qubes-mirage-firewall
FreeRTOS-Kernel
qubes-mirage-firewall | FreeRTOS-Kernel | |
---|---|---|
5 | 12 | |
201 | 2,345 | |
0.0% | 3.7% | |
7.2 | 9.4 | |
11 days ago | 6 days ago | |
OCaml | C | |
- | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
qubes-mirage-firewall
-
Is running OpenBSD inside a QUBE as a router/firewall an interesting and good idea?
2) https://github.com/mirage/qubes-mirage-firewall is by far a better firewall for Qubes than OpenBSD ever will be - unikernels are far more secure than a traditional operating system is and you can read all about it on https://mirageos.org/
-
the maddening truth of using Qubes
That's correct. It does mean that the closest to a self-contained program you can run is a unikernel like the mirage-firewall, unfortunately. On the upside, those remain easily portable to essentially anything that can run VMs so long as you adjust the image format.
-
I had to relocate CHUNGUS because of the old warehouse I operate it is being torn down.
That sounds similar to a unikernel. There are actual uses for those in seL4 and Qubes OS such as a firewall-qube (in theory unikernel qubes should be able to take far less system resources to run than full Linux+distro qubes).
-
Ask HN: Examples of Microkernels?
Here's one that is "production" ready: the Mirage-Firewall microkernel running on Qubes OS.[0]
[0] : https://github.com/mirage/qubes-mirage-firewall
-
Qubes OS: A reasonably secure operating system
sys-net, sys-firewall and other administrative vms should slowly migrate to unikernels instead of running linux, which should help with ram usage. The mirage.io project seems to build a couple qubes vms, for example https://github.com/mirage/qubes-mirage-firewall is a firewall which they indicate to give 64Mb of ram.
FreeRTOS-Kernel
-
what do people usually do to separate/abstract platform dependent codes/files
Here is the port - https://github.com/FreeRTOS/FreeRTOS-Kernel/tree/main/portable/ThirdParty/GCC/Posix
-
TI CC2630: Having trouble deciding Contiki vs TI-RTOS
Freertos has support for generic cortex m3: https://github.com/FreeRTOS/FreeRTOS-Kernel/tree/main/portable/GCC/ARM_CM3 It could very well work almost out of the box with your mcu.
-
Ted Ts'o: "As an OS engineer, I deeply despise these optimization tricks, since I personally I care about correctness and not corrupting user data far more than I care about execution speed"
the only OS written in iso c i found was RTOS and they have open bug reports due to strict aliasing in simple things like their linked list implementation, which they don't bother to fix because somehow that causes even more problems (?!): https://github.com/FreeRTOS/FreeRTOS-Kernel/pull/54
- HELP
-
Arduino or full featured RTOS?
You likely put the requirements of POSIX just to have an excuse. Fyi, FreeRTOS kernel, the only thing you need, is here: https://github.com/FreeRTOS/FreeRTOS-Kernel/
- Ask HN: Examples of Microkernels?
-
Ask HN: Embedded Projects to Learn From?
- https://github.com/FreeRTOS/FreeRTOS-Kernel (architecture, C)
-
Nutshell custom memory allocators for me
FreeRTOS comes with 5 quite simple reference implementations of the heap memory allocator. You can study how it works.
-
Using FreeRTOS and dual core RP2040
The main branch is single-core. You're looking for the SMP branch.
-
C programmers scare me
On non-POSIX systems, malloc & free are implemented differently. EG FreeRTOS has some very simple malloc (and optionally free) implementations, eg heap_2.c (has malloc & free, but doesn't consolidate blocks), or heap_4.c (more complex, tries to prevent fragmentation by consolidating blocks, still less optmized & simpler than the glibc malloc/free used by most Linux systems).
What are some alternatives?
miragevpn - An opinionated implementation of the OpenVPN protocol
zephyr - Primary Git Repository for the Zephyr Project. Zephyr is a new generation, scalable, optimized, secure RTOS for multiple hardware architectures.
qubes-issues - The Qubes OS Project issue tracker
RIOT - RIOT - The friendly OS for IoT
unikraft - FlexOS is a Unikraft-based OS allowing users to easily specialize the safety and isolation strategy at compilation time.
mbed-os - Arm Mbed OS is a platform operating system designed for the internet of things
unikernels - MirageOS unikernels
mongoose-os - Mongoose OS - an IoT Firmware Development Framework. Supported microcontrollers: ESP32, ESP8266, CC3220, CC3200, STM32F4, STM32L4, STM32F7. Amazon AWS IoT, Microsoft Azure, Google IoT Core integrated. Code in C or JavaScript.
reason - Simple, fast & type safe code that leverages the JavaScript & OCaml ecosystems
nuttx - Apache NuttX is a mature, real-time embedded operating system (RTOS)
lk - LK embedded kernel
TizenRT - TizenRT is a lightweight RTOS-based platform to support low-end IoT devices