What is Fuchsia – Google Next-Generation OS running Flutter apps

Logo of Google Fuchsia OS

Fuchsia is a new modular capability-based operating system currently being developed by Google. Fuchsia runs on a microkernel called Zircon and is aimed at various ARM64 and x86-64 platforms from mobile devices to desktops. Written in C++, Zircon and its’ userspace services, drivers and libraries manage processor resources, memory, interrupts and signaling.

Capability-Based Security Model

The most interesting aspect about Fuchsia is the security model. Capabilities were around for a while, with the Plessey 250 system implementing capabilities support in hardware as early as 1970. Researchers and the industry have been interested in the capability-based systems primarily because of the confused deputy problem. The current prevalent security models are DAC and MAC based on the ACLs. It has been proven that it is impossible to create a system with an ACL-based security that would not be susceptible to attacks based on the privilege escalation. The latest example is the Kubernetes websockets vulnerability.

Zircon Microkernel

Zircon was born as a branch of LK. LK (Little Kernel) is a tiny operating system suited for small embedded devices, bootloaders, and other environments. It offers basic OS primitives like threads, mutexes, and timers.

The kernel manages a number of different types of Objects. Classes which implement the C++ Dispatcher interface are accessible via system calls. Microkernel is the only code running in the privileges mode. Drivers, filesystem, and network all run in user mode. Userspace code interacts with kernel objects via system calls, and almost exclusively via Handles. Handles are process-scope kernel constructs that allows user-mode programs to reference a kernel object. They identify both the object and a set of access rights to the object. A handle can be thought as a session or connection to a particular kernel object. Objects may have multiple Handles that refer to them. For majority of Objects, when the last open Handle referring to an Object is closed, the Object is either destroyed, or put into a final state.

Zircon syscalls are generally non-blocking. The wait_one, wait_many, port_wait and thread sleep being the notable exceptions.

Fuchsia Architecture

Fuchsia is a modular OS, with the microkernel providing the basic OS primitives. The next layer above the Zircon microkernel is Garnet. It contains the network, media, and graphics services such the Escher render, the package management and update system Amber, as well as the guest emulation suitable for emulating Linux API.
The next layer is called Peridot. It provides Fuchsia component services, including stories, agents and entities.

Fuchsia’s user interface and apps are developed with the cross-platform Flutter SDK. Fuchsia currently offers two layout engines: a touch-centric Armadillo, primarily driven by a combination of Recent Apps and a new version of the Google Feed and a desktop-centric multi-window Capybara designed for keyboard and mouse input. The entire Fuchsia experience seems to currently revolve around Google Assistant. Given that Google has been pursuing Slices already, it appears that the long-term goal here is change the interaction workflow from current where users need to install and open individual apps by clicking on the app icon to one where assistant and search drive the interactions.
Fuchsia is a true cloud OS. It comes with a new integrated distributed storage system called Ledger. Ledger automatically synchronizes user and application data to a cloud instance.

Conclusion

Fuchsia will enable developers to code apps, programs, and tools that could work on all of Google’s platforms. That means coders would be able to create a messaging app that would work on smartphones, tablets, laptops, desktops, and even smart home devices.

The new OS will also give Google a better shot at in-car computing market, by being able to directly compete with another microkernel platform – QNX Neutrino.

More from our blog

See all posts