2. puffs Architecture tual node is an abstract, i.e. virtual, representation puffs is made up of four separate compo- of a file. nents (see figure): Vnodes are treated as reference counted 1. VFS attachment, including virtual mem- objects by the kernel. Once the reference count ory subsystem and page cache integra- for a vnode drops to zero, it is movedtothe freel- tion.
Recommended publications
  • Porting FUSE to L4re
    Großer Beleg Porting FUSE to L4Re Florian Pester 23. Mai 2013 Technische Universit¨at Dresden Fakult¨at Informatik Institut fur¨ Systemarchitektur Professur Betriebssysteme Betreuender Hochschullehrer: Prof. Dr. rer. nat. Hermann H¨artig Betreuender Mitarbeiter: Dipl.-Inf. Carsten Weinhold Erkl¨arung Hiermit erkl¨are ich, dass ich diese Arbeit selbstst¨andig erstellt und keine anderen als die angegebenen Hilfsmittel benutzt habe. Declaration I hereby declare that this thesis is a work of my own, and that only cited sources have been used. Dresden, den 23. Mai 2013 Florian Pester Contents 1. Introduction 1 2. State of the Art 3 2.1. FUSE on Linux . .3 2.1.1. FUSE Internal Communication . .4 2.2. The L4Re Virtual File System . .5 2.3. Libfs . .5 2.4. Communication and Access Control in L4Re . .6 2.5. Related Work . .6 2.5.1. FUSE . .7 2.5.2. Pass-to-Userspace Framework Filesystem . .7 3. Design 9 3.1. FUSE Server parts . 11 4. Implementation 13 4.1. Example Request handling . 13 4.2. FUSE Server . 14 4.2.1. LibfsServer . 14 4.2.2. Translator . 14 4.2.3. Requests . 15 4.2.4. RequestProvider . 15 4.2.5. Node Caching . 15 4.3. Changes to the FUSE library . 16 4.4. Libfs . 16 4.5. Block Device Server . 17 4.6. File systems . 17 5. Evaluation 19 6. Conclusion and Further Work 25 A. FUSE operations 27 B. FUSE library changes 35 C. Glossary 37 V List of Figures 2.1. The architecture of FUSE on Linux . .3 2.2. The architecture of libfs .
    [Show full text]
  • Index Images Download 2006 News Crack Serial Warez Full 12 Contact
    index images download 2006 news crack serial warez full 12 contact about search spacer privacy 11 logo blog new 10 cgi-bin faq rss home img default 2005 products sitemap archives 1 09 links 01 08 06 2 07 login articles support 05 keygen article 04 03 help events archive 02 register en forum software downloads 3 security 13 category 4 content 14 main 15 press media templates services icons resources info profile 16 2004 18 docs contactus files features html 20 21 5 22 page 6 misc 19 partners 24 terms 2007 23 17 i 27 top 26 9 legal 30 banners xml 29 28 7 tools projects 25 0 user feed themes linux forums jobs business 8 video email books banner reviews view graphics research feedback pdf print ads modules 2003 company blank pub games copyright common site comments people aboutus product sports logos buttons english story image uploads 31 subscribe blogs atom gallery newsletter stats careers music pages publications technology calendar stories photos papers community data history arrow submit www s web library wiki header education go internet b in advertise spam a nav mail users Images members topics disclaimer store clear feeds c awards 2002 Default general pics dir signup solutions map News public doc de weblog index2 shop contacts fr homepage travel button pixel list viewtopic documents overview tips adclick contact_us movies wp-content catalog us p staff hardware wireless global screenshots apps online version directory mobile other advertising tech welcome admin t policy faqs link 2001 training releases space member static join health
    [Show full text]
  • Refuse: Userspace FUSE Reimplementation Using Puffs
    ReFUSE: Userspace FUSE Reimplementation Using puffs Antti Kantee Alistair Crooks Helsinki University of Technology The NetBSD Foundation [email protected].fi [email protected] Abstract for using Gmail as a file system storage backend and FUSEPod [5] which facilitaties iPod access and man- In an increasingly diverse and splintered world, agement. interoperability rules. The ability to leverage code Userspace file systems operate by attaching an in- written for another platform means more time and re- kernel file system to the kernel’s virtual file system sources for doing new and exciting research instead layer, vfs [17]. This component transforms incoming of reinventing the wheel. Interoperability requires requests into a form suitable for delivery to userspace, standards, and as the saying goes, the best part of sends the request to userspace, waits for a response, standards is that everyone can have their own. How- interprets the result and feeds it back to caller in the ever, in the userspace file system world, the Linux- kernel. The kernel file system calling conventions originated FUSE is the clear yardstick. dictate how to interface with the virtual file system In this paper we present ReFUSE, a userspace layer, but other than that the userspace file systems implementation of the FUSE interface on top of the framework is free to decide how to operate and what NetBSD native puffs (Pass-to-Userspace Framework kind of interface to provide to userspace. File System) userspace file systems framework. We While extending the operating system to userspace argue that an additional layer of indirection is the is not a new idea [12, 21], the FUSE [2] userspace right solution here, as it allows for a more natural file systems interface is the first to become a veri- export of the kernel file system interface instead of table standard.
    [Show full text]
  • Fs-Utils: File Systems Access Tools for Userland
    Fs-utils: File Systems Access Tools for Userland Arnaud Ysmal ([email protected]) and Antti Kantee ([email protected].fi) September 2009 Abstract consider the connection to the server to be the file sys- tem image. Currently, file system access is done either through File systems can be accessed by kernel drivers (what a kernel driver or a specialized userspace program. we do when using mount) or by userland tools. In this In the former case the file system is mounted with paper, we focus on the latter, or more precisely on user- the mount utility and then accessed with standard land tools using the file system code from the NetBSD userspace tools such as cat. An example of the latter kernel. This principle is implemented on NetBSD and case is the mtools utility suite which allows to access known as RUMP (Runnable Userspace Meta Program) msdos file systems. [1]. We can also use NetBSD kernel code in userspace The NetBSD Runnable Userspace Meta Program on non-NetBSD operating systems, as we show later (RUMP) framework enables the use of kernel file sys- in this paper. tem drivers as part of userspace programs. By building The rest of this paper is organized as follows. The upon RUMP and NetBSD base system utilities such as remainder of this Section will present fs-utils and ex- ls and cp, we have created the fs-utils application suite. plain what we wanted to achieve by creating this new It provides mtools-like file system access without re- set of tools. Section 2 focuses on the way it was de- quiring mount privileges or an in-kernel driver.
    [Show full text]
  • Recycling RAM Content After Reboots
    Wiederverwendung des RAM Inhalts nach Neustarts BACHELORARBEIT zur Erlangung des akademischen Grades Bachelor of Science im Rahmen des Studiums Software & Information Engineering eingereicht von Manuel Wiesinger Matrikelnummer 0825632 an der Fakultät für Informatik der Technischen Universität Wien Betreuung: Ao.Univ.Prof. Anton Ertl Wien, 27. Juni 2016 Manuel Wiesinger Anton Ertl Technische Universität Wien A-1040 Wien Karlsplatz 13 Tel. +43-1-58801-0 www.tuwien.ac.at Recycling RAM content after reboots BACHELOR’S THESIS submitted in partial fulfillment of the requirements for the degree of Bachelor of Science in Software & Information Engineering by Manuel Wiesinger Registration Number 0825632 to the Faculty of Informatics at the Vienna University of Technology Advisor: Ao.Univ.Prof. Anton Ertl Vienna, 27th June, 2016 Manuel Wiesinger Anton Ertl Technische Universität Wien A-1040 Wien Karlsplatz 13 Tel. +43-1-58801-0 www.tuwien.ac.at Erklärung zur Verfassung der Arbeit Manuel Wiesinger Hiermit erkläre ich, dass ich diese Arbeit selbständig verfasst habe, dass ich die verwen- deten Quellen und Hilfsmittel vollständig angegeben habe und dass ich die Stellen der Arbeit – einschließlich Tabellen, Karten und Abbildungen –, die anderen Werken oder dem Internet im Wortlaut oder dem Sinn nach entnommen sind, auf jeden Fall unter Angabe der Quelle als Entlehnung kenntlich gemacht habe. Wien, 27. Juni 2016 Manuel Wiesinger v Acknowledgements First of all, I would like to thank my supervisor Anton Ertl, for his time and ideas, and especially for patiently waiting for me to start writing. My gratitude extends to the people who contributed to the NetBSD project, and to all other free software projects essential for this thesis.
    [Show full text]
  • CYBERSECURITY When Will You Be Hacked?
    SUFFOLK ACADEMY OF LAW The Educational Arm of the Suffolk County Bar Association 560 Wheeler Road, Hauppauge, NY 11788 (631) 234-5588 CYBERSECURITY When Will You Be Hacked? FACULTY Victor John Yannacone, Jr., Esq. April 26, 2017 Suffolk County Bar Center, NY Cybersecurity Part I 12 May 2017 COURSE MATERIALS 1. A cybersecurity primer 3 – 1.1. Cybersecurity practices for law firms 5 – 1.2. Cybersecurity and the future of law firms 11 – 2. Information Security 14 – 2.1. An information security policy 33 – 2.2. Data Privacy & Cloud Computing 39 – 2.3. Encryption 47 – 3. Computer security 51 – 3.1. NIST Cybersecurity Framework 77 – 4. Cybersecurity chain of trust; third party vendors 113 – 5. Ransomware 117 – 5.1. Exploit kits 132 – 6. Botnets 137 – 7. BIOS 139 – 7.1. Universal Extensible Firmware Interface (UEFI) 154– 8. Operating Systems 172 – 8.1. Microsoft Windows 197 – 8.2. macOS 236– 8.3. Open source operating system comparison 263 – 9. Firmware 273 – 10. Endpoint Security Buyers Guide 278 – 11. Glossaries & Acronym Dictionaries 11.1. Common Computer Abbreviations 282 – 11.2. BABEL 285 – 11.3. Information Technology Acronymns 291 – 11.4. Glossary of Operating System Terms 372 – 2 Cyber Security Primer Network outages, hacking, computer viruses, and similar incidents affect our lives in ways that range from inconvenient to life-threatening. As the number of mobile users, digital applications, and data networks increase, so do the opportunities for exploitation. Cyber security, also referred to as information technology security, focuses on protecting computers, networks, programs, and data from unintended or unauthorized access, change, or destruction.
    [Show full text]
  • Puffs - Pass-To-Userspace Framework File System Asiabsdcon 2007 Tokyo, Japan
    puffs - Pass-to-Userspace Framework File System AsiaBSDCon 2007 Tokyo, Japan Antti Kantee [email protected] Helsinki University of Technology Antti Kantee<[email protected].fi> : 1 Talk structure • what is puffs? • why do we care? • puffs architecture overview • kernel and transport mechanism • userspace components • example file systems • measured performance figures • compatibility • future work • conclusions Antti Kantee<[email protected].fi> : 2 Introduction to puffs Pass-to-Userspace Framework File System • passes file system interface to userspace and provides a framework • kernel interface: VFS • userspace interface: almost VFS • userspace library provides convenience functions such as continuation support • NetBSD-current (4.0 will have some support) Why the name puffs? • puff pastry, increases in volume when baked Antti Kantee<[email protected].fi> : 3 Why userspace file systems • fault tolerance and isolation: one error doesn’t bring the system down • easier to program • easier to test • easier to debug, single-step and do iteration • do we really need all the error-prone namespace management for example for procfs in the kernel? • libraries and pre-existing software: most of the time written against POSIX instead of the BSD kernel Antti Kantee<[email protected].fi> : 4 puffs architecture 1. vfs module mar- file server (4) shalls request libpuffs (3) 2. requests are trans- user /dev/puffs (2) vfs module (1) ported to userspace kernel kernel 3. library decodes and dispatches request user syscall application 4. file server handles request • result passed back Antti Kantee<[email protected].fi> : 5 VFS module • attach puffs to kernel like all file systems • interpret incoming requests, convert to transport-suitable format and queue request to file server • police duty making sure file server plays nice • vnode -> file server node -> vnode handled with cookies, file server selects cookie value when it creates a node • short-circuit unimplemented operations • integrate to UBC • snapshot support Antti Kantee<[email protected].fi> : 6 Messaging format • nothing to write a slide about ...
    [Show full text]
  • Flexible Operating System Internals: the Design and Implementation of the Anykernel and Rump Kernels Aalto University
    Department of Computer Science and Engineering Aalto- Antti Kantee DD Flexible Operating System 171 / 2012 2012 Internals: FlexibleSystemOperating Internals: TheDesign andImplementation theofandAnykernelRump Kernels The Design and Implementation of the Anykernel and Rump Kernels Antti Kantee 9HSTFMG*aejbgi+ ISBN 978-952-60-4916-8 BUSINESS + ISBN 978-952-60-4917-5 (pdf) ECONOMY ISSN-L 1799-4934 ISSN 1799-4934 ART + ISSN 1799-4942 (pdf) DESIGN + ARCHITECTURE UniversityAalto Aalto University School of Science SCIENCE + Department of Computer Science and Engineering TECHNOLOGY www.aalto.fi CROSSOVER DOCTORAL DOCTORAL DISSERTATIONS DISSERTATIONS "BMUP6OJWFSTJUZQVCMJDBUJPOTFSJFT %0$503"-%*44&35"5*0/4 &2#&ŗ*,.#(!ŗ3-.'ŗ (.,(&-Ćŗ "ŗ-#!(ŗ(ŗ '*&'(..#)(ŗ) ŗ."ŗ (3%,(&ŗ(ŗ/'*ŗ ,(&-ŗ "OUUJ,BOUFF "EPDUPSBMEJTTFSUBUJPODPNQMFUFEGPSUIFEFHSFFPG%PDUPSPG 4DJFODFJO5FDIOPMPHZUPCFEFGFOEFE XJUIUIFQFSNJTTJPOPGUIF "BMUP6OJWFSTJUZ4DIPPMPG4DJFODF BUBQVCMJDFYBNJOBUJPOIFMEBU UIFMFDUVSFIBMM5PGUIFTDIPPMPO%FDFNCFSBUOPPO "BMUP6OJWFSTJUZ 4DIPPMPG4DJFODF %FQBSUNFOUPG$PNQVUFS4DJFODFBOE&OHJOFFSJOH 4VQFSWJTJOHQSPGFTTPS 1SPGFTTPS)FJLLJ4BJLLPOFO 1SFMJNJOBSZFYBNJOFST %S.BSTIBMM,JSL.D,VTJDL 64" 1SPGFTTPS3FO[P%BWPMJ 6OJWFSTJUZPG#PMPHOB *UBMZ 0QQPOFOU %S1FUFS5SÍHFS )BTTP1MBUUOFS*OTUJUVUF (FSNBOZ "BMUP6OJWFSTJUZQVCMJDBUJPOTFSJFT %0$503"-%*44&35"5*0/4 "OUUJ,BOUFFQPPLB!JLJGJ 1FSNJTTJPOUPVTF DPQZ BOEPSEJTUSJCVUFUIJTEPDVNFOUXJUIPS XJUIPVUGFFJTIFSFCZHSBOUFE QSPWJEFEUIBUUIFBCPWFDPQZSJHIU OPUJDFBOEUIJTQFSNJTTJPOOPUJDFBQQFBSJOBMMDPQJFT%JTUSJCVUJOH NPEJGJFEDPQJFTJTQSPIJCJUFE *4#/ QSJOUFE *4#/
    [Show full text]
  • Kernel Development in Userspace - the Rump Approach
    Kernel Development in Userspace - The Rump Approach Antti Kantee Helsinki University of Technology [email protected].fi Abstract Where the dependencies for desired source code involve kernel code which requires the privileged CPU mode, a In this paper we explore the use of the NetBSD Runnable reimplementation suitable for userspace is provided. Userspace Meta Program (rump) framework for kernel The term ”rump” is also used to describe a userlevel development. Rump enables running kernel components program which uses the rump framework to run kernel in userspace without code modification. Examples in- code in userspace. Additionally, we use the term ”rump clude file systems, the networking stack, and the kernel kernel” to describe the kernel source code and the depen- entry points for a large number of system calls. This dencies reimplemented for userspace. makes it possible to develop, debug and test kernel code Doing kernel development in userspace has numerous as a normal userspace application with all the associated advantages. The main benefit is the light speed testing benefits over work done directly in the kernel. cycle: bootstrapping the rump kernel takes just microsec- This paper describes how, why and when to use rump onds, so testing changes is typically extremely fast. Ad- for kernel development. It does not delve into the secrets ditionally, a kernel panic always means an application of the implementation of the framework or evaluate the core dump on the file system, so examining the state after framework in any other sense apart from its usefulness a crash is straightforward. Unmodified userspace tools in kernel development.
    [Show full text]
  • Rump File Systems: Kernel Code Reborn
    Rump File Systems: Kernel Code Reborn Antti Kantee Helsinki University of Technology [email protected].fi Abstract ming and a more casual development style for userspace. The question stems from the different programming en- When kernel functionality is desired in userspace, the vironments offered by the two choices. Even if code common approach is to reimplement it for userspace in- written for the kernel is designed to be run in userspace terfaces. We show that use of existing kernel file sys- for testing, it is most likely implemented with #ifdef, tems in userspace programs is possible without modify- crippled and does not support all features of kernel mode. ing the kernel file system code base. Two different op- Typical operating system kernels offer multitudes of erating modes are explored: 1) a transparent mode, in tested and working code with reuse potential. A good which the file system is mounted in the typical fashion illustration is file system code, which in the case of most by using the kernel code as a userspace server, and 2) a operating systems also comes with a virtual file system standalone mode, in which applications can use a kernel abstraction [18] making access file system independent. file system as a library. The first mode provides isola- By making kernel file systems function in userspace, tion from the trusted computing base and a secure way existing code can be utilized for free in applications. We for mounting untrusted file systems on a monolithic ker- accomplished this by creating a shim layer to emulate nel. The second mode is useful for file system utilities enough of the kernel to make it possible to link and run and applications, such as populating an image or view- the kernel file system code.
    [Show full text]
  • Freebsd Documentation Release 10.1
    FreeBSD Documentation Release 10.1 Claudia Mane July 12, 2015 Contents 1 &title; 3 1.1 What is FreeBSD?............................................3 1.2 Cutting edge features...........................................3 1.3 Powerful Internet solutions........................................3 1.4 Advanced Embedded Platform......................................3 1.5 Run a huge number of applications...................................3 1.6 Easy to install..............................................4 1.7 FreeBSD is free .............................................4 1.8 Contributing to FreeBSD.........................................4 2 &title; 5 2.1 Introduction...............................................5 3 &title; 15 3.1 Experience the possibilities with FreeBSD............................... 15 3.2 FreeBSD is a true open system with full source code........................... 15 3.3 FreeBSD runs thousands of applications................................. 15 3.4 FreeBSD is an operating system that will grow with your needs..................... 16 3.5 What experts have to say . ........................................ 16 4 &title; 17 4.1 BSD Daemon............................................... 17 4.2 “Powered by FreeBSD” Logos...................................... 19 4.3 Old Advertisement Banners....................................... 19 4.4 Graphics Use............................................... 19 4.5 Trademarks................................................ 20 5 &title; 21 6 &title; 23 6.1 Subversion...............................................
    [Show full text]
  • From Roof to Basement - Netbsd Introduction & Status Report
    From roof to basement - NetBSD Introduction & Status Report - Hubert Feyrer <[email protected]> Contents ● What does NetBSD look like? ● So what is NetBSD? ● Introducing NetBSD: Some Applications & Products ● NetBSD 4 and beyond What does NetBSD look like? NetBSD looks like ... KDE NetBSD looks like ... GNOME NetBSD looks like ... XFCE NetBSD looks like ... Xen So what is NetBSD? NetBSD is ... ● A descendant of 4.4BSD Unix ● A “general purpose” Unix/Linux-like Open Source Operating System ● Not Linux – NetBSD has its own kernel and userland ● A small core system that can be adjusted for many purposes via pkgsrc: Desktop, Web and Database servers, Firewalls, ... ● Secure and Performant, of course! ● Focussed on multiplatform portability Features: Thousands of packages via pkgsrc Many areas of application One Operating System, 1 Source Modern & Vintage Hardware More than fifty Hardware Platforms Introducing NetBSD: Some Applications & Products NetBSD from roof to basement: On Air International Space Station, on-plane systems Roof WaveLAN routers, surveillance cameras, embedded boards Office Highspeed networking, desktop, Embedded development Entertainment Various game consoles and robots Basement Storage solutions, servers “Commodity” Networking: ● Various WLAN-Routers and Access-Points by Allied Telesis, IIJ/Root and Apple: ● Seclarity's SiNic Router-on-a-card ● Avocent KVM Switches ● Surveillance- and Webcams by SGI, Panasonic and Brains Inc. Embedded Boards: PowerPC, MIPS ● MIPS – NetBSD/evbmips ● Malta 4/5kc, Access Cube, AMD Alchemy, Atheros, Meraki Mini ● PowerPC – NetBSD/evbppc ● Virtex-4 ML403 FPGA, Motorola Walnut, Marvell, Plat'Home OpenBlockS Embedded boards: SH3/4, ARM ● Super-Hitachi - NetBSD/sh3 ● CqREEK, Computes 7709, KZ-SH4-01: ● ARM, StrongARM, Xscale – NetBSD/evbarm ● Mesa 4C81, Gumstix + peripherals, Technologic Systems' TS-7200, ..
    [Show full text]