DOCSLIB.ORG

Open Anuj-Dissertation.Pdf

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Open Anuj-Dissertation.Pdf The Pennsylvania State University The Graduate School PROVIDING VERIFIABLE INTEGRITY ON MOBILE PLATFORMS A Thesis in Electrical Engineering by Anuj Sawani c 2008 Anuj Sawani Submitted in Partial Fulfillment of the Requirements for the Degree of Master of Science August 2008 The thesis of Anuj Sawani was reviewed and approved∗ by the following: Trent Ray Jaeger Associate Professor of Computer Science and Engineering Thesis Co-Adviser George Kesidis Professor of Electrical Engineering and Computer Science and Engineering Thesis Co-Adviser Ken Jenkins Professor and Head of the Department of Electrical Engineering ∗Signatures are on file in the Graduate School. Abstract Mobile phone systems are becoming as advanced and powerful as desktop comput- ers. They now provide services beyond telephony, such as browsing the internet, personal information management or even playing games. However, third-party ap- plications, such as mobile games, could execute malware on the phone and threaten to affect the integrity of trusted software like mobile banking clients. The goal is to prevent trusted data or code from being affected by untrusted software with mini- mum overhead. The phone has limited processing power and we aim to show that an optimized security framework running on the phone does not affect the performance significantly. We use the Security Enhanced Linux (SELinux) framework combined with Policy Reduced Integirty Measurement Architecture (PRIMA) to provide in- tegrity guarantees to remote parties. Each of these components have been ported to work with an ARM-based platform. Further, the SELinux policy loaded at boot time also ensures that the trusted software is not compromised at any time. On average, we found that the phone takes approximately 0.03 seconds to perform an integrity measurement on a 150KB file. This negligible overhead does not affect performance significantly while assuring integrity of the phone. Our work shows that the approach is practical and will provide a basis for the future development of a standard security framework for mobile phone systems. iii Table of Contents List of Figures vii List of Tables viii Acknowledgments ix Chapter 1 Introduction 1 1.1 The Mobile Era . 1 1.2 Open Mobile Phone Systems . 2 1.2.1 Linux as a Mobile Platform . 3 1.3 Thesis Contribution . 3 1.4 Thesis Structure . 5 Chapter 2 Background 7 2.1 Mobile Phone Architecture . 7 2.1.1 Linux-based Mobile Phones . 7 2.1.2 OpenMoko Software Stack . 9 2.2 SELinux and Integrity Measurement . 11 2.2.1 Trusted Platform Module (TPM) . 11 2.2.2 Integrity Models . 12 2.2.3 Integrity Measurement Architecture(IMA) . 13 2.2.4 Policy Reduced Integrity Measurement Architecture (PRIMA) 14 2.3 Cross-compiling for ARM CPU . 15 Chapter 3 Related Work 17 iv 3.1 Software based Integrity Measurement on Embedded Platforms . 18 3.1.1 SWATT and Genuinity . 18 3.1.1.1 Attack on Genuinity . 19 3.1.2 Pioneer . 19 3.1.3 Energy and Execution Time Analysis of Software based TPM 20 3.2 Hardware based Integrity Measurement on Embedded Platforms . 20 3.2.1 ARM TrustZone . 20 3.2.2 Intel's Authenticated Flash . 22 3.3 Linux-based Mobile Security Solutions . 22 3.3.1 Montavista's Mobilinux . 22 3.3.2 Motorola's MotoAC . 23 Chapter 4 Vulnerability and Security Analysis of Mobile Platforms 24 4.1 Threat Model . 24 4.1.1 Physical device access . 25 4.1.2 Wireless Attacks . 25 4.1.3 DoS attacks . 26 4.1.4 Network attacks . 26 4.1.5 Worms and Virus . 26 4.2 Linux Platform . 27 4.2.1 Montavista Linux . 27 4.2.1.1 Motorola A780 . 27 4.2.1.2 Motorola A1200 . 31 4.2.2 OpenMoko . 33 4.3 Symbian Platform . 35 Chapter 5 Approach 36 5.1 The Goal . 36 5.2 System Architecture . 37 5.3 SELinux . 38 5.4 Integrity Measurement . 38 5.5 System Security . 39 Chapter 6 Building a Mobile Platform with Integrity Measurement 41 6.1 Experimental Setup . 41 6.1.1 Evaluation Board . 42 6.1.2 OpenMoko Phone . 43 v 6.2 Cross-compiling with OpenEmbedded . 44 6.2.1 Basic concepts of OpenEmbedded . 45 6.3 Enabling SELinux . 46 6.3.1 SELinux Policy design . 47 6.4 Modifications . 48 6.4.1 Kernel . 49 6.4.1.1 JFFS2 and xattr support . 50 6.4.2 RootFS . 50 6.4.3 Software Installer . 50 6.5 Verifying integrity measurement . 51 6.5.1 Package Installer . 52 6.5.1.1 Install a trusted package . 52 6.5.1.2 Install an untrusted package . 52 6.5.1.3 Invoke installer by an untrusted process . 53 6.6 Performance Results on Mobile Hardware . 53 Chapter 7 Conclusion 56 Bibliography 58 vi List of Figures 2.1 Organization of on-board flash memory of Linux mobile phones . 8 2.2 Openmoko Software Stack . 10 2.3 The decision process of SELinux . 12 3.1 ARM TrustZone System Architecture . 21 3.2 Intel's Authenticated Flash . 22 4.1 Motorola A780's Bootloader Mode . 30 4.2 The functioning of gsmd ........................ 34 5.1 The proposed mobile phone system architecture . 37 6.1 Overview of the integrity framework ported for mobile phone hard- ware ................................... 42 6.2 The OMAP 5912 OSK Evaluation Board . 43 6.3 Implementation of the filtering interface in the software installer . 49 vii List of Tables 4.1 A possible mapping of mux devices . 32 6.1 Comparison of boot time on the Openmoko phone . 54 6.2 Time taken to measure files of varying sizes . 54 6.3 Output of openssl speed sha1 - speed measurement of SHA1 hash 55 viii Acknowledgments First and foremost, I would like to offer my sincerest gratitude to my advisor, Dr. Trent Jaeger, who has supported me with his knowledge, guidance, patience and encouragement during the course of my research. He steered me in the right direction whenever I needed it and without him, this thesis would not have been possible. I would also like to thank my student colleagues, Divya Muthukumaran, Mo- hamed Hassan and Josh Schiffman with whom I collaborated during my research. Each of us with our own expertise complemented each other perfectly as a team. I am grateful to the Penn State Systems and Internet Infrastructure Security (SIIS) laboratory where I did my research. I would also like to thank my committee members, Dr. George Kesidis and Dr. Ken Jenkins for supporting my thesis and research. Finally, I thank my parents for supporting me throughout my studies at the university. ix Chapter 1 Introduction 1.1 The Mobile Era In the last decade, cellular phones have evolved tremendously. In the beginning, mobile phones were huge impractical devices whose functions supported only mak- ing calls or receiving calls. Very soon, they started supporting short messaging services while the size of mobile phones became smaller. But now, mobile devices are capable of performing every function that a desktop computer can perform. We now term these phones as smart phones. These phones are very powerful com- puting devices that are capable of functions like Email, Web Browsing, Personal Information Management and run custom applications. In 2007, more than 1.15 billion phones were sold worldwide. This large number emphasizes the widespread reach of mobile phones currently. Most users of these phones install third party applications at some point of time while using the phone. Now, there is no guarantee that these applications will not perform malicious activity on the phone. In most cases, these applications have read and write access to the phone's filesystem. Hence, they are capable of affecting the phone's functionality without the user's knowledge. Some of the applications that are installed on the phone could turn out to be worms or virus that are coded to spread through any communication channel it can find. The mobile phones usually provide various channels for communica- tion with other devices. These channels include Infrared, Bluetooth, Wifi, USB, GPRS/EDGE/EVDO, etc. 2 An important point to note for smart phones is that the operating systems have now become standard for phones. Most operating systems have released a mobile version which are compatible with various phone models. Currently, the market is dominated by three most common operating systems: Symbian, Windows and Linux. Hence, there is a lack of diversity in the market which allows attackers to target these operating systems while creating worms or virus. The complexity of these devices does add functionality to the user, but it also opens up many doors for malware to slip in. Hence, with all these views in mind, the need for security on mobile phones is obvious. 1.2 Open Mobile Phone Systems A new trend to open up mobile platforms has gained momentum in the past year. Why do we need open source mobile systems? A fully featured, fully open source mobile handset could help reduce the cost of mobile telecommunications and give users access to a rich set of low cost applications for personal use. On the other hand, certain companies prefer a standard and familiar user interface that makes it easier for users to use the device. But, with the flexibility offered by open source mobile devices, it has been gaining popularity very rapidly. Though there have been various initiatives to bring out a completely open source mobile software stack, two of the most notable ones are Google's Android [1] and FIC's Openmoko [2]. Google's Android is a software platform and operating system based on Linux. Developers can write applications for the platform using Java-like code using Java libraries provided by Google.
Load more

Recommended publications
  • Enabling Musical Applications on a Linux Phone
    University of Wollongong Research Online Faculty of Creative Arts - Papers (Archive) Faculty of Arts, Social Sciences & Humanities 2009 Enabling Musical Applications On A Linux Phone Greg Schiemer University of Wollongong, [email protected] E. Chen Royal Melbourne Institute of Technology Follow this and additional works at: https://ro.uow.edu.au/creartspapers Part of the Arts and Humanities Commons, and the Social and Behavioral Sciences Commons Recommended Citation Schiemer, Greg and Chen, E.: Enabling Musical Applications On A Linux Phone 2009. https://ro.uow.edu.au/creartspapers/36 Research Online is the open access institutional repository for the University of Wollongong. For further information contact the UOW Library: [email protected] ENABLING MUSICAL APPLICATIONS ON A LINUX PHONE Greg Schiemer Eva Cheng Sonic Arts Research Network School of Electrical and Computer Faculty of Creative Arts Engineering University of Wollongong RMIT Melbourne 2522 3000 The prospect of using compiled Arm9 native code of- fers a way to synthesise music using generic music soft- ABSTRACT ware such as Pure data and Csound rather than interpre- tive languages like java and python which have been Over the past decade the mobile phone has evolved to used in mobile devices [1, 2]. A similar approach to mo- become a hardware platform for musical interaction and bile synthesis has been adopted using the Symbian oper- is increasingly being taken seriously by composers and ating system [3]. instrument designers alike. Its gradual evolution has seen The Linux environment is more suited to the devel- improvements in hardware architecture that require al- opment of new applications in embedded hardware than ternative methods of programming.
    [Show full text]
  • Create an Email with Subject Title “Embedded Software Engineer”, Email a Copy of Your Resume to [email protected]
    To Apply for This Position: Create an email with subject title “Embedded Software Engineer”, email a copy of your resume to [email protected] Location Address: ALLEN PARK, MI,48101 Position Description: TITLE: Embedded Software Engineer ‐ Hypervisor OS technologies This position is responsible to develop QNX and Android operating system images for Ford infotainment products. This includes creating and integrating code for: bootloader, kernel, drivers, type 1 hypervisor, and build environment. Skills Required: • Lead the design, bring‐up and support of QNX and Android operating system images • Create virt‐io drivers for QNX or Android guest operating systems • Participate in root cause analysis of hardware quality problems and software defects • Participate in system design, documentation, and testing to deliver a best‐in‐class infotainment system Experience Required: • 5+ years operating system experience involving Linux or QNX • 5+ years C/C++ software development experience on embedded, mobile, or consumer electronic platforms Experience Preferred: • Experience with Type 1 hypervisors • Experience creating virt‐io drivers • Mastery of C/C++ language, GNU tool chain, and Unix (QNX, Linux, or equivalent) • Experience with embedded build systems including QNX system builder, buildroot, yocto, or equivalent • Knowledge of in‐vehicle signaling and communication mechanisms such as CAN • Proficiency with revision control including Git, Subversion, or equivalent • Multi‐site software project team experience Education Required: • Bachelor's degree in Computer Engineering, Electrical Engineering, Computer Science, or related Education Preferred: • Master's degree in Computer Engineering, Electrical Engineering or Computer Science Additional Information: Web Based Assessment not required for this position. Visa Sponsorship and Domestic Relocation is available for this position.
    [Show full text]
  • Also Includes Slides and Contents From
    The Compilation Toolchain Cross-Compilation for Embedded Systems Prof. Andrea Marongiu ([email protected]) Toolchain The toolchain is a set of development tools used in association with source code or binaries generated from the source code • Enables development in a programming language (e.g., C/C++) • It is used for a lot of operations such as a) Compilation b) Preparing Libraries Most common toolchain is the c) Reading a binary file (or part of it) GNU toolchain which is part of d) Debugging the GNU project • Normally it contains a) Compiler : Generate object files from source code files b) Linker: Link object files together to build a binary file c) Library Archiver: To group a set of object files into a library file d) Debugger: To debug the binary file while running e) And other tools The GNU Toolchain GNU (GNU’s Not Unix) The GNU toolchain has played a vital role in the development of the Linux kernel, BSD, and software for embedded systems. The GNU project produced a set of programming tools. Parts of the toolchain we will use are: -gcc: (GNU Compiler Collection): suite of compilers for many programming languages -binutils: Suite of tools including linker (ld), assembler (gas) -gdb: Code debugging tool -libc: Subset of standard C library (assuming a C compiler). -bash: free Unix shell (Bourne-again shell). Default shell on GNU/Linux systems and Mac OSX. Also ported to Microsoft Windows. -make: automation tool for compilation and build Program development tools The process of converting source code to an executable binary image requires several steps, each with its own tool.
    [Show full text]
  • PDF-Dokumenten Zusammenzusetzen Im Test Raspi 3A+
    Haiku: BeOS-Klon bekommt RasPi 3 Modell A+: Neuer easyLINUX COMMUNITY-EDITIONJetzt mit zusätzlichen Seiten ! rund umneues den Paketmanagement Linux-Einstieg S. 82 Mini-PC im Überblick S. 86 Frei kopieren und beliebig weiter verteilen ! 02.2019 02.2019 Digitale Notizen, Gliederungseditoren, Zusammenarbeit im LAN und unterwegs WISSEN TEILEN WISSEN TEILEN WISSEN Mini-Server: Vorträge um ein Diskussionsforum ergänzen S. 28 Joplin: Evernote-Ersatz ohne Zwang zur Cloud S. 32 Pydio Cells: Dateien teilen und gemeinsam bearbeiten S. 24 Cherrytree und Piggydb: Daten ordnen und miteinander vernetzen S. 16 Steam Play: Der neue Valve-Client im Test Dank Vulkan-API und Proton verspricht das Unternehmen mehr Spiele für Linux – unser Report deckt das Potenzial und die Probleme des neuen Ansatzes auf S. 74 Hilfe aus der Ferne Netzwerk-Konfiguration Einsteigertaugliche Remote-Software Mit nur einem Tool Geräte einrichten, öffnet SSH-Zugang zum eigenen PC S.38 Routen setzen und Traffic steuern S. 80 Top-Distris auf zwei Heft-DVDs MANJARO 18 • APT-CLONE • PLASMA 5.14 • GIMP 2.10 • RASPI 3A+ • • 3A+ RASPI • 2.10 GIMP • 5.14 PLASMA • APT-CLONE • 18 MANJARO EUR 8,50 EUR 9,35 sfr 17,00 EUR 10,85 EUR 11,05 EUR 11,05 02 www.linux-user.de Deutschland Österreich Schweiz Benelux Spanien Italien 4 196067 008502 02 Editorial Lindows? Sehr geehrte Leserinnen und Leser, wer sich gelegentlich auch in englisch- sprachigen Medien über Linux und quell- offene Software informiert, der kennt unvermeidlich das Kürzel sjvn: Steven J. Vaughan-Nichols liefert seit Jahrzehnten technische Hintergrund informationen und spitzzüngige Meinungsstücke über Jörg Luther das Open-Source- Umfeld.
    [Show full text]
  • Embedded Linux Systems with the Yocto Project™
    OPEN SOURCE SOFTWARE DEVELOPMENT SERIES Embedded Linux Systems with the Yocto Project" FREE SAMPLE CHAPTER SHARE WITH OTHERS �f, � � � � Embedded Linux Systems with the Yocto ProjectTM This page intentionally left blank Embedded Linux Systems with the Yocto ProjectTM Rudolf J. Streif Boston • Columbus • Indianapolis • New York • San Francisco • Amsterdam • Cape Town Dubai • London • Madrid • Milan • Munich • Paris • Montreal • Toronto • Delhi • Mexico City São Paulo • Sidney • Hong Kong • Seoul • Singapore • Taipei • Tokyo Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks. Where those designations appear in this book, and the publisher was aware of a trademark claim, the designations have been printed with initial capital letters or in all capitals. The author and publisher have taken care in the preparation of this book, but make no expressed or implied warranty of any kind and assume no responsibility for errors or omissions. No liability is assumed for incidental or consequential damages in connection with or arising out of the use of the information or programs contained herein. For information about buying this title in bulk quantities, or for special sales opportunities (which may include electronic versions; custom cover designs; and content particular to your business, training goals, marketing focus, or branding interests), please contact our corporate sales depart- ment at [email protected] or (800) 382-3419. For government sales inquiries, please contact [email protected]. For questions about sales outside the U.S., please contact [email protected]. Visit us on the Web: informit.com Cataloging-in-Publication Data is on file with the Library of Congress.
    [Show full text]
  • Introduction to the Yocto Project / Openembedded-Core
    Embedded Recipes Conference - 2017 Introduction to the Yocto Project / OpenEmbedded-core Mylène Josserand Bootlin [email protected] embedded Linux and kernel engineering - Kernel, drivers and embedded Linux - Development, consulting, training and support - https://bootlin.com 1/1 Mylène Josserand I Embedded Linux engineer at Bootlin since 2016 I Embedded Linux expertise I Development, consulting and training around the Yocto Project I One of the authors of Bootlin’ Yocto Project / OpenEmbedded training materials. I Kernel contributor: audio driver, touchscreen, RTC and more to come! embedded Linux and kernel engineering - Kernel, drivers and embedded Linux - Development, consulting, training and support - https://bootlin.com 2/1 I Understand why we should use a build system I How the Yocto Project / OpenEmbedded core are structured I How we can use it I How we can update it to fit our needs I Give some good practices to start using the Yocto Project correctly I Allows to customize many things: it is easy to do things the wrong way I When you see a X, it means it is a good practice! Introduction I In this talk, we will: - Kernel, drivers and embedded Linux - Development, consulting, training and support - https://bootlin.com 3/1 I How the Yocto Project / OpenEmbedded core are structured I How we can use it I How we can update it to fit our needs I Give some good practices to start using the Yocto Project correctly I Allows to customize many things: it is easy to do things the wrong way I When you see a X, it means it is a good practice!
    [Show full text]
  • Android Operating System
    Software Engineering ISSN: 2229-4007 & ISSN: 2229-4015, Volume 3, Issue 1, 2012, pp.-10-13. Available online at http://www.bioinfo.in/contents.php?id=76 ANDROID OPERATING SYSTEM NIMODIA C. AND DESHMUKH H.R. Babasaheb Naik College of Engineering, Pusad, MS, India. *Corresponding Author: Email- [email protected], [email protected] Received: February 21, 2012; Accepted: March 15, 2012 Abstract- Android is a software stack for mobile devices that includes an operating system, middleware and key applications. Android, an open source mobile device platform based on the Linux operating system. It has application Framework,enhanced graphics, integrated web browser, relational database, media support, LibWebCore web browser, wide variety of connectivity and much more applications. Android relies on Linux version 2.6 for core system services such as security, memory management, process management, network stack, and driver model. Architecture of Android consist of Applications. Linux kernel, libraries, application framework, Android Runtime. All applications are written using the Java programming language. Android mobile phone platform is going to be more secure than Apple’s iPhone or any other device in the long run. Keywords- 3G, Dalvik Virtual Machine, EGPRS, LiMo, Open Handset Alliance, SQLite, WCDMA/HSUPA Citation: Nimodia C. and Deshmukh H.R. (2012) Android Operating System. Software Engineering, ISSN: 2229-4007 & ISSN: 2229-4015, Volume 3, Issue 1, pp.-10-13. Copyright: Copyright©2012 Nimodia C. and Deshmukh H.R. This is an open-access article distributed under the terms of the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited.
    [Show full text]
  • Symbian OS Platform Security Model
    THE SYMBIAN OS BECAME FULLY OPEN sourced in February 2010, which opens even BO LI, ELENA RESHETOVA, AND T U O M A S A U R A more possibilities for application develop- ers to understand and analyze its security Symbian OS solution. We present a short introduction to the software features of Symbian plat- platform form security: three trust tiers, capability model, data caging, and the Symbian signed security model process. We also try to compare the security Bo Li is a second-year student in the master’s solution with the classical design principles program in security and mobile computing in this area, as well as briefly discuss gen- at Aalto University, Finland. He got his bach- elor’s degree in communications engineering eral design challenges and potential weak- in 2008 from Fudan University, China. nesses. [email protected] Elena Reshetova is a senior security engineer Introduction at Nokia, as well as a postgraduate student at Aalto University. She is interested in With the development of mobile devices and mo- various research areas related to platform bile computers, more and more people rely strongly security, security aspects of networking, and on them. People use mobile devices and mobile cryptography. computers to arrange their schedules, contact each [email protected] other, process emails, and share rich media con- tent. People believe it is safe to do so because it Tuomas Aura is a professor at Aalto Uni- versity, Finland. His research interests are feels secure just knowing it is “right there with security and privacy in communications you” [8].
    [Show full text]
  • Openmoko Is Dead. Long Live Openphoenux!
    Openmoko is dead. Long live OpenPhoenux! Nikolaus Schaller, Lukas Märdian LinuxTag, Berlin, May 26th, 2012 Agenda Part one: some history Part two: a long way home Part three: rising from the ashes Part four: flying higher Part five: use it as daily phone – software Q&A Nikolaus Schaller, Lukas Märdian OpenPhoenux | GTA04 May 26th 2012 LinuxTag 2012 wiki.openmoko.org | www.gta04.org 2 Some history – Past iterations • FIC GTA01 – Neo 1973 – Roughly 3.000 units sold – Production discontinued • Openmoko GTA02 – Neo Freerunner – Roughly 15.000 units sold – Hardware revision v7 – Production discontinued Nikolaus Schaller, Lukas Märdian OpenPhoenux | GTA04 May 26th 2012 LinuxTag 2012 wiki.openmoko.org | www.gta04.org 3 Some history – The End (of part I) • FIC and Openmoko got out • Strong community continues development • Golden Delicious taking the lead – Excellent support for existing devices – Shipping spare parts and add-ons – Tuned GTA02v7++ • Deep sleep fix (aka bug #1024) -> Improved standby time • Bass rework -> Improved sound quality Nikolaus Schaller, Lukas Märdian OpenPhoenux | GTA04 May 26th 2012 LinuxTag 2012 wiki.openmoko.org | www.gta04.org 4 Agenda Part one: some history Part two: a long way home Part three: rising from the ashes Part four: flying higher Part five: use it as daily phone – software Q&A Nikolaus Schaller, Lukas Märdian OpenPhoenux | GTA04 May 26th 2012 LinuxTag 2012 wiki.openmoko.org | www.gta04.org 5 A long way home How do we get to a new open mobile phone? – open kernel for big ${BRAND} – reverse eng. – order from some ${MANUFACTURER} – hope for openness – DIY, “Use the source, Luke!” Nikolaus Schaller, Lukas Märdian OpenPhoenux | GTA04 May 26th 2012 LinuxTag 2012 wiki.openmoko.org | www.gta04.org 6 Using the source: Beagleboard Beagleboard – Full Linux support – Open schematics – Open layout – Expansion connectors – Lots of documentation – Components available Nikolaus Schaller, Lukas Märdian OpenPhoenux | GTA04 May 26th 2012 LinuxTag 2012 wiki.openmoko.org | www.gta04.org 7 In theory it could fit (Aug.
    [Show full text]
  • Computer Architecture and Assembly Language
    Computer Architecture and Assembly Language Gabriel Laskar EPITA 2015 License I Copyright c 2004-2005, ACU, Benoit Perrot I Copyright c 2004-2008, Alexandre Becoulet I Copyright c 2009-2013, Nicolas Pouillon I Copyright c 2014, Joël Porquet I Copyright c 2015, Gabriel Laskar Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation; with the Invariant Sections being just ‘‘Copying this document’’, no Front-Cover Texts, and no Back-Cover Texts. Introduction Part I Introduction Gabriel Laskar (EPITA) CAAL 2015 3 / 378 Introduction Problem definition 1: Introduction Problem definition Outline Gabriel Laskar (EPITA) CAAL 2015 4 / 378 Introduction Problem definition What are we trying to learn? Computer Architecture What is in the hardware? I A bit of history of computers, current machines I Concepts and conventions: processing, memory, communication, optimization How does a machine run code? I Program execution model I Memory mapping, OS support Gabriel Laskar (EPITA) CAAL 2015 5 / 378 Introduction Problem definition What are we trying to learn? Assembly Language How to “talk” with the machine directly? I Mechanisms involved I Assembly language structure and usage I Low-level assembly language features I C inline assembly Gabriel Laskar (EPITA) CAAL 2015 6 / 378 I Programmers I Wise managers Introduction Problem definition Who do I talk to? I System gurus I Low-level enthusiasts Gabriel Laskar (EPITA) CAAL
    [Show full text]
  • OS Selection for Dummies
    OS SELECTION HOW TO CHOOSE HOW TO CHOOSE Choosing your OS is the first step, so take the time to consider your choice fully. There are many parameters to take into account: l Is this a new project or the evolution of an existing product? l Using the same SW stack? Re-using existing code? l Is your team familiar with a particular OS? Ø Using an OS you are already comfortable with can help l What are the HW constraints of your system? Ø Some operating systems require more memory/processing power than others l Have no SW team? Not sure about the above? Ø Contact us so we can help you decide! Ø We can also introduce you to one of our many partners! 1 OS SELECTION OPEN SOURCE VS. COMMERCIAL OS Embedded OS BSP Provider $ Cost Open-Source OS Boundary Devices • Embedded Linux / Android Embedded Linux $0, included • Large pool of developers available with Board Purchase • Strong community • Royalty-free And / or partners 3rd Party - Commercial OS Partners • QNX / Win10 IoT / Green Hills $>0, depends on • Professional support requirements • Unique set of development tools 2 OS SELECTION OPEN SOURCE SELECTION OS SELECTION PROS CONS Embedded Linux Most powerful / optimized Complexity for newcomers solution, maintained by NXP • Build systems Ø Yocto / Buildroot Simpler solution, makefile- Not as flexible as Yocto Ø Everything built from scratch based, maintained by BD Desktop-like approach, Harder to customize, non- Package-based distribution easy-to-use atomic updates, no cross- • Ubuntu / Debian compilation SDK Apt install / update, millions • Packages installed from server of prebuilt packages available Android Millions of apps available, same number of developers, Resource-hungry, complex • AOSP-based (no GMS) development environment, BSP modifications (HAL) • APK applications IDE + debugging tools 3 SOFTWARE PARTNERS Boundary Devices has an industry-leading group of software partners.
    [Show full text]
  • How to Create a Partitioned Image with the Custom Wic Plugin?
    How to create a partitioned image with the custom Wic plugin? Tips and tricks based on the bootimg-grub-tb plugin development Norbert Kamiński, 3mdeb Embedded Systems Consulting Yocto Project Virtual Summit Europe, October 29-30, 2020 Agenda • $ whoami • Wic – OpenEmbedded Image Creator • Preparing layer • WKS files • Wic Plug-in Interface • Overall information • PluginSource Methods • Wic Plug-in development • bootimg-grub-tb - custom Wic Plug-in 2 Yocto Project® | The Linux Foundation® $ whoami • Open-source contributor • meta-pcengines • meta-trenchboot • qubes-fwupd • Scope of interests • embedded Linux • virtualization and containerization • bootloaders Norbert Kamiński Embedded Systems Engineer at 3mdeb Embedded Systems Consulting • • 3 Yocto Project® | The Linux Foundation® Wic – OpenEmbedded Image Creator Yocto Project | The Linux Foundation What is the Wic? • Wic stands for OpenEmbedded Image Creator • It is used to a create partitioned image • Wic is loosely based on the Meego Image Creator framework (mic) • It is using build artifacts instead of installing packages and configurations 5 Yocto Project® | The Linux Foundation® Prepare your layer • Go to your meta layer • Add wic to the IMAGE_FSTYPE variable in your local configuration IMAGE_FSTYPES += "wic" • Use the existing wic kickstart file or create specific one for your purposes 6 Yocto Project® | The Linux Foundation® Default partition layouts • At the start source poky/oe-init-build-env • List the available wic kickstart configurations $ wic list images mpc8315e-rdb Create
    [Show full text]