I-Google yethule i-Open Se Cura hardware kanye nesistimu yesofthiwe, okuhloswe ngayo ukwenza lula ukudalwa kwama-chips avikelekile aklanyelwe ukuxazulula izinkinga ezihlobene nokufunda komshini kanye nobuhlakani bokwenziwa. Le phrojekthi ihlanganisa isistimu yokusebenza ye-CantripOS kanye nezingxenyekazi zekhompuyutha ezisekelwe ku-OpenTitan kanye ne-processor core esekelwe ekwakhiweni kwe-RISC-V. Ngesikhathi kuthuthukiswa i-Open Se, i-Cura ne-CantripOS zathuthukiswa ngaphansi kwamagama u-Sparrow ne-KataOS, kodwa ukuze kugwenywe ukunqwabelana namanye amaphrojekthi, imikhiqizo yokugcina yaqanjwa kabusha. Intuthuko yephrojekthi, okuhlanganisa ikhodi yomthombo yamasevisi esistimu nezikimu ze-RTL (Register Transfer Level), zisatshalaliswa ngaphansi kwelayisensi ye-Apache 2.0.
Uhlelo lokusebenza lwe-CantripOS lusekelwe ku-seL4 microkernel, phezu kwayo lapho kusetshenziswa indawo yesistimu ebhalwe ngolimi lwe-Rust. Ezinhlelweni ze-RISC-V, ubufakazi bezibalo bokwethembeka bunikezwa imakhrokernel ye-seL4, okubonisa ukuthi ikhodi ithobelana ngokugcwele nezicaciso ezicaciswe olimini olusemthethweni. Isakhiwo se-seL4 siyaphawuleka ngokuhambisa izingxenye zokuphatha izinsiza ze-kernel endaweni yomsebenzisi nokusebenzisa amathuluzi okulawula ukufinyelela afanayo ezinsizeni ezifana nezisetshenziswa zomsebenzisi.
I-microkernel ayihlinzeki ngezifinyezo esezilungile ezenziwe ngezinga eliphezulu zokuphatha amafayela, izinqubo, uxhumo lwenethiwekhi, nokunye okunjalo; esikhundleni salokho, inikeza izindlela ezincane kuphela zokulawula ukufinyelela endaweni yekheli lendawo, iziphazamiso, nezinsiza zokucubungula. Izifinyezo ezisezingeni eliphezulu nezishayeli zokusebenzelana nehadiwe zisetshenziswa ngokuhlukene phezu kwe-microkernel ngendlela yemisebenzi yezinga lomsebenzisi. Ukufinyelela kwemisebenzi enjalo ezinsizeni ezitholakala ku-microkernel kuhlelwa ngencazelo yemithetho.
Zonke izingxenye ze-OS, ngaphandle kwe-microkernel, ekuqaleni zibhalwe ku-Rust kusetshenziswa amasu okuhlela aphephile anciphisa amaphutha lapho usebenza ngenkumbulo. Phakathi kwezinye izinto, isilayishi sohlelo lokusebenza endaweni ye-seL4, izinsizakalo zesistimu, uhlaka lokuthuthukisa uhlelo lokusebenza, i-API yokufinyelela amakholi wesistimu, umphathi wenqubo, kanye nendlela yokwaba inkumbulo eguquguqukayo kubhalwe ku-Rust.
Umhlangano oqinisekisiwe usebenzisa ikhithi yamathuluzi ye-CAmkES, ethuthukiswe iphrojekthi ye-seL4. Ukuze kuthuthukiswe izinhlelo zokusebenza ezingalayishwa ngamandla ngamasevisi esistimu, kuhlongozwa ukuthi kusetshenziswe i-AmbiML SDK, kanye nekhithi yamathuluzi ye-IREE (Intermediate Representation Execution Environment) ukuze kuqalise amamodeli okufunda omshini. Izingxenye zokugqwala nezinsizakalo zesistimu zithuthukiswa kusetshenziswa izinhlaka zeCantrip.
Phakathi kwezindawo zokusetshenziswa kwesikhulumi, ama-chips akhethekile ashiwo adinga izinga elikhethekile lokuvikela nokuqinisekiswa kokungabikho kokwehluleka. Isibonelo, inkundla ingasetshenziswa emikhiqizweni yokufunda yomshini ehlobene nokucutshungulwa kolwazi oluyimfihlo, njengamasistimu okubona abantu nokucubungula ukurekhodwa kwezwi. Ukuhlanganisa i-kernel yesistimu yokusebenza eqinisekisiwe ngokunengqondo nezingxenye ze-hardware ezithembekile (I-Root of Trust) kuqinisekisa ukuthi uma ingxenye eyodwa yesistimu ihluleka, ukwehluleka ngeke kusabalale kulo lonke uhlelo futhi, ikakhulukazi, ku-kernel nezingxenye ezibucayi.
Ngaphezu kwe-Google, inhlangano engenzi nzuzo i-lowRISC, eyengamele ukuthuthukiswa kwe-microprocessor yamahhala esekelwe ekwakhiweni kwe-RISC-V, kanye nezinkampani ze-Antmicro ne-VeriSilicon, zibambe iqhaza ekuthuthukisweni kwamathuluzi nezinto zengqalasizinda. Iphrosesa eyakhiwe yi-lowRISC yasetshenziswa njengomnyombo wokwakha izingxenye zehadiwe ezithembekile (Root of Trust). I-Antmicro inikeze iphrojekthi nge-Renode simulator eyivumela ukuthi ihlole i-CantripOS kanye ne-seL4 microkernel ngaphandle kwehadiwe yangempela. I-VeriSilicon yabelane ngolwazi lwayo emkhakheni wokwenziwa kwe-chip kanye nokuthuthukiswa kwe-BSP (Iphakheji Lokusekela Ibhodi).
Source: opennet.ru
