Capability-based IPC on Linux

Session information has not yet been published for this event.

*
Refereed Presentation
Scheduled: Friday, November 4, 2016 from 2:45 – 3:30pm in Sweeney F

One Line Summary

Introducing bus1, a capability based IPC on linux.

Abstract

The majority of IPC used across most operating systems today uses
capability-based security. This includes Android (Binder), macOS (Mach IPC),
Solaris (Doors), Windows (COMM, et al.), seL4, and more. Despite the wide-spread
adoption, common linux distributions never provided native support for
capability-based IPC. The bus1 project is an attempt to change this.

Bus1 provides capability based IPC by defining and implementing a distributed
object model. It allows local processes to send messages to objects owned by
remote processes, as well as share their own objects with others. Only the
transport layer is defined, marshaling is completely left to the application.

While bus1 emerged out of the kdbus project, it was written from scratch and
designed as a universally applicable IPC system. It is in no way tied to DBus,
but developed as standalone project. However, there are efforts to
make use of bus1 in DBus environments and allow existing user-space to co-exist
with possible bus1 users.

This talk will outline the needs for capability based IPC, describe the design
and implementation of bus1, and compare it to existing solutions like Binder. On
a final note, we will have a look at how to employ bus1 in existing user-space
with a smooth transition.

Presentation Materials

slides

Speakers

  • Tom Gundersen

    Red Hat

    Biography

    Tom Gundersen is a software engineer at Red Hat working on the plumbing layer. He started the networkd project within systemd, and works on device management, network configuartion and more recently IPC, both in userspace and the kernel.

  • David Herrmann

    Red Hat

    Biography

    David Herrmann is a software engineer at Red Hat working on the linux kernel and surrounding userland. In the past he has worked on the HID, Bluetooth, and DRM subsystems, as well as on replacing the ancient VT layer of the kernel. Today he spends most of his time hacking on IPC systems and modernizing DBus transports with projects like kdbus and bus1.

Leave a private comment to organizers about this proposal