Google yakazivisa kuwanikwa kwezvinoitika zvine chekuita neKataOS purojekiti, ine chinangwa chekugadzira yakachengeteka sisitimu yekushandisa yeyakadzamirwa hardware. KataOS system zvikamu zvakanyorwa muRust uye inomhanya pamusoro peL4 microkernel, iyo humbowo hwemasvomhu hwekuvimbika hwakapihwa paRISC-V masisitimu, zvichiratidza kuti iyo kodhi inoenderana zvizere nezvakatsanangurwa mumutauro wepamutemo. Iyo kodhi yeprojekiti yakavhurika pasi peiyo Apache 2.0 rezinesi.
Iyo sisitimu inopa rutsigiro kumapuratifomu akavakirwa paRISC-V uye ARM64 zvivakwa. Kutevedzera mashandiro eL4 uye KataOS nharaunda pamusoro peiyo Hardware, iyo Renode dhizaini inoshandiswa panguva yekuvandudza. Sekuitwa kwereferensi, iyo Sparrow software uye hardware yakaoma inotsanangurwa, kusanganisa KataOS nemachipisi akachengeteka akavakirwa pane OpenTitan papuratifomu. Mhinduro yakarongwa inokubvumira kuti ubatanidze inonzwisisika yakasimbiswa inoshanda sisitimu kernel ine yakavimbika hardware zvikamu (RoT, Root of Trust), yakavakwa uchishandisa OpenTitan chikuva uye RISC-V architecture. Pamusoro peiyo KataOS kodhi, yakarongwa kuvhura zvese zvimwe zvikamu zveSparrow, kusanganisira iyo hardware chikamu, mune ramangwana.
Iyi puratifomu iri kuvandudzwa ine ziso rekushandisa mune akasarudzika machipi akagadzirirwa kufambisa zvikumbiro zvemuchina kudzidza uye kugadzirisa zvakavanzika ruzivo, izvo zvinoda yakasarudzika mwero wekudzivirira uye simbiso yekusavapo kwekutadza. Mienzaniso yemashandisirwo akadai anosanganisira masisitimu anonyengedza mifananidzo yevanhu uye kurekodha inzwi. Kushandiswa kweKataOS kwekuvimbika kwechokwadi kunovimbisa kuti kana chikamu chimwe chehurongwa chikatadza, kutadza hakuzopararira kune yese system uye, kunyanya, kune kernel uye zvikamu zvakakosha.
Iyo seL4 dhizaini yakakosha pakufambisa zvikamu zvekugadzirisa kernel zviwanikwa munzvimbo yevashandisi uye nekushandisa iwo maturusi ekutonga maturusi ezviwanikwa zvakadai sezviwanikwa zvemushandisi. Iyo microkernel haipe yakagadzirira-yakagadzirwa-yepamusoro-nhanho yekumisikidza yekutarisira mafaera, maitiro, network yekubatanidza, nezvimwe zvakadaro; pachinzvimbo, inongopa mashoma maitiro ekudzora kuwana kwenzvimbo kero kero, kukanganisa, uye processor zviwanikwa. High-level abstractions uye madhiraivha ekudyidzana nehardware anoitwa zvakasiyana pamusoro peiyo microkernel muchimiro chemushandisi-chikamu mabasa. Kuwanikwa kwemabasa akadaro kune zviwanikwa zviripo kune microkernel zvakarongwa kuburikidza nekutsanangurwa kwemitemo.
Kuti uwedzere dziviriro, zvese zvikamu kunze kweiyo microkernel zvakagadziridzwa muRust uchishandisa akachengeteka hurongwa hwekugadzirisa izvo zvinoderedza zvikanganiso zvendangariro zvinotungamira kumatambudziko akadai sekuwana ndangariro mushure mekusunungura, null pointer dereferences, uye buffer overruns. Chikumbiro chinotakura munzvimbo yeSeL4, masevhisi ehurongwa, dhizaini yekuvandudza application, API yekuwana masystem ekufona, process maneja, dhizaini yekugovera ndangariro, nezvimwe zvakanyorwa muRust. Kugungano rakasimbiswa, iyo CAmkES toolkit, yakagadzirwa neseL4 purojekiti, inoshandiswa. Zvikamu zveCAmkES zvinogonawo kugadzirwa muRust.
Rust inomanikidza kuchengetedza ndangariro panguva yekuunganidza kuburikidza nereferensi yekutarisa, muridzi wechinhu uye chinhu chehupenyu hwese tracking (scopes), uye nekuongorora iko kurongeka kwendangariro kunowanikwa panguva yekumhanya. Ngura inopawo dziviriro kubva pahuwandu hwekufashukira, inoda kuti hunhu hwakasiyana hutange husati hwashandiswa, inoshandisa pfungwa yezvisingachinjiki mareferensi uye zvinosiyana nekusarudzika, uye inopa yakasimba static typing kuderedza zvikanganiso zvine musoro.
Source: opennet.ru