Tuesday, March 31, 2015

Bare metal application builders are starting to flex their muscle.

As an application developer, security concerns me greatly. Every day there is a fresh announcement of a major hacking incident, often with the user database being compromised. I'd like to be able to develop applications that have some hope of resisting hackers.

One of the most promising ways to reduce the attack surface is to build applications that run on the bare metal of the CPU without a host operating system. More accurately, bare metal applications run directly on a virtualisation hypervisor rather than on the bare metal of a CPU a la MS-DOS.  The idea being that if there is no system to log in to then it's much harder for hackers to gain access. What can a hacker do if there's just nothing at all to log in to?

Running on bare metal is being made possible in large part by virtualisation technologies such as Xen which provide standard virtual networking and file system interfaces. These virtualised interfaces mean that bare metal solutions don't need hardware device driver support, making the core concept much easier to implement.

I'm super keen to be writing my applications to run on bare metal. There's quite a bit going on in this field but its early days; there's currently no practical way to write an application using mainstream programming languages and get it to run as bare metal. That's likely to change over the next couple of years. It is possible to build bare metal applications using  Ocaml, Haskell and Erlang.

I'd like to build bare metal applications using Python, Rust or Go. That's not possible right now. Here are the projects that I know about in the bare metal space:

MirageOS describes itself as "library operating system that constructs unikernels". The project appears to be relatively mature and actively developed. MirageOS requires that your code is written in OCaml.

Quoting from the website, HaLVM "enables developers to write high-level, lightweight virtual machines that can run directly on the Xen hypervisor". It is being developed by Galois, a U.S. company based in Portland, Oregon.  An overview presentation is here. You'll need to write your code in Haskell.

Ling allows Erlang applications to be run directly on the Xen hypervisor. It is being developed by Cloudozer, a startup company based out of Russia.

OSv appears to be a version of FreeBSD so severely stripped down that although applications still have the resources they need to run, there is little or no remaining recognisable operating system, for example there is no concept of users in OSv, and there are no drivers other than those required to run on a Xen hypervisor. OSv allows execution of JVM and Posix applications. OSv is developed by Cloudius Systems of Israel. A presentation is here.

Rump kernels
It appears that Rump kernels utilise NetBSD's user space device drivers to compile Posix applications into unikernels. Rumprun is an active project facilitating the build process. A recent tweet announced that MySQL has been built as a unikernel using Rumprun. Rumprun is described as "a wrapper for running programs that were written for a normal POSIX (NetBSD) system to run them under a rump kernel."

Determined not to leave the fun to the open source world, Microsoft Research has been doing some work on the library OS and its Drawbridge research project is described as "a research prototype of a new form of virtualization for application sandboxing. Drawbridge combines two core technologies: First, a picoprocess, which is a process-based isolation container with a minimal kernel API surface. Second, a library OS, which is a version of Windows enlightened to run efficiently within a picoprocess." Whether anything living will creep out of the bubbling green tubes of the research lab remains to be seen.

On the horizon.
The Cloudozer website mentions "Rust On Xen", "Go on Xen" and "J on Xen", exciting concepts but I couldn't find any further information. A recent post from Hajime Tazaki introduces a new project called LibOS, saying: "Our objective is to build the kernel network stack as a shared library that can be linked to by userspace programs to provide network stack personalization and testing facilities, and allow researchers to more easily simulate complex network topologies of linux routers/hosts." There's clearly more innovation and development in the works in the exciting field of bare metal application development. If you know of anything new, please let me know at andrew.stuart@supercoders.com.au

Hopefully it won't be too long until we see production quality ways to build bare metal applications using mainstream programming languages.


  1. I see the benefit of say, taking the concept of users out of FreeBSD to improve performance and security, but I wouldn't call the result (or any of the platforms described here) "bare-metal" programming. They're still OSs, just lighter-weight ones.

    Programming a modern machine, even a virtualized one, without device drivers is just pure masochism. And do you really want to do without multitasking? A process scheduler? Memory management? Sure, people did it back in the MS-DOS days and on 8-bit computers and game machines routinely, but that was vastly simpler hardware. And the same goes for embedded development--even there, people are turning away from bare-metal programming (like you do on an Arduino, say) and towards lightweight realtime OSs.

    We need a new term for this kind of containerized, minimum-viable-OS application programming. Calling it "bare-metal" is just confusing things.

    1. Got any ideas for an alternative term?

    2. To me, this is just terminological inflation. What is the essential difference between a process with its own privileges - a concept that has been around for decades - and a virtual machine? A process uses syscalls to communicate with the host, a virtual machine uses hardware instructions (that often address virtio-devices).

  2. Blogs are very good ways of exchanging the information and I love to read posts and sometime some blogs give me so much of knowledge and this is one kind of those blogs. Thank you so much for sharing this post. Keep posting and keep growing.

    recladding wellington