VINO is an extensible operating system. What this means is that unprivileged code run by ordinary users can install extensions (we call these "grafts") to the operating system kernel. The chief reason for doing this is to increase performance by allowing the kernel to make more knowledgeable decisions. We also anticipate that in some cases grafts may provide added functionality.
Grafting (the process of installing grafts) is different from installing ordinary loadable kernel modules in that the code being installed is not necessarily trusted. Consequently, it is important to ensure that untrusted (and possibly malicious) graft code cannot interfere with the operation of the system for other users, or compromise the system's integrity. This is a complicated problem.
The primary mechanisms involved in graft safety are a software fault isolation tool called MiSFIT and an in-kernel database-like transaction system. Additional mechanisms for dynamically loading and linking graft code also exist. These mechanisms are fully operational in this release of VINO. Unfortunately, the tools for signing graft code (to prove to the kernel that the graft you wish to load was in fact processed by MiSFIT) are not ready yet.
Other things (besides grafting support) that you get in the VINO 0.40 kernel:
- Limited number of graft points (Many more will be available soon, but we wanted to concentrate on a few important points initially.)
- Limited number of graft-callable functions (Likewise.)
- KGDB support for kernel debugging.
- Support for most common user operations and system calls (not, however, including networking.)
- The full set of NetBSD/x86 device drivers.
And outside the kernel, you get:
- C and C++ compiler. (The compiler is gcc 184.108.40.206.)
- Full set of compiler tools (GNU binutils 2.8.1, plus additional tools from NetBSD, plus our own tools like MiSFIT.)
- Mostly ANSI and POSIX-compliant C standard library, based on NetBSD's.
- Much of a standard UNIX operating environment, based on NetBSD's.
Unfortunately, as this is an early release, there are a fair number of things we are still working on.