Genode OS is a tool kit for building highly secure special-purpose OS

119 pointsposted a day ago
by doener
(genode.org)

26 Comments

mikewarot

a day ago

I haven't seen the "This is how you use it as a daily driver" video yet. Maybe it's lack of google-fu on my part?

If I can throw it on an inexpensive desktop, and the run Linux and Windows under it, and maybe do some Lazarus/Free pascal development, I'll be a happy camper.

iamnothere

a day ago

> If I can throw it on an inexpensive desktop, and the run Linux and Windows under it, and maybe do some Lazarus/Free pascal development, I'll be a happy camper.

It’s capable of this today. Be aware that VMs do have a noticeable performance impact, but on a powerful system they aren’t unusably slow.

LargoLasskhyfv

17 hours ago

It runs perfectly on refurbished Lenovo M910q tinies, with Kaby Lake Core i5-7500t or Core i7-7700t, 32GB Ram. But so does everything else.

Linux via their VirtualBox port works, usable with 32GB Ram. Didn't try Windows, though.

Thinking about it, the same should apply for most N150-based mini-pcs, because everything is intel inside. May have bad firmware/bios, though.

mycall

17 hours ago

Allow AI to create you new embedded operating system features. Since Genode is an OS framework, let some agents simplify your daily grind.

bastawhiz

17 hours ago

How's that going for Microsoft on Windows 11?

bri3d

a day ago

Appears on HN with some frequency, last time 4 months ago: https://news.ycombinator.com/item?id=45384653

The “showcase” composition / implementation of Genode, Sculpt OS, is pretty fun to install and run.

dang

21 hours ago

Thanks! Macroexpanded:

Genode OS Framework - https://news.ycombinator.com/item?id=45384653 - Sept 2025 (39 comments)

Genode: FOSDEM 2024 Aftermath - https://news.ycombinator.com/item?id=39557993 - March 2024 (2 comments)

Genode – Genode on seL4 – IPC and virtual memory - https://news.ycombinator.com/item?id=38060698 - Oct 2023 (6 comments)

Genode's Browser Odyssey (2022) - https://news.ycombinator.com/item?id=35206642 - March 2023 (11 comments)

Genode OS Framework 22.08 - https://news.ycombinator.com/item?id=32671467 - Sept 2022 (2 comments)

Genode OS Framework release 22.02 - https://news.ycombinator.com/item?id=30521093 - March 2022 (12 comments)

Genode – Sculpt Operating System 21.10 - https://news.ycombinator.com/item?id=28889767 - Oct 2021 (12 comments)

Genode Operating System Framework – General Overview - https://news.ycombinator.com/item?id=26441425 - March 2021 (1 comment)

Genode OS Framework 20.11 - https://news.ycombinator.com/item?id=25236274 - Nov 2020 (3 comments)

Genode OS Framework 19.05 - https://news.ycombinator.com/item?id=20038374 - May 2019 (20 comments)

Genode OS: A tool kit for highly secure special-purpose operating systems - https://news.ycombinator.com/item?id=18962861 - Jan 2019 (31 comments)

Genode – The microkernel approach (2008) - https://news.ycombinator.com/item?id=16084936 - Jan 2018 (1 comment)

Genode OS Framework 16.05 (with Rust support and 4.4.3 Linux drivers) - https://news.ycombinator.com/item?id=11854460 - June 2016 (3 comments)

How Genode came to RISC-V - https://news.ycombinator.com/item?id=11369463 - March 2016 (19 comments)

Genode – Operating System Framework - https://news.ycombinator.com/item?id=10139224 - Aug 2015 (23 comments)

cachius

21 hours ago

Reminds me of T2 SDE:

a highly customizable and portable build system for creating complete Linux distributions from source. It serves as a robust toolkit for building everything from embedded platforms to full desktop systems

https://t2linux.com/about.html

snvzz

11 hours ago

An active, long-running project, more than 20 years now, Genode is amazing outright.

They actually managed to make a general-purpose OS (Sculpt) with an architecture centered around capabilities, and they can run such a system with seL4 as the microkernel, which guarantees capabilities cannot be forged.

rurban

11 hours ago

They can use most L4-based microkernels, mostly their own, or NOVA or Fiasco. Secure capabilities are a feature of all L4 kernels.

snvzz

6 hours ago

>They can use most L4-based microkernels, mostly their own, or NOVA or Fiasco.

Correct, Genode supports several kernels, including but not limited to those.

>Secure capabilities are a feature of all L4 kernels.

Not accurate. Liedtke's L4 does not do capabilities.

It would be more accurate to say that most modern L4-like kernels do.

The highlight is seL4, specifically because it offers those formal guarantees while also being the fastest.

rurban

5 hours ago

Who cares about formal guarantees when the other kernels are much better and provide a much better infrastructure. The kernel itself is minimal. Fiasco can be real-time.

snvzz

5 hours ago

>Who cares about formal guarantees

Projection. You might not care, but extrapolating is a mistake.

Public as well as private sector with high assurance needs have gathered around seL4 foundation due to its proofs and technical excellence.

>are much better

Subjective. What is your criteria?

>Fiasco can be real-time.

Depends on your definition of real-time.

Hard realtime requires guarantees that the deadlines will always be met. The only non-toy kernel that offers proof of WCET is seL4.

If soft realtime is all you need, then Linux with PREEMPT_RT suffices.

rurban

4 hours ago

The private sector uses commercial L4 spinoffs, not an academic kernel.

wotsdat

a day ago

I misread Genode as genocide

wonder if that's just me?

squarefoot

36 minutes ago

Same here, had to look the 3rd time to realize. It's sad what the current events can imprint in our brains. Screw this timeline, really!

nan60

19 hours ago

I did the same

Western0

a day ago

interesting please compile me for luxFox linux hardware or raspberry pi 2350

MonkeyClub

21 hours ago

Consider yourself compiled /s