redox issueshttps://gitlab.redox-os.org/redox-os/redox/-/issues2024-03-26T06:13:11Zhttps://gitlab.redox-os.org/redox-os/redox/-/issues/1435Add driver customization2024-03-26T06:13:11ZRibbonAdd driver customizationDrivers are the most big part of an operating system and the average computer only use some of them.
This proposal is to add or remove individual drivers from a filesystem image (`config/*.toml`) by using this syntax:
```toml
[drivers]...Drivers are the most big part of an operating system and the average computer only use some of them.
This proposal is to add or remove individual drivers from a filesystem image (`config/*.toml`) by using this syntax:
```toml
[drivers] # A new section for driver entries
driver1 = {}
driver2 = {}
#driver3 = {} # Disabled driver
driver4 = "none" # Another way to disable a driver (if necessary)
```https://gitlab.redox-os.org/redox-os/redox/-/issues/1433Port OpenSSL 32024-03-01T20:09:13ZRibbonPort OpenSSL 3It's necessary to run many programs.It's necessary to run many programs.https://gitlab.redox-os.org/redox-os/redox/-/issues/1430Orbital improvements2024-02-17T20:02:36ZRibbonOrbital improvementsThis tracking issue will cover the future Orbital desktop environment improvements.
- [ ] Serialize the Orbital settings to a TOML file (Orbital should watch for variable changes on this configuration file)
- [ ] Mimic the COSMIC Deskto...This tracking issue will cover the future Orbital desktop environment improvements.
- [ ] Serialize the Orbital settings to a TOML file (Orbital should watch for variable changes on this configuration file)
- [ ] Mimic the COSMIC Desktop top bar and dock design in the launcher
- [ ] Spawn two panels, one for the top panel and other for the dock
- [ ] Add a variable option to change the dock size
- [ ] Add a variable option to hide the window title bar if its maximized
- [ ] Add a variable option to change the Orbital wallpaper (use the image path)
- [ ] Add a variable option to change the top bar position (top, bottom, left, right)
- [ ] Add a variable option to change the dock position (top, bottom, left, right)
- [ ] Add a variable option to change the keyboard map (use ISO codes)
- [ ] Add a variable option to allow the dock to hide
- [ ] Add a variable option to disable the dock
- [ ] Add a variable option to disable the top bar (move all indicators and buttons to the end of the dock, like KDE Plasma does)
- [ ] Add a variable options to change the keyboard shortcuts
- [ ] Add a button in the dock to minimize all windows
- [ ] Add an top bar indicator to show the volume settings
- [ ] Add a way to mute the sound each program in the "Sound" indicator
- [ ] Add a top bar indicator button to disable/enable the Internet
- [ ] Add a "Restart" button on the App Menu and Login Manager
- [ ] Add a "Shutdown" button on the App Menu and Login Manager
- [ ] Add a "Lock Session" button on the App Menu
- [ ] Add a variable option to change the orblogin wallpaper
- [ ] Add a variable option to change the key repeat speed
- [ ] Add a variable option to change the mouse cursor speed
- [ ] Add a variable option to change the "running program" indicator color on the dock
- [ ] Add a variable option to change the top bar color (use color codes)
- [ ] Add a variable option to change the dock color (use color codes)
- [ ] Add a variable option to change the window title bar color
- [ ] Add a variable option to add a gap around the top bar (the edges will be rounded)
- [ ] Allow the reordering of pinned programs with mouse on the dock
- [ ] Port COSMIC Settingshttps://gitlab.redox-os.org/redox-os/redox/-/issues/1429GUI porting2024-02-10T17:16:57ZRibbonGUI portingThis issue will cover the porting of the most common rendering toolkits and libraries to Orbital.
- [ ] GLEW
- [ ] GTK3
- [ ] GTK4
- [ ] Qt5
- [ ] Qt6
- [ ] wxWidgetsThis issue will cover the porting of the most common rendering toolkits and libraries to Orbital.
- [ ] GLEW
- [ ] GTK3
- [ ] GTK4
- [ ] Qt5
- [ ] Qt6
- [ ] wxWidgetshttps://gitlab.redox-os.org/redox-os/redox/-/issues/1427Wayland porting2024-01-23T20:45:03ZRibbonWayland portingThis issue will track how and what is needed to port Wayland to Redox.
The main difference between X11 and Wayland is the architecture and communication, on X11 you have a server and clients, on Wayland the server and client is one prog...This issue will track how and what is needed to port Wayland to Redox.
The main difference between X11 and Wayland is the architecture and communication, on X11 you have a server and clients, on Wayland the server and client is one program (the compositor), each Wayland compositor has the freedom to implement its rendering and input interfaces.
(In both display servers the user programs are clients)
### Porting Items
- [ ] Implement the Unix domain sockets
- [ ] Support for passing memfd or posix shared memory fd's over the socket
- [ ] Port libwayland
- [ ] Port cosmic-comp from COSMIC Desktop (Jeremy is doing that)
- [ ] Port Smithay
- [ ] Port wlroots (Sway and others)
- [ ] Port KWin from KDE Plasma
- [ ] Port Mutter from GNOMEhttps://gitlab.redox-os.org/redox-os/redox/-/issues/1419Implement an out-of-memory killer daemon2023-12-02T16:44:20ZRibbonImplement an out-of-memory killer daemonOn Linux you have two types of OOM killers, kernel and user-space, as the kernel OOM killer can be slow to act, most Linux distributions tend to use an user-space OOM killer, in most cases the systemd-oom daemon.
Our OOM killer daemon c...On Linux you have two types of OOM killers, kernel and user-space, as the kernel OOM killer can be slow to act, most Linux distributions tend to use an user-space OOM killer, in most cases the systemd-oom daemon.
Our OOM killer daemon could be called `oomkd` or `oomd`.
### References
- [system-oom](https://www.man7.org/linux/man-pages/man8/systemd-oomd.8.html) - Used in most Linux distributions.
- [earlyoom](https://github.com/rfjakob/earlyoom) - Proposed for Fedora.
- [bustd](https://github.com/vrmiguel/bustd) - An user-space OOM killer written in Rust.https://gitlab.redox-os.org/redox-os/redox/-/issues/1418Multiseat support2024-01-12T12:57:21ZRibbonMultiseat supportA [multiseat](https://en.wikipedia.org/wiki/Multiseat_configuration) device is a computer with multiple ports for multiple peripherals linked to independent users of the operating system.
This issue will cover the implementation of this...A [multiseat](https://en.wikipedia.org/wiki/Multiseat_configuration) device is a computer with multiple ports for multiple peripherals linked to independent users of the operating system.
This issue will cover the implementation of this use case.
### Conditions
- Each user files, processes and devices must be isolated from other users.
- An user can't read the framebuffer of other user.
- An user can't use a wrong device.
### Proposal
(Needs more brainstorming)
- Each "seat" is a workspace for a monitor and HID devices connected to a USB hub.
- Each monitor will have a TTY with a login screen (start `orblogin` if available).
- Follow the USB hub ports position to avoid wrong device allocation.
- Use the TTY number of the monitor to assign devices.https://gitlab.redox-os.org/redox-os/redox/-/issues/1416Add an option to ignore recipe errors2024-01-13T07:04:44ZRibbonAdd an option to ignore recipe errorsThis option will ignore a recipe error and build the next recipe of the Cookbook configuration (`make all` and `make rebuild` commands).
Currently the CI server only update the packages if all recipes compiled successfully, it's time co...This option will ignore a recipe error and build the next recipe of the Cookbook configuration (`make all` and `make rebuild` commands).
Currently the CI server only update the packages if all recipes compiled successfully, it's time consuming and could delay important updates on recipes.
This is equivalent to "delta updates" but for CI, only the successfully compiled programs will be updated on the package repository.
It could be implemented on the `.config` file and the Cookbook configuration.https://gitlab.redox-os.org/redox-os/redox/-/issues/1415Add a "ci.sh" bootstrap script for the CI server2023-11-08T17:24:04ZRibbonAdd a "ci.sh" bootstrap script for the CI serverThe current [bootstrap.sh](https://gitlab.redox-os.org/redox-os/redox/-/blob/master/bootstrap.sh?ref_type=heads) script contains packages to build the Redox base system and recipes on the [demo](https://gitlab.redox-os.org/redox-os/redox...The current [bootstrap.sh](https://gitlab.redox-os.org/redox-os/redox/-/blob/master/bootstrap.sh?ref_type=heads) script contains packages to build the Redox base system and recipes on the [demo](https://gitlab.redox-os.org/redox-os/redox/-/blob/master/config/x86_64/demo.toml?ref_type=heads) Cookbook configuration.
As Redox receive more recipes they require more build tools to be installed on the CI server, but the current script don't accept "non-demo recipes" dependencies.
The solution is to create a specific script to configure the CI server, it will be a reduced version of the `bootstrap.sh` script with:
- The command to install the Ubuntu/Debian packages (to build all recipes from Cookbook)
- The commands to download the Redox build system
- The command to install the Rust toolchain
- The command to enable a source-based toolchain
- The commands to build all Cookbook configurations and recipes
This will reduce the maintenance effort of the CI server, the script name can be `ci.sh`https://gitlab.redox-os.org/redox-os/redox/-/issues/1408Port cosmic-comp2024-01-13T07:57:18ZRibbonPort cosmic-comp[cosmic-comp](https://github.com/pop-os/cosmic-comp) is the most complete Rust-written Wayland compositor of the world, being Rust it become the most easy Wayland solution for us, because we already have upstream Redox support on many cr...[cosmic-comp](https://github.com/pop-os/cosmic-comp) is the most complete Rust-written Wayland compositor of the world, being Rust it become the most easy Wayland solution for us, because we already have upstream Redox support on many crates.https://gitlab.redox-os.org/redox-os/redox/-/issues/1407(Feature request) Automatic operating system detection on boot loader2023-10-25T17:39:39ZRibbon(Feature request) Automatic operating system detection on boot loaderDuring the Redox installation on HD/SSD the Redox boot loader will replace the active boot loader of any other OS, to improve our dual-boot support, we could automatically detect Windows, Linux and BSD installations on the disk and creat...During the Redox installation on HD/SSD the Redox boot loader will replace the active boot loader of any other OS, to improve our dual-boot support, we could automatically detect Windows, Linux and BSD installations on the disk and create menu entries for them, like GRUB does.
## UEFI case
UEFI boot loaders stay in a FAT32 partition, thus our boot loader can load other boot loaders (the most easy method, GRUB does this).
## BIOS case
Generally BIOS boot loaders are installed on the MBR partition table of the disk, probably our boot loader will need to manually load the OS kernels.https://gitlab.redox-os.org/redox-os/redox/-/issues/1405(Open to discussion) Filesystem sandbox system2023-10-16T10:38:16ZRibbon(Open to discussion) Filesystem sandbox systemFilesystem sandbox is very important to avoid data attacks/leaks and user-space rootkits, each process has its own namespace with schemes (use `ls :` to verify the current namespace).
The best security model is to let the user decide wh...Filesystem sandbox is very important to avoid data attacks/leaks and user-space rootkits, each process has its own namespace with schemes (use `ls :` to verify the current namespace).
The best security model is to let the user decide which folders/files some program can access (like recent Android versions), it can be done in two ways:
- When the user open a new program, the windowing system will ask which folders/files the program can access (similar to the xdg-portal window for file selection on XDG-compatible programs).
- The user can specify which folders/files some program can access using a TOML configuration (GUI/terminal).
## Terminal
In most cases the folders/files on terminal programs are specified on the command, thus it's a form of permission.
But the attacker can install an user-space rootkit using commands or a script, to mitigate this a permission prompt could be implemented for file operations on the terminal.
## Implementation
This will be done with scheme filters, the process can use a directory scheme (`home:` for `/home`) or the `file:` scheme directly.
Example:
- `home:path/to/folder`
- `file:/path/to/folder`https://gitlab.redox-os.org/redox-os/redox/-/issues/1404(Open to discussion) Permission system2024-03-26T21:38:17ZRibbon(Open to discussion) Permission systemA good security system has program/filesystem sandbox, this issue will cover the program sandbox implementation.
The permission configuration will require user or admin password (like any OS) but without `sudo`, because it's prone to ab...A good security system has program/filesystem sandbox, this issue will cover the program sandbox implementation.
The permission configuration will require user or admin password (like any OS) but without `sudo`, because it's prone to abuses (unsafe).
### Schemes
Each kernel subsystem or user-space daemon implement schemes for communication, programs will use these schemes to work with different areas of the system.
### Security models
- Pre-configured permissions
The Redox developers will decide which permissions (schemes) a program package will have by default.
- Manual permissions
The user will give permissions to the program.
### Terminal
Most terminals use `sudo` for privileged tasks, it's prone to abuses and won't be used.
### GUI
If Orbital is available a permission window will pop up (like Windows and Android) for some program.
### Implementations
- Group-based
The program user will need to be a member of some resource group (`audio` and `video` for example), these groups use schemes.
- Configuration-based
A global TOML file will decide which schemes the programs can use (it needs to be read-only to avoid abuses).https://gitlab.redox-os.org/redox-os/redox/-/issues/1402(Feature request) Recipe override list2023-11-06T17:47:08ZRibbon(Feature request) Recipe override listBy default the build system change the active Git branch of all recipe sources to `master` (`make rebuild` and `make r.recipe`, even after `make f.recipe`).
This auto-checkout can be time-consuming because you need to manually comment o...By default the build system change the active Git branch of all recipe sources to `master` (`make rebuild` and `make r.recipe`, even after `make f.recipe`).
This auto-checkout can be time-consuming because you need to manually comment out the `[source]` and `git =` fields of each `recipe.toml` to avoid this.
The solution is to create a file called `.overrides` and add the names of the recipes that you want to disable the Git checkout.https://gitlab.redox-os.org/redox-os/redox/-/issues/1397memtest86+ for the Redox bootloader2023-08-10T06:36:17ZRibbonmemtest86+ for the Redox bootloadermemtest86+ is offered as a package in many Linux distributions, this package has a executable called `memtest-setup` that will run memtest86+ on reboot.
`memtest-setup` is configured to GRUB, thus our port will need to add the memtest86...memtest86+ is offered as a package in many Linux distributions, this package has a executable called `memtest-setup` that will run memtest86+ on reboot.
`memtest-setup` is configured to GRUB, thus our port will need to add the memtest86+ binary to the Redox bootloader.https://gitlab.redox-os.org/redox-os/redox/-/issues/1395(Feature request) Recipe categories on the Cookbook configuration2023-11-05T21:30:57ZRibbon(Feature request) Recipe categories on the Cookbook configurationAfter the implementation of the recipe categories we can add a way to build any specified folder inside the Cookbook configuration (`config/your-cpu-arch/your-config.toml`.
We could use the recipe syntax to specify the folder, for examp...After the implementation of the recipe categories we can add a way to build any specified folder inside the Cookbook configuration (`config/your-cpu-arch/your-config.toml`.
We could use the recipe syntax to specify the folder, for example: `folder-name = {}` (if it's technically possible).
The build system will build all recipes inside the specified folder, it's more easy to maintain and less error-prone, as we don't need to insert each new recipe.https://gitlab.redox-os.org/redox-os/redox/-/issues/1394CI testing for packages2023-10-27T13:44:24ZRibbonCI testing for packagesUsing CI tests for packages we can have a stable rolling release system, Void Linux does this, being one of the most stable rolling release Linux distributions of the world.
- [Void Linux continuous integration system](https://build.voi...Using CI tests for packages we can have a stable rolling release system, Void Linux does this, being one of the most stable rolling release Linux distributions of the world.
- [Void Linux continuous integration system](https://build.voidlinux.org/)https://gitlab.redox-os.org/redox-os/redox/-/issues/1393Exploit mitigations2023-10-27T11:07:14ZRibbonExploit mitigationsThis issue will cover the mandatory and optional exploit mitigations for Redox.
As Redox is written in Rust there's memory-safety though the compiler, thus it might make sense to disable most exploit mitigations, at least by default.
B...This issue will cover the mandatory and optional exploit mitigations for Redox.
As Redox is written in Rust there's memory-safety though the compiler, thus it might make sense to disable most exploit mitigations, at least by default.
But Redox is not fully safe Rust because many crates rely on less thoroughly checked unsafe, such as when heavily using FFI. Therefore, it might make more sense to enable mitigations for such programs, as well as for C/C++ programs, even though unsafe Rust is generally still safer than C/C++.
Exploit mitigations specific to C/C++ memory errors are unnecessary for safe Rust code.
### Criteria
The exploit mitigations on this issue must follow some criteria.
1. The mitigation is needed for microkernel-based systems?
2. If the mitigation is cheap (low performance penault) and the security benefit is considerable, it can be enabled by default.
3. Classify if it's a compiler, manual system-wide/some programs or x86-specific mitigation.
### Mitigations
This list will filter the exploit mitigations.
- Address Space Layout Randomization - userspace
- ~~Kernel Address Space Layout Randomization~~ probably overkill for a microkernel; seL4 for example uses `-static -fno-pie -fno-pic`
- Position-Independent Executables - compiler-based
- RELRO
- BIND_NOW
- SEGVGUARD (ASLR brute force protection)
- W^X (memory mappings and switching pages)
- SROP
- Trusted Path Execution
- SafeStack
- Non-Cross-DSO Control-Flow Integrity
- Retpoline - Spectre mitigation for monolithic kernels?
### Implementations
This list will track the exploit mitigations implementation.
- [x] SMAP - x86-specific, manual system-wide
- [x] SMEP - x86-specific, manual system-wide
- [x] Zero-initialized userspace stack - manual system-wide
- [ ] Read-only pages where necessary - manual?
- [ ] IP ID randomization - netstack or smoltcp? manual.
- [ ] Temporary IPv6 addresses - netstack or smoltcp? manual.https://gitlab.redox-os.org/redox-os/redox/-/issues/1392Dev room2024-03-18T00:02:32ZRibbonDev roomThis issue cover what is necessary for the dev variant of Redox.
- [x] Port Rust
- [x] Port GCC
- [x] Port LLVM
- [ ] Port Python
- [ ] Port Go
- [x] Port Vim
- [ ] Port Neovim
- [ ] Port Emacs
- [ ] Port zsh
- [ ] Port fish
- [ ] Port ...This issue cover what is necessary for the dev variant of Redox.
- [x] Port Rust
- [x] Port GCC
- [x] Port LLVM
- [ ] Port Python
- [ ] Port Go
- [x] Port Vim
- [ ] Port Neovim
- [ ] Port Emacs
- [ ] Port zsh
- [ ] Port fish
- [ ] Port Nushell (WIP)
- [ ] Port GDB
- [ ] Port NodeJS
- [ ] Port OpenSSHhttps://gitlab.redox-os.org/redox-os/redox/-/issues/1391Desktop room2024-03-17T23:59:15ZRibbonDesktop roomThis issue cover what is necessary for the desktop variant of Redox.
- [ ] Port GTK
- [ ] Port Qt
- [ ] Port Firefox
- [ ] Port VLC
- [ ] Port Servo
- [ ] Port Chromium (hard)
- [ ] Port WebAssembly
- [ ] Implement GPU acceleration (thr...This issue cover what is necessary for the desktop variant of Redox.
- [ ] Port GTK
- [ ] Port Qt
- [ ] Port Firefox
- [ ] Port VLC
- [ ] Port Servo
- [ ] Port Chromium (hard)
- [ ] Port WebAssembly
- [ ] Implement GPU acceleration (through Linux driver VMs on QEMU)
- [ ] Port COSMIC Desktop
- [ ] Port GNOME (time-consuming)
- [ ] Port KDE Plasma (time-consuming)
- [ ] Port Sway