From owner-freebsd-hackers@FreeBSD.ORG Sat Apr 18 09:48:43 2015 Return-Path: Delivered-To: hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id DA34DA7 for ; Sat, 18 Apr 2015 09:48:43 +0000 (UTC) Received: from mail-pd0-x22d.google.com (mail-pd0-x22d.google.com [IPv6:2607:f8b0:400e:c02::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id AA85A74B for ; Sat, 18 Apr 2015 09:48:43 +0000 (UTC) Received: by pdbnk13 with SMTP id nk13so153317535pdb.0 for ; Sat, 18 Apr 2015 02:48:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=Svl85J1dPvw9PGaOlMyfP7ilCaOi8GCDqcABeG1w0zw=; b=rl/XWkZgMHN0izR+unoM2TZNyYwWUyD66VCh0g6BV24Yqe4oTxt5dqRbwk4GE5cpGY 6b3HqGkZBau7oMVBNxa0gA+3b2N+JrU2KC1BJAJQzka6vNYGWustxDmCDphLHP7Z90hu BpZCuzJe7/TLBKTuVvongu26ua4AOFUrbl5vYXg3xPehT5+2Ld/iJdbWoJ3luOepefL5 G1wknDHrNSX0ZVvFV4YmgO10z0D6pR15rMwSOsbesz5OhSlLUolTNfyL68rddVgBh8xh WxCFuRqvBigYN9nOuK/DmOthfVHSL8vfL0/+ru+hE7rOESMzeWQROibvy6fj3tMfYuf9 /I2A== MIME-Version: 1.0 X-Received: by 10.68.69.105 with SMTP id d9mr12323998pbu.144.1429350523157; Sat, 18 Apr 2015 02:48:43 -0700 (PDT) Received: by 10.70.82.68 with HTTP; Sat, 18 Apr 2015 02:48:43 -0700 (PDT) In-Reply-To: References: Date: Sat, 18 Apr 2015 19:48:43 +1000 Message-ID: Subject: Re: CloudABI: Taking capability-based security to the next level? From: Outback Dingo To: Ed Schouten Cc: hackers@freebsd.org Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.20 X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 18 Apr 2015 09:48:43 -0000 On Sat, Apr 18, 2015 at 1:00 PM, Outback Dingo wrote: > > On Fri, Apr 17, 2015 at 1:32 AM, Ed Schouten wrote: > >> Hello fellow FreeBSD hackers, >> >> If you are planning on attending BSDCan this year, you may have >> noticed that I am going to give a talk on something mysterious called >> CloudABI[1]. I thought it would make sense to also announce its >> availability here before the conference. >> >> Before you read the announcement below, I would like to invite you to >> read a manifesto on capability-based security that I wrote. This >> document tries to explain the necessity for a system like CloudABI. >> >> >> https://docs.google.com/a/nuxi.nl/document/d/1tW_4CDRuy7HZSkUd6AcDccga_efuIx6ZoyNV9ZLXbJ8/edit >> >> # What is CloudABI? >> >> CloudABI is an alternative POSIX-like runtime environment that is >> purely based on the principles behind Capsicum. It can be used to >> design complex applications that behave correctly in an environment >> that enforces capability-based security. CloudABI executables can be >> executed in such a way that the expose as little as possible about the >> host operating system, making it perfectly suitable as a building >> block for a safe and secure cluster/cloud computing setup. It could >> also be used to add support for untrusted plugins and extensions to >> existing applications (like Google's Native Client, but not tied to a >> browser). >> >> Compared to FreeBSD's binary interface, CloudABI is extremely compact >> (~60 system calls). The idea behind this is that adding support for >> CloudABI to existing operating systems should not be hard. An >> implementation for FreeBSD exists and support for Linux is planned. >> The intent is that binaries can be executed on multiple operating >> systems without requiring any recompilation. >> >> Support for CloudABI has already been upstreamed to LLVM/Clang and >> Binutils. It is therefore very easy to build and install a cross >> compiler for CloudABI. Cross compilation has already been tested to >> work on Linux, FreeBSD and Mac OS X. >> >> CloudABI ships with a C library called cloudlibc. This C library has >> been designed in such a way that it works reliably in a sandboxed >> environment. Features that are known to break when using Capsicum on >> FreeBSD (timezones, locales) still work properly with cloudlibc. >> cloudlibc has high testing coverage. This high testing coverage will >> also play a crucial role in ensuring that operating systems implement >> support for CloudABI consistently. >> >> All of CloudABI is and will remain MIT/BSD licensed. The code can be >> found on GitHub: >> >> cloudlibc: https://github.com/NuxiNL/cloudlibc >> FreeBSD kernel modifications: https://github.com/NuxiNL/freebsd >> >> CloudABI has been developed by Nuxi, a company that I founded last >> year. Nuxi plans on offering commercial support on CloudABI and its >> components. Interested in hearing how CloudABI can make your product >> more secure? Please get in touch at info@nuxi.nl to see if there's >> anything we can do to help out! >> >> # Where to go from here? >> >> My goal is to present CloudABI at BSDCan and discuss all the fine >> details with anyone who is interested. Does the idea behind CloudABI >> sound appealing to you? Can you think of killer use cases? Be sure to >> talk to me at the conference. If you won't be attending BSDCan this >> year: no problem! Emails are also appreciated. >> >> In my opinion it would make sense to have support for CloudABI >> integrated into FreeBSD by the time the kernel module becomes more >> mature. Expect to see more discussions on the mailing lists by the >> time that happens. >> >> In the meantime, be sure to give CloudABI a try and let us know what >> you think. Instructions on how to obtain a toolchain and patch up your >> FreeBSD kernel are provided on cloudlibc's GitHub page. We'd love to >> hear your opinion! >> >> Thanks, >> > > Looks good but a patch would have probably been better for users looking > to backport to say 10.1, or apply to a more recent current and help to > track progress. > In the meantime, Ill take a look at whats there. > > > though in the meantime it appears your modified FreeBSD tree is broken at the kernel level, merging and catching up to HEAD / CURRENT should resolve that. ===> cryptodev (all) cc -O2 -pipe -fno-strict-aliasing -Werror -D_KERNEL -DKLD_MODULE -nostdinc -DHAVE_KERNEL_OPTION_HEADERS -include /usr/obj/usr/home/dingo/freebsd/sys/GENERIC/opt_global.h -I. -I/usr/home/dingo/freebsd/sys -I/usr/home/dingo/freebsd/s ys/contrib/altq -fno-common -g -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -I/usr/obj/usr/home/dingo/freebsd/sys/GENERIC -mcmodel=kernel -mno-red-zone -mno-mmx -mno-sse -msoft-float -fno-asynchronous-unwind-tables -ffreestan ding -fwrapv -fstack-protector -gdwarf-2 -Wno-error-tautological-compare -Wno-error-empty-body -Wno-error-parentheses-equality -Wno-error-unused-function -Wno-error-pointer-sign -Wall -Wredundant-decls -Wnested-externs -Wstrict-proto types -Wmissing-prototypes -Wpointer-arith -Winline -Wcast-qual -Wundef -Wno-pointer-sign -D__printf__=__freebsd_kprintf__ -Wmissing-include-dirs -fdiagnostics-show-option -Wno-unknown-pragmas -Wno-error-tautological-compare -Wno- error-empty-body -Wno-error-parentheses-equality -Wno-error-unused-function -Wno-error-pointer-sign -mno-aes -mno-avx -std=iso9899:1999 -c /usr/home/dingo/freebsd/sys/modules/cryptodev/../../opencrypto/cryptodev.c -o cryptodev.o /usr/home/dingo/freebsd/sys/modules/cryptodev/../../opencrypto/cryptodev.c:1309:32: error: too few arguments to function call, expected 5, have 4 error = falloc(td, &f, &fd, 0); ~~~~~~ ^ /usr/home/dingo/freebsd/sys/sys/filedesc.h:147:1: note: 'falloc' declared here int falloc(struct thread *td, struct file **resultfp, int *resultfd, ^ 1 error generated. *** Error code 1 Stop. make[4]: stopped in /usr/home/dingo/freebsd/sys/modules/cryptodev *** Error code 1 > -- >> Ed Schouten >> >> [1] CloudABI at BSDCan: >> http://www.bsdcan.org/2015/schedule/events/524.en.html >> _______________________________________________ >> freebsd-hackers@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-hackers >> To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org >> " >> > >