GNU Mach is the microkernel upon which a GNU Hurd system is based. It provides an Inter Process Communication (IPC) mechanism which the Hurd uses to define interfaces for implementing in a distributed multi-server fashion the services a traditional operating system kernel provides. Mach is particularly well-suited for SMP and network cluster techniques. Thread support is provided at the kernel level, and the kernel itself takes advantage of that. Network transparency at the IPC level makes resources of the system available across machine boundaries.
netsniff-ng is a high performance Linux network sniffer for packet inspection. It is similar to analyzers like tcpdump, but without the need to perform system calls for fetching network packets. A memory-mapped area within kernelspace will be used for accessing packets, so there is no requirement for copying them to userspace (a 'zero-copy' mechanism). For this purpose, netsniff-ng is libpcap independent, but nevertheless supports the pcap file format for capturing, replaying, and performing offline analysis of pcap dumps. The project is focused on building a robust, clean, and secure analyzer and utilities that complete netsniff-ng as a support for penetration testing. netsniff-ng can be used for protocol analysis, reverse engineering, and network debugging.
Fiwix is an operating system kernel based on the Unix architecture and fully focused on being Linux compatible. It is designed exclusively for educational purposes, so the kernel code is kept as simple as possible for the benefit of students. It runs on the 32-bit x86 hardware platform, and is compatible with a good base of existing GNU applications.
KaOS is a lightweight, multi-purpose embedded Linux platform designed for virtualization and cloud computing applications. KaOS is based on Linux KVM and is a true enterprise grade hypervisor platform. KaOS makes it easy to deploy KVM based virtualization solutions. KaOS is a lightweight platform, less than 10MB in size. The SDK provides everything necessary to rebuild the platform and comes with scripts to assist with building a KaOS-enabled Linux kernel. KaOS has a menu-driven CLI called AppQueue and a management process that replaces init and other functions called kattach.
dtrace for Linux is a native port of dtrace to Linux. dtrace is a kernel and user space tracing mechanism available on Solaris, FreeBSD, and Apple Mac OS X. It entails no performance cost when it is not activated. This implementation has the same functionality as the original, allowing arbitrary kernel probes. It is provided as a kernel module, so no kernel source code changes are required. It has been tested mostly on Ubuntu 7/8 systems and is known to compile on other kernels. Both 32-bit and 64-bit kernels are supported.
SCHED_DEADLINE is an implementation of a new scheduling class for the Linux kernel. It implements the real-time scheduling algorithm called Earliest Deadline First (EDF). A key feature is that it ensures "temporal isolation", which means that the temporal behavior of each task (i.e., its ability to meet its deadlines) is not affected by the behavior of any other task in the system. In other words, even if a task misbehaves, it is not able to exploit larger execution times than the amount it has been allocated. Each task is characterized by a "budget" and a "period" equal to its deadline. At any instant of time, the system schedules the task having earliest deadline.
tpe-lkm is a Linux kernel module implementing Trusted Path Execution, a security feature that denies users from executing programs that are not owned by root, or are writable. This closes the door on a whole category of exploits where a malicious user tries to execute his or her own code to hack the system. Since the module doesn't use any kind of ACLs, it works out of the box with no configuration. It isn't complicated to test or deploy to current production systems. The module also has a few other grsecurity-inspired features implemented as "extras".