overview of agl the floss embedded secured os based on
play

Overview of AGL the FLOSS embedded secured OS based on linux 9th - PowerPoint PPT Presentation

May 31, 2023 •25 likes •1.03k views

Overview of AGL the FLOSS embedded secured OS based on linux 9th October 2018 Jos Bollo Security Technical Lead jose.bollo@iot.bzh IoT.bzh LORIENT October 2015 Stphane Manuel Fulup Yannick Jos Mostly dedicated to AGL vannes

  1. Overview of AGL the FLOSS embedded secured OS based on linux 9th October 2018 José Bollo Security Technical Lead jose.bollo@iot.bzh

  2. IoT.bzh LORIENT October 2015 Stéphane Manuel Fulup Yannick José ● Mostly dedicated to AGL vannes ● https://iot.bzh/en/ ● http://github.com/iotbzh October 2018 9th October 2018 overview of AGL, FLOSS embedded secured OS 2

  3. Overview of AGL system 9th October 2018 overview of AGL, FLOSS embedded secured OS 3

  4. AGL 6.0 Funky Flounder DASHBOARD HOMESCREEN LAUNCHER MEDIAPLAYER HVAC MIXER AGL applications SETTINGS RADIO NAVI PHONE POI ... AGL framework windowmanager persistence mediascanner SystemD weather low-can bluetooth AGL services network nfc homescreen geoclue mediaplayer unicens identity audio-4a ... bluez geoclue gstreamer upstream services (pulseaudio) Network-Manager ... LINUX KERNEL 9th October 2018 overview of AGL, FLOSS embedded secured OS 4

  5. Micro service architecture APPLICATION Applications and services are running isolated one another by Services are their smack security context like applications A SECURITY CONTEXT inter SERVICE APPLICATION connection network dbus, ws, bus1, tls, B C SECURITY SECURITY ... CONTEXT CONTEXT The communication between applications is controlled by policy (framework, fjrewall, SERVICE gateway, OAuth, openid connect) D Access to service features is controlled SECURITY CONTEXT by permission enforcement mechanism (cynara, OAuth) 9th October 2018 overview of AGL, FLOSS embedded secured OS 5

  6. Mechanisms of security ● Mandatory Access Control with SMACK – S imple M andatory A ccess C ontrol K ernel – Strong isolation of kernel objects (files, sockets) ● Network firewall and filtering – Using netherd and netfilter ● Permission database cynara – Filtering permission – User consent mechanism ● User credential management – Oauth and OpenID Connect 9th October 2018 overview of AGL, FLOSS embedded secured OS 6

  7. Global view of security Access Control provides operations to control accesses +has_access() NSBAC PBAC DAC MAC NameSpace Based Permission Based Discretionary Mandatory Access Access Control Access Control Access Control Control (containers) LINUX KERNEL SMACK ACL CYNARA Simple Mandatory Standard Linux Access Control Access Control Kernel 9th October 2018 overview of AGL, FLOSS embedded secured OS 7

  8. Mechanisms of security Legitimate application BlackHat application GRANTED DENIED Smack linux LINUX KERNEL security module helps to protect system resources System resource The permission DENIED GRANTED database Cynara helps to protect services Protected Service 9th October 2018 overview of AGL, FLOSS embedded secured OS 8

  9. Permission checking : CLIENT : SOLUTION : SERVICE CONNECT Subject to permission to connect to the service INVOKE METHOD Subject to permission to invoke the METHOD of the service return from INVOKE Subject to permission SIGNAL EVENT to receive EVENT of the service 9th October 2018 overview of AGL, FLOSS embedded secured OS 9

  10. Permission and composition of services Policy for Y is: requires permission P <<depends>> <<depends>> X : SERVICE Y : SERVICE : SOLUTION : CLIENT About permission P, the policy for X is either: - P is required by transitivity - P is a hidden requirement of X AGL framework takes care of composition of permissions. Under control of strict policy, it allows some services to run with the context of their clients, behaving as their client. 9th October 2018 overview of AGL, FLOSS embedded secured OS 10

  11. Links ● Doc: http://docs.automotivelinux.org/ ● Wiki: https://wiki.automotivelinux.org/ ● More: https://iot.bzh/en/publications 9th October 2018 overview of AGL, FLOSS embedded secured OS 11

  12. Overview of LSM SMACK 9th October 2018 overview of AGL, FLOSS embedded secured OS 12

  13. Short overview ● The author of Smack is mainly Casey Schaufler. ● In Linux since kernel 2 6 25 – 17 April 2008 – as a LSM (Linux Security Module) ● Use extended file attributes to store data related to files (like SELinux). ● Controlled via a filesystem interface: smackfs. ● Controls accesses of processes to files, IPC, sockets and processes (ptrace, signals, ...). ● Controls CIPSO labelled IPV4 packets ● Integrated in systemd 9th October 2018 overview of AGL, FLOSS embedded secured OS 13

  14. The Smack rules ● Smack's rules have 3 items: Simple !!! – the subject's label – the object's label – the access System User rwx This rule tells to allow read , write and execute access to objects labeled User for the processes labeled System . What are labels? What are subjects? What are objects? How to set? 9th October 2018 overview of AGL, FLOSS embedded secured OS 14

  15. The Smack vocabulary ● Labels are just text (of valid ASCII characters) without any special meaning: they are compared to equality (case sensitive: a≠A). ● Subjects are running processes: any running process has a smack label. ● Objects are files , IPC , sockets , processes . ● The label of a running process is called its security context . – Commands id, ps (option -Z or -M), ls (option -Z) are prompting contexts processes and files. ● The grantables access modes are: read (r), write (w), execute (x), append (a), lock (l), transmute (t), bringup (b). 9th October 2018 overview of AGL, FLOSS embedded secured OS 15

  16. Setting Smack How to set context? You can't! Except if you have the capability CAP_MAC_ADMIN. # chsmack --access label fjle # echo -n label > /proc/$$/attr/current How to set rules? You can only reduce accesses for the current thread (inherited by cloning). But if you have the capability CAP_MAC_ADMIN, you can change all rules. # echo “subject object rwt” > /sys/fs/smackfs/load-self2 # echo “subject object rwt” > /sys/fs/smackfs/load2 # echo “subject object rwt” | smackload 9th October 2018 overview of AGL, FLOSS embedded secured OS 16

  17. Evolutions of Smack ● The author of Smack is mainly Casey Schaufler. ● In Linux since kernel 2 6 25 – 17 April 2008 – as a LSM (Linux Security Module) ● Evoluting since this first days. – Lock access mode (kernel 3.13) – Support for multi-rule write to load2 and change-rule (kernel 3.12) – Maximum value for CIPSO category change from 63 to 184 (kernel 3.12) – Longer Smack labels (24->255) and recursive transmute (kernel 3,5) – Transmute access mode (kernel 2.6.38) – Bringup mode – Netlabel filtering 9th October 2018 overview of AGL, FLOSS embedded secured OS 17

  18. Smack links ● Kernel doc: https://www.kernel.org/doc/html/latest/admin-g uide/LSM/Smack.html ● User space tools: https://github.com/smack-team/smack ● 9th October 2018 overview of AGL, FLOSS embedded secured OS 18

  19. Overview of CYNARA permission database 9th October 2018 overview of AGL, FLOSS embedded secured OS 19

  20. cynara ● Cynara is a permission database ● Cynara was introduced in 2014 by Samsung for Tizen’s management of permissions – It was a response to the insane growth of smack rules ● Was introduced as an alternative to Polkit that was to slow ● This defines Tizen 3 versus previous Tizens ● The main promoter and contributor is Samsung Poland 9th October 2018 overview of AGL, FLOSS embedded secured OS 20

  21. The cynara rules The 4-uple of values is checked DENIED client session user permission OTHER (ASK, ...) GRANTED ● The client is the requesting process identifjed by its Smack label ● The session is supposed to identify the one session of the client ● The user is the requesting user as identifjed by DAC ● The permission is the permission that is tested client, session, user and permission are text strings 9th October 2018 overview of AGL, FLOSS embedded secured OS 21

  22. cynara HVAC The application HVAC runs with security label User::App::HVAC Request issued over UNIX Domain Socket The low-can service get the credentials of its client using low-can getsockopt ( SO_PEERCRED & SO_PEERSEC ) (getsockopt is a C function) cache Request cynara authorisation for User::App::HVAC PID UID PERM or if known User::App::HVAC SESSION-ID USER-ID PERM Caching is possible to avoid request The server cynara checks whether a rule allows the request cynara Issue with NAND memory (limited write cycle) => specifjc optimizations 9th October 2018 overview of AGL, FLOSS embedded secured OS 22

  23. cynara For some queries, the A t t e n t i o n A t t e n t i o n server cynara may ask an “agent” to give or not The application HVAC HVAC requires permission to change requires permission to change The application the authorization temperature. temperature. Do you accept? Do you accept? Yes forever Yes now Not now Never Yes forever Yes now Not now Never ... Example 1 An agent can ask the user cynara Session manager Example 2 An agent can ask the session manager agent agent agent agent 9th October 2018 overview of AGL, FLOSS embedded secured OS 23

  24. Cynara, comparison 9th October 2018 overview of AGL, FLOSS embedded secured OS 24

  25. Cynara, comparison HVAC low-can cache cynara agent 9th October 2018 overview of AGL, FLOSS embedded secured OS 25

Recommend

From the idea to the prototype using FLOSS Arnaud Ferraris arnaud.ferraris@collabora.com

From the idea to the prototype using FLOSS Arnaud Ferraris arnaud.ferraris@collabora.com

From the idea to the prototype using FLOSS Arnaud Ferraris arnaud.ferraris@collabora.com 02/03/2019 1 Who am I? Software Engineer at Collabora Low-level development (kernel, bootloader, base system * ) Embedded software

246 views • 22 slides
IoT Projects in FLOSS Foundations Dashboard https://iotfloss.bitergia.net/ A dashboard based on

IoT Projects in FLOSS Foundations Dashboard https://iotfloss.bitergia.net/ A dashboard based on

IoT Projects in FLOSS Foundations Dashboard https://iotfloss.bitergia.net/ A dashboard based on communities data v0.1 Alvaro del Castillo &lt;adelcastillo@thingso2.com&gt; Valerio Cosentino &lt;valcos@bitergia.com&gt; https://thingso2.com

618 views • 44 slides
Secured Mortgage Income Fund Are your investments secured and predictable? Fund Mandate u To

Secured Mortgage Income Fund Are your investments secured and predictable? Fund Mandate u To

Secured Mortgage Income Fund Are your investments secured and predictable? Fund Mandate u To provide investors with consistent monthly income secured by real property mortgages that are prudently written to safeguard capital. u Statesman Capital

572 views • 20 slides
Implementing DNNs What this lecture is about: on Embedded Overview of frameworks for

Implementing DNNs What this lecture is about: on Embedded Overview of frameworks for

This lecture Implementing DNNs What this lecture is about: on Embedded Overview of frameworks for implementing DNNs with hardware acceleration on GPU-based embedded platforms A deep dive into TensorRT , the state-of-the-art

367 views • 10 slides
HW/SW Codesign w/ FPGAs Embedded Systems ECE 495/595 Overview (Slides from Embedded Systems

HW/SW Codesign w/ FPGAs Embedded Systems ECE 495/595 Overview (Slides from Embedded Systems

HW/SW Codesign w/ FPGAs Embedded Systems ECE 495/595 Overview (Slides from Embedded Systems Design, F. Vahid and T. Givargis) Embedded computing systems definition: Computing systems embedded within electronic devices. Hard to define

396 views • 26 slides
Model-based Design 182.721 VO Embedded Systems Engineering Armin Wasicek 6.12.2011 Overview

Model-based Design 182.721 VO Embedded Systems Engineering Armin Wasicek 6.12.2011 Overview

Model-based Design 182.721 VO Embedded Systems Engineering Armin Wasicek 6.12.2011 Overview Introduction System Theory Model Driven Architecture (MDA) MBD Development Environments Summary 10.12.2010 Model based Design 2

590 views • 40 slides
Graffjti A embedded graph database Sylvain Baubeau Sylvain Afchain Graffjti overview

Graffjti A embedded graph database Sylvain Baubeau Sylvain Afchain Graffjti overview

Graffjti A embedded graph database Sylvain Baubeau Sylvain Afchain Graffjti overview Originates from Skydive Embedded Event based Time traveling High availability Query language with extension support

587 views • 13 slides
Lessons for Secured Creditors Guidance for Secured Creditors on Lien Ride-Throughs After In re N.

Lessons for Secured Creditors Guidance for Secured Creditors on Lien Ride-Throughs After In re N.

Presenting a live 90-minute webinar with interactive Q&amp;A Lien Stripping in Chapter 11 Bankruptcy Cases: Lessons for Secured Creditors Guidance for Secured Creditors on Lien Ride-Throughs After In re N. New Eng. Tel. Operations WEDNESDAY,

510 views • 47 slides
Embedded Systems Engineering VO + LU Overview The module Embedded Systems Engineering is split

Embedded Systems Engineering VO + LU Overview The module Embedded Systems Engineering is split

Embedded Systems Engineering VO + LU Overview The module Embedded Systems Engineering is split in 2 parts: Lectures: ESE VO (182.721) ECTS: 3.0 Web: http://ti.tuwien.ac.at/rts/teaching/courses/esevo Staff: Prof. Radu Grosu,

859 views • 7 slides
Networked Embedded Systems Ezio Bartocci Overview Networked Embedded Systems (182.717): 6 weeks

Networked Embedded Systems Ezio Bartocci Overview Networked Embedded Systems (182.717): 6 weeks

Networked Embedded Systems Ezio Bartocci Overview Networked Embedded Systems (182.717): 6 weeks for semester ECTS: 6.0 Web: http://ti.tuwien.ac.at/rts/teaching/courses/networked-embedded-systems Type: Lessons (VU Vorlesung) with

700 views • 20 slides
People are our most important asset Why Organizational or Corporate Culture in FLOSS

People are our most important asset Why Organizational or Corporate Culture in FLOSS

People are our most important asset Why Organizational or Corporate Culture in FLOSS Organisations Matters! By Anne stergaard aoe@gnome.org Member of The GNOME Foundation Board. Presented at KDE - aKademy 2007 in Glasgow. Content 1.

573 views • 29 slides
4TU MASTER EMBEDDED SYSTEMS Bert Molenkamp 19/03/2020 Master Embedded Systems 1 Table of

4TU MASTER EMBEDDED SYSTEMS Bert Molenkamp 19/03/2020 Master Embedded Systems 1 Table of

4TU MASTER EMBEDDED SYSTEMS Bert Molenkamp 19/03/2020 Master Embedded Systems 1 Table of contents What is an embedded system Examples of research topics Admission Overview of the programme Success rates Master Embedded

814 views • 31 slides
SMT-Based Bounded Model Checking for Embedded ANSI-C Software for Embedded ANSI-C Software

SMT-Based Bounded Model Checking for Embedded ANSI-C Software for Embedded ANSI-C Software

SMT-Based Bounded Model Checking for Embedded ANSI-C Software for Embedded ANSI-C Software Lucas Cordeiro, Bernd Fischer, Joao Marques-Silva b.fischer@ecs.soton.ac.uk Bounded Model Checking (BMC) Basic Idea: check negation of given property

957 views • 33 slides
The Flyover Video The Campus Overview Video Abbi Agency Full Harvest Secured IT

The Flyover Video The Campus Overview Video Abbi Agency Full Harvest Secured IT

The Flyover Video The Campus Overview Video Abbi Agency Full Harvest Secured IT Solutions Aconverge GOED SLAM Energy Software Airline 4.0 Green Our Planet SWX Technologies Banjo

568 views • 33 slides
Embedded PC The modular Industrial PC for mid-range control Embedded PC 1 Embedded OS

Embedded PC The modular Industrial PC for mid-range control Embedded PC 1 Embedded OS

Embedded PC The modular Industrial PC for mid-range control Embedded PC 1 Embedded OS Operating Systems Major differences Details XPE / CE Embedded PC 2 The Windows Embedded OS family The modular, real The modular, real- -time

611 views • 22 slides
Product-Term Based Synthesizable Embedded Programmable Logic Cores Andy Yan, Dr. Steven Wilton

Product-Term Based Synthesizable Embedded Programmable Logic Cores Andy Yan, Dr. Steven Wilton

Product-Term Based Synthesizable Embedded Programmable Logic Cores Andy Yan, Dr. Steven Wilton SoC Research Lab, University of British Columbia Vancouver, BC Canada Overview of Contributions Propose new architectural family for

355 views • 16 slides
Algorithms for embedded graphs Sergio Cabello University of Ljubljana Slovenia (based on work

Algorithms for embedded graphs Sergio Cabello University of Ljubljana Slovenia (based on work

Algorithms for embedded graphs Sergio Cabello University of Ljubljana Slovenia (based on work by/with several people) Nancy 2015 Sergio Cabello Embedded graphs Outline Topology and graphs on surfaces Algorithmic problems in embedded

617 views • 51 slides
A safety concept for a wind power mixed-criticality embedded system based on multicore

A safety concept for a wind power mixed-criticality embedded system based on multicore

A safety concept for a wind power mixed-criticality embedded system based on multicore partitioning Jon Perez, David Gonzalez, Salvador Trujillo Ton Trapman, Jose Miguel Garate Embedded Systems Group Software and Performance Ik4-IKERLAN

330 views • 6 slides
High-performance FLOSS tooling for DPA Ilya Kizhvatov Digital Security group Joint work with

High-performance FLOSS tooling for DPA Ilya Kizhvatov Digital Security group Joint work with

High-performance FLOSS tooling for DPA Ilya Kizhvatov Digital Security group Joint work with Cees-Bart Breunesse (Riscure North America) CRYPTACUS workshop, Nijmegen, 2017-11-17 Main points In many applications, attack time and not the

386 views • 10 slides
FLOSS Tools for High Level Synthesis Integrating the FPGA into the Operating System Javier D.

FLOSS Tools for High Level Synthesis Integrating the FPGA into the Operating System Javier D.

FLOSS Tools for High Level Synthesis Integrating the FPGA into the Operating System Javier D. Garcia Lasheras GL Research (Spain) jgarcia@gl-research.com FOSDEM 2017 State of the Art A new generation of algorithms demanding for extreme

284 views • 13 slides
A c c e l e r a t e y o u r d e v e l o p m e n t Real Embedded company; 150 employees

A c c e l e r a t e y o u r d e v e l o p m e n t Real Embedded company; 150 employees

A c c e l e r a t e y o u r d e v e l o p m e n t Real Embedded company; 150 employees 120+ embedded software developers 20+ FPGA designers 10+ board designers Founded in 1996, privately owned Dutch based company, with

140 views • 13 slides
Libre (FLOSS) Software for Bike Collective Shops The purpose of this workshop is to gently

Libre (FLOSS) Software for Bike Collective Shops The purpose of this workshop is to gently

Libre (FLOSS) Software for Bike Collective Shops The purpose of this workshop is to gently introduce the audience to the current state of Free Software designed specifically for the operation of Community Bike Shops. After discussing why

1.09k views • 65 slides
Libre (FLOSS) Software for Bike Collective Shops The purpose of this workshop is to gently

Libre (FLOSS) Software for Bike Collective Shops The purpose of this workshop is to gently

Libre (FLOSS) Software for Bike Collective Shops The purpose of this workshop is to gently introduce the audience to the current state of Free Software designed specifically for the operation of Community Bike Shops. After discussing why

507 views • 40 slides
Introduction to Embedded Systems Introduction to Embedded Systems CS/ECE 6780/5780 CS/ECE

Introduction to Embedded Systems Introduction to Embedded Systems CS/ECE 6780/5780 CS/ECE

Introduction to Embedded Systems Introduction to Embedded Systems CS/ECE 6780/5780 CS/ECE 6780/5780 Al Davis Al Davis Todays topics: logistics - minor synopsis of last lecture software desig finite state machine based

466 views • 19 slides

More recommend