| New kid on embedded Linux block -- Gentoo |
Dec. 03, 2004
A project to create embedded versions of Gentoo Linux has achieved preliminary releases on x86, MIPS, PPC, and ARM. The releases include native core system binaries, cross-platform toolchains, and, for x86, an optional hardened toolchain. The year-old project needs developers to help add cross-compile awareness to source packages.
Gentoo is a popular desktop and server Linux distribution, in which core system components are distributed as architecture-specific, native binaries, while all non-essential software packages are compiled from source, using a "portage" system similar to the "ports" system in FreeBSD. (Most Linux distributions install both core and non-essential software from pre-built packages of binaries, using convenient tools such as dpkg, rpm, yum, and others. Gentoo partisans say compiling is better, since compiler flags can be set to optimize builds for specific hardware.)
The preliminary release of Embedded Gentoo includes the core system components, pre-built as native binaries, for the four supported architectures. The components for each architecture are distributed in three compressed tar files called "stages" that correspond loosely to system complexity. These native components have been tested "fairly extensively," according to project instigator Ned Ludd. What remains to be done is to add cross-compiler awareness to the 9,000-odd optional source packages in Gentoo, in order to create an embedded-specific "portage" system for Embedded Gentoo. "Gentoo Linux is slightly understaffed in the embedded area. New embedded developers are welcomed and encouraged," says Ludd.
In addition to native binaries and source packages, Embedded Gentoo includes toolchains for each of the target architectures that aim to support cross-platform development. Toolchain developer Mike Frysinger says that "for all intents and purposes," the toolchains are ready for normal and for cross-compiling use.
C libraries are especially important in a distribution where much software is built from source. Embedded Gentoo uses uClibc, a small-footprint library for embedded systems, rather than the full GNU C libraries. Ludd explains, "The consensus is pretty much that glibc has no place in embedded environments. The advantages of uClibc simply outweigh those of glibc." And, Ludd adds, "If [you're] using glibc, you're using standard Gentoo. So technically it's already supported."
The preliminary releases are based on uClibc 0.9.26+cvs, with patches and bugfixes applied on some architectures. Since the upstream uClibc developers have not yet achieved a major 1.0 release number, future ABI (application binary interface) changes could break backwards binary compatibility. "Any uClibc work should be considered experimental, until such time as uclibc-1.0 is released," states Ludd.
The preliminary releases are intended for MMU-ful embedded systems (systems equipped with memory management units), although uclinux-sources is available in the portage tree for those working with MMU-less processors and microcontrollers.
Embedded Gentoo project background
The Embedded Gentoo project was instigated by Ludd, with assistance from Chris PeBenito. Ludd's company, Southern Linux Solutions (SLS), initially developed a minimalistic uClibc build system in the course of creating customer premise equipment for wireless cable networks (no oxymoron intended). The project progressed further when SLS was hired to convert Soekris boards into carrier-class wireless infrastructure for a provider in Savannah, Georgia. "SLS deemed [it to be] in our best interest to merge our changes back into the Gentoo distribution, to make it easy to rapidly develop new embedded products in the future. What used to take weeks now only takes a few hours," says Ludd.
Ludd says the preliminary releases were created primarily by three core developers, including himself, Frysinger, and hardened toolchain developer Peter S. Mazinger. However, others are "waiting in the wings" and likely to contribute more, now that an actual release exists. These include Thierry Carrez (koon@gentoo.org, documentation), David Bryson (mutex@gentoo.org, catalyst tool), Brian Jackson (iggy@gentoo.org, IRC help, testing, feature enhancements), Tom Billman (low-level software, nslu2-linux), and others on the "embedded-at-gentoo-dot-org" alias list.
Special hardening features
In addition to a standard version of uClibc, the x86 version of Embedded Gentoo offers a hardened version developed for carrier-class wireless infrastructure by Mazinger, Ludd, and the team at PaX, a project that researches ways to prevent software bug exploitation. Ludd says, "We pulled together, and feature- and bug-tested, filling each others' inboxes worse than a bad month of spam."
The hardening features include:- PIE (Position Independent Executables) -- Executables that, like shared libraries, are relocated by the dynamic linker to a virtual address chosen by the host operating system at runtime, providing "position independence" aimed at stopping exploits that rely on predictable address spaces.
- ASLR (Address Space Layout Randomizations) -- A kernel feature that helps PIE executables load in random locations, useful for protecting against the return-to-libc style attacks.
- SSP (Stack Smashing Protection, aka ProPolice) -- A sophisticated yet simple protective compiler technology that makes use of canary values by rearranging local variables and function pointers. It can prevent many forms of the common return-to-libc attack.
Embedded Gentoo's hardening features may be added to the MIPS and PPC architectures, depending on interest, according to Mazinger.
Roadmap
In the future, Ludd says Embedded Gentoo would like to support the SuperH-5 architecture. And Frysinger, who also serves ably as Gentoo's ARM architect, according to Ludd, is willing to "fully support" ARM-based handhelds, if testing models are provided.
Additional project details, and links to downloads of the preliminary releases, can be found on the Embedded Gentoo homepage.
LinuxDevices.com welcomes Embedded Gentoo to the embedded Linux community!
Related Stories:
(Click here for further information)
|
|
|
7 Advantages of D2D Backup
For decades, tape has been the backup medium of choice. But, now, disk-to-disk (D2D) backup is gaining in favor. Learn why you should make the move in this whitepaper.
4 Legal Reasons to Control Internet Access
The Internet is obviously a valuable resource for many organizations. However, many are exposed to legal liability concerns because they fail to control Internet access. Learn if you're safe in this white paper.
Rapidly Resolve J2EE Application Problems
Whether you are in the process of building J2EE applications or have J2EE applications already running in production, you must ensure that they deliver the expected ROI. Learn how in this white paper.
Load Testing 2.0 for Web 2.0
There are many unknowns in stress testing Web 2.0 applications. Find out how to test the performance of Web 2.0 in this white paper.
Build Better Games Online
For the game infrastructure providers, life is complex. Making money from games has become more complicated. Why? Find out in this white paper.
Building a Virtual Infrastructure from Servers to Storage
This white paper discusses the virtual storage solutions that reduce cost, increase storage utilization, and address the challenges of backing up and restoring Server environments.
Gaining Faster Wireless Connections with WiMAX
Welcome to what is quickly becoming the hyperconnected world where anything that would benefit from being connected to the network will be connected. Learn more in this white paper.
Is Your Desktop a Security Threat?
The new wave of sophisticated crimeware not only targets specific companies, but also targets desktops and laptops as backdoor entryways into those business’ operations and resources. Learn how to stay safe in this white paper.
Increasing SAN Reliability by 100 Percent
Storage area networks (SAN) are a strong part of storage plans. Learn how to increase your reliability and uptime by 100 percent in this case study.
|
|
|
|
|
Use of this site is governed by our Terms of
Service and Privacy Policy.
Except where otherwise specified, the contents of this site are copyright © 1999-2008
Ziff Davis Enterprise Holdings Inc. All Rights Reserved.
Reproduction in whole or in part in any form or medium without express written permission of Ziff Davis Enterprise is
prohibited. Linux is a registered trademark of Linus Torvalds. All other marks are the property of their respective owners.
news feed