Lmst

Munal OS ∴

An experimental operating system fully written in Rust, with a unikernel design, cooperative scheduling and a security model based on WASM sandboxing.

https://github.com/Askannz/munal-os

#rust #wasm #osdev #unikernel

Unikernel Linux (UKL) (2023)

https://dl.acm.org/doi/10.1145/3552326.3587458

#HackerNews #Unikernel #Linux #UKL #2023 #virtualization #unikernels #techinnovation

People sometimes ask which #unikernel we actively use (as proof of our work). Currently, https://paste.osau.re is a unikernel in #OCaml, and it has been running (without interruption) for over a year. Feel free to use this service (free of charge) to share code snippets, and if you like what we do, you can sponsor us via GitHub (https://github.com/sponsors/robur-coop).

🚀🤡 "Breaking news: some geniuses put #Chromium on a #unikernel, because why not make web browsing even more existentially confusing? Meanwhile, #GitHub still insists that #AI can fix everything, except maybe their own navigation menu. 🤖✨"
https://github.com/onkernel/kernel-images #WebBrowsing #TechNews #HackerNews #ngated

We Put Chromium on a Unikernel (OSS Apache 2.0)

https://github.com/onkernel/kernel-images

#HackerNews #Chromium #Unikernel #OSS #Apache2.0 #TechNews #OpenSource

Meet Mollymawk, our web UI for orchestrating #MirageOS unikernels, funded by NLnet @NGIZero https://blog.robur.coop/articles/mollymawk-first-milestone.html #OCaml #unikernel

I did few works for these days to be able to build-up an #unikernel with #OCaml 5 and #effects (via miou-solo5: https://github.com/robur-coop/miou-solo5). And now, the unikernel can respond to (a simple Hello World!) 🎉 with µTCP (https://github.com/robur-coop/utcp) it's a great achievement!

I didnt know #Nanovms had ported #OpenBSD pledge / unveil to their #unikernel

That's pretty cool

https://nanovms.com/dev/tutorials/applying-sandbox-security-node-js-unikernels-openbsd-pledge-unveil

til #mirageos unikernel can have muen separation kernel as a target
Is there such a #unikernel written in #rust ?
#Ocaml

https://github.com/RyanGibb/hillingar/blob/fc15f4d8f8795d726439590272b65414a4c3dbaf/src/mirage.nix#L120
cc @hannesm

i'm really proud of my team at #prisma today, we're launching some very cool tech

#postgres #postgresql #yetAnotherServerlessPostgres #unikernel #unikraft

Diagram of traditional Postgres deployment layers vs. Prisma Postgres deployment on a unikernel.

Traditional (bottom to top): Hardware → virtualization → monolithic kernel → operating system → third-party libs → Postgres extensions → Postgres

Unikernel: Hardware → virtualization → Postgres unikernel

OSv is the open-source versatile modular #unikernel designed to run unmodified Linux applications securely on micro-VMs in the cloud. https://osv.io

My conference at #ICFP2024 about Bob was just published here: https://www.youtube.com/watch?v=COmi9e7wHtI&ab_channel=ACMSIGPLAN It's a simple tool to transfer files in #OCaml and an #unikernel. It is also an actually portable executable, thanks to #Cosmopolitan. It's available here: https://bob.osau.re/

https://github.com/solo-io/unik?tab=readme-ov-file
#cool #golang #unikernel

https://github.com/cloudius-systems/osv
#unikernel #cool #C #CPP

Unikernels on the other hand don’t have system calls. They only have function calls. For an attacker this means they’ll have to know the exact memory layout of your application in order to invoke the operating system. You’ll need to know the exact 64 bit address of the function you’re invoking. Good luck guessing that address. Our own unikernel, IncludeOS, randomizes addresses at each build, so even with access to source code you still don’t know the memory layout.
#IBM research has spearheaded a new effort with their ukvm project. Ukvm is a replacement for QEMU specifically built for unikernels. Solo5 provides a framework for unikernels to boot a VM that is backed by ukvm instead of QEMU. Both IncludeOS and #MirageOS are already capable of booting using the Solo5 core and efforts are underway to port HaLVM to Solo5/ukvm. The Muen Separation Kernel also has a Solo5 port and it’ll be exciting to see if the more traditional operating systems will follow suit.
I found a syscall shim for it
https://github.com/unikraft/unikraft/tree/staging/lib/syscall_shim
#Unikernel
http://unikernel.org/blog/2017/unikernels-are-secure

any yall worked with unikraft? it looks so sick, but it cant be *that* easy to create unikernels can it?

https://unikraft.org
https://github.com/unikraft

#unikraft #unikernel

Pleased to announce our latest project DNSvizor https://blog.robur.coop/articles/dnsvizor01.html funded by #NGI0_entrust #nlnet @NGIZero @nlnet #MirageOS #OCaml #DNS #DHCP #unikernel

We wrote some history of runtime arguments in MirageOS - the last decade of hello world https://blog.robur.coop/articles/arguments.html #MirageOS #OCaml #unikernel https://asciinema.org/a/681922

#sydbox-3.27.0 has been released! This release adds support to set secure-execution mode (aka AT_SECURE) and IP blocklists which can be used to build application level firewalls. #sydbox is a rock-solid #unikernel to #sandbox apps on #Linux >=5.19 written in #rustlang: https://is.gd/syd_3_27_0 #exherbo

What is the collective noun for a group of unikernels?

#mirage #ocaml #unikernel

#Unikernel

Client Info