tock
hubris
tock | hubris | |
---|---|---|
33 | 35 | |
5,573 | 3,085 | |
2.0% | 1.7% | |
9.9 | 9.4 | |
5 days ago | 3 days ago | |
Rust | Rust | |
GNU General Public License v3.0 or later | Mozilla Public License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
tock
- A secure embedded operating system for microcontrollers
-
OxidOS Automotive
Hi! This is Daniel from OxidOS Automotive (stating this for disclaimer purposes).
Yes, our OS is based on TockOS, and our CEO (Alex Radovici) is #7 in the contributors list (https://github.com/tock/tock/graphs/contributors), with other colleagues contributing in the past years.
- What is the best library to write a SCADA-like application for web?
-
Safety vs. Performance. A case study of C, C++ and Rust sort implementations
I'm definitely not the best person to answer this, but honestly it's not bad. Here's an example of a moderately complex peripheral, the cortex-m MPU, and how one rust OS handles it:
https://github.com/tock/tock/blob/3a0527d586702b8ae8cb242391...
Reads and writes turn into volatile reads, so everything works out under the hood. You get the benefits of everything having good names, declared sizes, and proper typing on your register accesses. You can extend that to bit accesses as well.
Rust still has a few areas it isn't competitive in, like your hyper limited or obscure chips (e.g. 8051s, XAP), mature tooling around formal methods, and a certification story for safety critical code. People are working on these latter two issues (e.g. ferrocene) and supposedly very close to public delivery, but you know how slow the industry is to adopt new things even then.
- Ask HN: Any Hardware Startups Here?
-
Real-Time Operating Systems 101: Basics for Efficient Computing
There's Tock (https://www.tockos.org/), which is written in Rust (with sprinkles of assembly).
-
Unwinding the Stack the Hard Way
Yeah, and I like I mentioned in the earlier comment, omitting the frame pointer reduces code size by 10% on RISC-V targets, which is huge when dealing with embedded flash: https://github.com/tock/tock/pull/1660
- Where are the C Alternatives?
-
Embedded real time OS
Tock is an excellent embedded OS written in Rust and has some good industrial support. I think Tock gets a lot of stuff right and I highly recommend some of the talks the developers gave on it.
-
Fedora now has frame pointers
Unfortunately, it increases the code size by 10%. I was looking into this just last week, and can confirm that it's still a problem on the latest version of Rust nightly: https://github.com/tock/tock/pull/1660
I wish we could have frame pointers, because they would make working in embedded land so much easier and more reliable, but a 10% increase in code size just isn't worth it.
hubris
-
It has been [33] days since the last Hubris kernel bug
Finding bugs in the Hubris kernel is rare enough that we have a running joke about resetting the “days since last kernel bug” timer.
I decided to make this joke into an actual docs page; because HN has enjoyed posts about Hubris in the past [1], I figured this might be of interest!
Many of the individual bugs are terrifying dives into corner cases of an embedded OS. This one is particularly good reading: https://github.com/oxidecomputer/hubris/issues/1134
[1] https://news.ycombinator.com/item?id=29390751
-
My 71 TiB ZFS NAS After 10 Years and Zero Drive Failures
It’s moderately smart - there’s a PID loop with per-component target temperatures, so it’s trying not to do more work than necessary.
(source: I wrote it, and it’s all published at https://github.com/oxidecomputer/hubris/tree/master/task/the... )
We also worked with the fan vendor to get parts with a lower minimum RPM. The stock fans idle at about 5K RPM, and ours idle at 2K, which is already enough to keep the system cool under light loads.
-
Framework won't be just a laptop company anymore
> The CPUs in Oxide racks are AMD, so, presumably AMD-based compute rather than ARM.
These don’t run Hubris though; based on the chips directory in the repo [0], they’re targeting a mix of NXP and ST parts, which are Arm, and the user isn’t likely to see them or care what firmware they’re running: they’re really pretty “boring”.
[0] : https://github.com/oxidecomputer/hubris/tree/020d014880382d8...
-
Who killed the network switch? A Hubris Bug Story
I wouldn't put this comment here. It's not just some detail of this function; it's an invariant of the field that all writers have to respect (maybe this is the only one now but still) and all readers can take advantage of. So I'd add it to the `TaskDesc::regions` docstring. [1]
[1] https://github.com/oxidecomputer/hubris/commit/b44e677fb39cd...
-
Oxide: The Cloud Computer
With respect to Hubris, the build badge was, in turns out, pointing to a stale workflow. (That is, the build was succeeding, but the build badge was busted.) This comment has been immortalized in the fix.[0]
With respect to Humility, I am going to resist the temptation of pointing out why one of those directories has a different nomenclature with respect to its delimiter -- and just leave it at this: if you really want to find some filthy code in Humility, you can do much, much better than that!
[0] https://github.com/oxidecomputer/hubris/commit/651a9546b20ce...
-
Barracuda Urges Replacing – Not Patching – Its Email Security Gateways
A lot of questions in there! Taking these in order:
1. We aren't making standalone servers: the Oxide compute sled comes in the Oxide rack. So are not (and do not intend to be) a drop in replacement for extant rack mounted servers.
2. We have taken a fundamentally different approach to firmware, with a true root of trust that can attest to the service processor -- which can turn attest to the system software. This prompts a lot of questions (e.g., who attests to the root of trust?), and there is a LOT to say about this; look for us to talk a lot more about this
3. In stark contrast (sadly) to nearly everyone else in the server space, the firmware we are developing is entirely open source. More details on that can be found in Cliff Biffle's 2021 OSFC talk and the Hubris and Humility repos.[0][1][2]
4. Definitely not vaporware! We are in the process of shipping to our first customers; you can follow our progress in our Oxide and Friends podcast.[3]
[0] https://www.osfc.io/2021/talks/on-hubris-and-humility-develo...
[1] https://github.com/oxidecomputer/hubris
[2] https://github.com/oxidecomputer/humility
[3] https://oxide-and-friends.transistor.fm/
- Do you use Rust in your professional career?
-
Spotting and Avoiding Heap Fragmentation in Rust Applications
everywhere, for example in https://github.com/oxidecomputer/hubris/search?q=dyn
Is Box really allocating here? Is the "Rust By Example" text incomplete?
Then I had to stop learning Rust for other reasons, but this doubt really hit me at the time.
-
What's the coolest thing you've done with Neovim?
I work on an embedded OS in Rust (Hubris) that has a very bespoke build system. As part of the build system, it has to set environmental variables based on (1) the target device and (2) the specific "task"; this is an OS with task-level isolation, so tasks are compiled as individual Rust crates.
-
TCG TPM2.0 implementations vulnerable to memory corruption
Oxide Computer told some storied about the difficulty of bring up of a new motherboard, and mentioned a lot of gotcha details and hack solutions for managing their AMD chip.
They talked about their bring up sequence, boot chain verification on their motherboard, and designing / creating / verifying their hardware root of trust.
I heard mention of this on a podcast recently, trying to find the reference.
I'm pretty sure it was [S3]
- "Tales from the Bringup Lab" https://lnns.co/FBf5oLpyHK3
- or "More Tales from the Bringup Lab" https://lnns.co/LQur_ToJX9m
But I found again these interesting things worth sharing on that search. https://oxide.computer/blog/hubris-and-humility, https://github.com/oxidecomputer/hubris
Search 1 [S1], Trammell Hudson ep mentioning firmware (chromebook related iirc) https://lnns.co/pystdPm0QvG.
Search 2 [S2], Security, Cryptography, Whatever podcast episode mentioning Oxide and roots of trust or similar. https://lnns.co/VnyTvdhBiGC
Search links:
[S1]: https://www.listennotes.com/search/?q=oxide+tpm
[S2]: https://www.listennotes.com/search/?q=oxide%20and%20friends%...
[S3]: https://www.listennotes.com/search/?q=oxide%20and%20friends%...
What are some alternatives?
embassy - Modern embedded framework, using Rust and async.
esp32 - Peripheral access crate for the ESP32
smoltcp - a smol tcp/ip stack
meta-raspberrypi - Yocto/OE BSP layer for the Raspberry Pi boards
rtic - Real-Time Interrupt-driven Concurrency (RTIC) framework for ARM Cortex-M microcontrollers
stm32-rs - Embedded Rust device crates for STM32 microcontrollers
rust-raspberrypi-OS-tutorials - :books: Learn to write an embedded OS in Rust :crab:
ferros - A Rust-based userland which also adds compile-time assurances to seL4 development.
redox - Mirror of https://gitlab.redox-os.org/redox-os/redox
git-subrepo
awesome-embedded-rust - Curated list of resources for Embedded and Low-level development in the Rust programming language
l4v - seL4 specification and proofs