Date: Sat, 18 Apr 2015 19:48:43 +1000 From: Outback Dingo <outbackdingo@gmail.com> To: Ed Schouten <ed@nuxi.nl> Cc: hackers@freebsd.org Subject: Re: CloudABI: Taking capability-based security to the next level? Message-ID: <CAKYr3zwFKboxpPK0nStHz5yK4u8r8x2-i%2BUH4VPc71=1A0dRyw@mail.gmail.com> In-Reply-To: <CAKYr3zywoiOgtRA97cRR2tgq1-rvyni%2B%2B0Y-JBNbeMFtSjePGQ@mail.gmail.com> References: <CABh_MK=44rw_vxMbXc_%2Bakpgkt%2BuUVb_dHhRzkpv8nGdcBpT5g@mail.gmail.com> <CAKYr3zywoiOgtRA97cRR2tgq1-rvyni%2B%2B0Y-JBNbeMFtSjePGQ@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Apr 18, 2015 at 1:00 PM, Outback Dingo <outbackdingo@gmail.com> wrote: > > On Fri, Apr 17, 2015 at 1:32 AM, Ed Schouten <ed@nuxi.nl> wrote: > >> Hello fellow FreeBSD hackers, >> >> If you are planning on attending BSDCan this year, you may have >> noticed that I am going to give a talk on something mysterious called >> CloudABI[1]. I thought it would make sense to also announce its >> availability here before the conference. >> >> Before you read the announcement below, I would like to invite you to >> read a manifesto on capability-based security that I wrote. This >> document tries to explain the necessity for a system like CloudABI. >> >> >> https://docs.google.com/a/nuxi.nl/document/d/1tW_4CDRuy7HZSkUd6AcDccga_efuIx6ZoyNV9ZLXbJ8/edit >> >> # What is CloudABI? >> >> CloudABI is an alternative POSIX-like runtime environment that is >> purely based on the principles behind Capsicum. It can be used to >> design complex applications that behave correctly in an environment >> that enforces capability-based security. CloudABI executables can be >> executed in such a way that the expose as little as possible about the >> host operating system, making it perfectly suitable as a building >> block for a safe and secure cluster/cloud computing setup. It could >> also be used to add support for untrusted plugins and extensions to >> existing applications (like Google's Native Client, but not tied to a >> browser). >> >> Compared to FreeBSD's binary interface, CloudABI is extremely compact >> (~60 system calls). The idea behind this is that adding support for >> CloudABI to existing operating systems should not be hard. An >> implementation for FreeBSD exists and support for Linux is planned. >> The intent is that binaries can be executed on multiple operating >> systems without requiring any recompilation. >> >> Support for CloudABI has already been upstreamed to LLVM/Clang and >> Binutils. It is therefore very easy to build and install a cross >> compiler for CloudABI. Cross compilation has already been tested to >> work on Linux, FreeBSD and Mac OS X. >> >> CloudABI ships with a C library called cloudlibc. This C library has >> been designed in such a way that it works reliably in a sandboxed >> environment. Features that are known to break when using Capsicum on >> FreeBSD (timezones, locales) still work properly with cloudlibc. >> cloudlibc has high testing coverage. This high testing coverage will >> also play a crucial role in ensuring that operating systems implement >> support for CloudABI consistently. >> >> All of CloudABI is and will remain MIT/BSD licensed. The code can be >> found on GitHub: >> >> cloudlibc: https://github.com/NuxiNL/cloudlibc >> FreeBSD kernel modifications: https://github.com/NuxiNL/freebsd >> >> CloudABI has been developed by Nuxi, a company that I founded last >> year. Nuxi plans on offering commercial support on CloudABI and its >> components. Interested in hearing how CloudABI can make your product >> more secure? Please get in touch at info@nuxi.nl to see if there's >> anything we can do to help out! >> >> # Where to go from here? >> >> My goal is to present CloudABI at BSDCan and discuss all the fine >> details with anyone who is interested. Does the idea behind CloudABI >> sound appealing to you? Can you think of killer use cases? Be sure to >> talk to me at the conference. If you won't be attending BSDCan this >> year: no problem! Emails are also appreciated. >> >> In my opinion it would make sense to have support for CloudABI >> integrated into FreeBSD by the time the kernel module becomes more >> mature. Expect to see more discussions on the mailing lists by the >> time that happens. >> >> In the meantime, be sure to give CloudABI a try and let us know what >> you think. Instructions on how to obtain a toolchain and patch up your >> FreeBSD kernel are provided on cloudlibc's GitHub page. We'd love to >> hear your opinion! >> >> Thanks, >> > > Looks good but a patch would have probably been better for users looking > to backport to say 10.1, or apply to a more recent current and help to > track progress. > In the meantime, Ill take a look at whats there. > > > though in the meantime it appears your modified FreeBSD tree is broken at the kernel level, merging and catching up to HEAD / CURRENT should resolve that. ===> cryptodev (all) cc -O2 -pipe -fno-strict-aliasing -Werror -D_KERNEL -DKLD_MODULE -nostdinc -DHAVE_KERNEL_OPTION_HEADERS -include /usr/obj/usr/home/dingo/freebsd/sys/GENERIC/opt_global.h -I. -I/usr/home/dingo/freebsd/sys -I/usr/home/dingo/freebsd/s ys/contrib/altq -fno-common -g -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -I/usr/obj/usr/home/dingo/freebsd/sys/GENERIC -mcmodel=kernel -mno-red-zone -mno-mmx -mno-sse -msoft-float -fno-asynchronous-unwind-tables -ffreestan ding -fwrapv -fstack-protector -gdwarf-2 -Wno-error-tautological-compare -Wno-error-empty-body -Wno-error-parentheses-equality -Wno-error-unused-function -Wno-error-pointer-sign -Wall -Wredundant-decls -Wnested-externs -Wstrict-proto types -Wmissing-prototypes -Wpointer-arith -Winline -Wcast-qual -Wundef -Wno-pointer-sign -D__printf__=__freebsd_kprintf__ -Wmissing-include-dirs -fdiagnostics-show-option -Wno-unknown-pragmas -Wno-error-tautological-compare -Wno- error-empty-body -Wno-error-parentheses-equality -Wno-error-unused-function -Wno-error-pointer-sign -mno-aes -mno-avx -std=iso9899:1999 -c /usr/home/dingo/freebsd/sys/modules/cryptodev/../../opencrypto/cryptodev.c -o cryptodev.o /usr/home/dingo/freebsd/sys/modules/cryptodev/../../opencrypto/cryptodev.c:1309:32: error: too few arguments to function call, expected 5, have 4 error = falloc(td, &f, &fd, 0); ~~~~~~ ^ /usr/home/dingo/freebsd/sys/sys/filedesc.h:147:1: note: 'falloc' declared here int falloc(struct thread *td, struct file **resultfp, int *resultfd, ^ 1 error generated. *** Error code 1 Stop. make[4]: stopped in /usr/home/dingo/freebsd/sys/modules/cryptodev *** Error code 1 > -- >> Ed Schouten <ed@nuxi.nl> >> >> [1] CloudABI at BSDCan: >> http://www.bsdcan.org/2015/schedule/events/524.en.html >> _______________________________________________ >> freebsd-hackers@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-hackers >> To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org >> " >> > >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAKYr3zwFKboxpPK0nStHz5yK4u8r8x2-i%2BUH4VPc71=1A0dRyw>