-
Overview
-
redpesk OS releases
-
Security updates
-
Application Framework Manager
-
Application Framework Binder
-
APIs & Services
-
Security manager
-
Trusted Boot
-
Recovery features
-
redpak
-
Minimal image
- Reduce image size
- Optimizing boot time
-
kernel fragments description
- Introduction to Linux Kernel Configuration
- 01 Disable IPC, Timers and Audit
- 02 Disable Kconfig, Scheduler and Initrd
- 03 Disable Perf, Profiling and Errata
- 04 Disable EFI, Power Management Debug and Energy Model
- 05 Disable Schedutil, CPUFreq Governors and Virtualization
- 06 Disable Kprobes and Jump Labels
- 07 Disable GCC Plugins and Function Alignment
- 08 Disable Partition Parsers
- 09 Enable Inline Spinlocks and Kernel Operations
- 10 Disable Swap, Memory Hotplug and KSM
- 11 Disable Networking IPv4, IPv6, Netfilter
- 12 Disable SCTP, VLAN, TIPC, BATMAN
- 13 Disable Wireless, Bluetooth, CAN and RFKILL
- 14 Disable PCI and Firmware
- 15 Disable GNSS and ProcEvents
- 16 Disable Block Storage NBD and AoE
- 17 Disable EEPROM and Misc Drivers
- 18 Disable Network Device Drivers
- 19 Disable PHY Drivers
- 20 Disable PPP, WLAN Coexistence, and Failover
- 21 Disable Input Devices
- 22 Disable Serial, TTY and TPM
- 23 Disable I2C, Power and Sensor Drivers
- 24 Disable MFD, Display and Media Drivers
- 25 Disable USB, Sound, RTC and VirtIO
- 26 Disable Filesystem Encodings and Compatibility
- 27 Enable Minimal Cryptographic Core with SHA3 and XTS
- 28 Disable Hardware Cryptography, Keep DRBG and Jitter Entropy
- 29 Disable Kernel Debugging Features
- 30 Disable Filesystem Verity and SecurityFS
-
Zephyr in Redpesk
-
Mender redpesk (OTA)
-
Hardware support
- Download images
- Image metrics
- Trusted Boot
- Boards - ARM64
- Boards - x86_64
- Boards - Virtual
- Miscs
Vocabulary for afb-binder
Binding
A shared library object intended to add a functionality to an afb-binder instance. It implements an API and may provide a service.
Binding made for services can have specific entry points called after initialization and before serving.
Event
Messages with data propagated from the services to the client and not expecting any reply.
The current implementation allows to widely broadcast events to all clients.
Level of assurance (LOA)
This level that can be from 0 to 3 represent the level of assurance that the services can expect from the session.
The exact definition of the meaning of these levels and how to use it remains to be achieved.
Request
A request is an invocation by a client to a binding method using a message transferred through some protocol:
- HTTP
- WebSocket
- …
and served by afb-binder
Reply/Response
This is a message sent to client as the result of the request.
Service
Service are made of bindings running on a binder The binder is in charge of connecting services and applications. A service can serve many clients.
The framework establishes connection between the services and the clients. Using sockets currently but other protocols are considered.
The term of service is tightly bound to the notion of API.
Session
A session is meant to be the unique instance context of a client, which identify that instance across requests.
Each session has an identifier. Session identifier generated by afb-binder are UUIDs. A client can present its own session id.
Internally, afb-binder offers a mechanism to attach data to sessions. When a session is closed or disappears, data attached to that session are freed.
Token
The token is an identifier that the client must give to be authenticated.
UUID
It stand for Universal Unique IDentifier.
It is designed to create identifier in a way that avoid has much as possible
conflicts.
It means that if two different instances create an UUID, the
probability that they create the same UUID is very low, near to zero.
x-afb-reqid
Argument name that can be used with HTTP request.
When this argument is given, it is automatically added to the “request” object of the answer.
x-afb-token
Argument name meant to give the token without ambiguity.
You can also use the name token but it may conflicts with others arguments.
x-afb-uuid
Argument name for giving explicitly the session identifier without ambiguity.
You can also use the name uuid but it may conflicts with others arguments.