1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
| | = Architecture
:page-parent: Explanation
// SPDX-FileCopyrightText: 2022 Unikie
// SPDX-License-Identifier: GFDL-1.3-no-invariants-or-later OR CC-BY-SA-4.0
== Introduction
Spectrum operating system stack is based on the principle of security by
compartmentalization. The high level system stack is illustrated in the
following diagram.
image::diagrams/stack.svg[]
=== Kernel space
In the stack, kernel space security by compartmentalization is supported with
linux kernel that includes kernel-based virtual machine (KVM) module enabling
the kernel to work as virtual-machine manager, hypervisor. The kernel-side
hypervisor supports virtualization of hardware resources - computational cores,
memory and devices - securely. User space virtual machine guests are managed
with cloud-hypervisor. Linux with KVM also supports portability to several
hardware architectures. Currently Spectrum is supported only on x86_64 but ARM64
is under work. In addition, hardened kernel will be investigated.
=== Host user space
This section provides high level overview of host user space tools and
libraries.
User space stack is build on musl standard C library with
https://www.etalabs.net/compare_libcs.html[added safety on resource exhaustion
and security hardening on memory allocation].
https://skarnet.org/software/s6-rc/overview.html[s6-rc] service manager is used
for services. kmod, util-linux and busybox are provided for essential system
administration.
https://github.com/cloud-hypervisor/cloud-hypervisor[cloud-hypervisor] is a host
tooling for virtual machine management, written in Rust with a strong focus on
security.
Wayland refers to whole display stack providing communication with compositor
(weston) for desktop services, including libraries and drivers for direct
rendering and event devices. Clients are implemented as application virtual
machines (see next section). Minimal host provides only Wayland terminal client,
foot. Wayland, a simpler and more secure, protocol for compositor could provide
support for legacy X applications as well but as of now none are provided.
https://wayland.freedesktop.org/architecture.html[Wayland architecture] is well
documented here.
=== Application and system virtual machines
Security by compartmentalization in Spectrum is implemented with virtual
machines. Virtual machines currently launch using terminal and support only
virtio-console. Wayland graphics support for appvms is under work. Please refer
to xref:running-vms.html[running VMs] for more
information.
Reference set of virtual machines includes system machine, netvm, and
application VMs, appvm-catgirl and appvm-elinks. Please refer to
xref:creating-vms.html[creating VMs] for more
information.
== Details of Spectrum dependency tree
High level overview of Spectrum stack is limited view to the system. For
detailed, interactive view to dependencies please use `nix-tree` under the
spectrum repository:
`nix-build img/live -I
nixpkgs=https://spectrum-os.org/git/nixpkgs/snapshot/nixpkgs-rootfs.tar.gz
--no-out-link | xargs -o nix-tree`
https://diode.zone/w/8DBDQ6HQUe5UUdLkpDuL35[See video of Spectrum live image
interactive analysis with nix-tree]
|