Microsoft open-sources LiteBox, a security-focused library OS

Posted by aktau 7 hours ago

Microsoft open-sources LiteBox, a security-focused library OS(github.com)

251 points | 129 comments

aktau 7 hours ago|

From the GitHub page:

LiteBox is a sandboxing library OS that drastically cuts down the interface to the host, thereby reducing attack surface. It focuses on easy interop of various "North" shims and "South" platforms. LiteBox is designed for usage in both kernel and non-kernel scenarios.

LiteBox exposes a Rust-y nix/rustix-inspired "North" interface when it is provided a Platform interface at its "South". These interfaces allow for a wide variety of use-cases, easily allowing for connection between any of the North--South pairs.

Example use cases include:

  - Running unmodified Linux programs on Windows
  - Sandboxing Linux applications on Linux
  - Run programs on top of SEV SNP
  - Running OP-TEE programs on Linux
  - Running on LVBS

aktau 7 hours ago||

More links with discussion:

Reddit discussion: https://www.reddit.com/r/linux/comments/1qw4r71/microsofts_n...

Project lead James Morris announcing it on social.kernel.org: https://social.kernel.org/notice/B2xBkzWsBX0NerohSC

xjamesmorris 5 hours ago|||

FYI, I am not the project lead for Litebox. It is led by Microsoft Research.

a-dub 2 hours ago||

is this wslv1.2 (wslv1 redux) in now a more general cross-platform library firewall type thing?

ementally 5 hours ago||

Copilot

https://github.com/microsoft/litebox/blob/main/.github/copil...

pjmlp 5 hours ago||

To be expected, given how many organisations now require employees to use AI if they want to meet their OKRs, especially all that sell AI tools.

outofpaper 4 hours ago|||

What's dumb, on top of everything, is needing to store non special standard operating procedures in specific AI folders and files when wanting to work with AI tooling.

WorldMaker 27 minutes ago||

Copilot today supports the top-level AGENTS.md approach as well, which seems to be the cross-tool "standard".

andai 4 hours ago|||

[flagged]

UqWBcuFx6NV4r 4 hours ago||

[flagged]

llama052 3 hours ago||

Both can be true.

embedding-shape 4 hours ago||

> Extremely simple changes do not require explicit unit tests.

I haven't used Copilot much, because people keep saying how bad it is, but generally if you add escape hatches like this without hard requirements of when the LLM can take them, they won't follow that rule in a intuitive way most of the time.

pjmlp 1 hour ago|||

It is kind of alright, I use mostly on VS when coding C# or C++, for code completions, error analysis, check code quality and such.

As agent, or writing everything for me, not yet.

bwat49 1 hour ago||

the $10 plan makes a great backup to claude or codex and the inline completions are nice

sandos 2 hours ago|||

Yeah, I tried various very sane-looking instrucions file when starting to use copilot 6 months ago. Turned out it was not really useful. It mostly follows the rules anyway, but it also often forgot to. So turns out, especially with the fast turnaround with models today, it was better to just forego these instructions files.

CasualSuperman 6 hours ago||

With how buggy their flagship OS has become, why would I trust anything else they release to be better? Or even if it does work well now, why should I expect it to stay that way? Microsoft has burned through all possible goodwill at this point, at least for me.

simonw 4 hours ago||

Microsoft employ over 100,000 engineers. I'd advise against assuming that everything produced by any of them is bad because of bugs in Windows.

replooda 3 hours ago|||

The criticism was directed at the company's product, not the employees...

trimethylpurine 2 hours ago|||

The response appears to be pointing out that with so many employees (engineers), it's unlikely that they all work on Windows.

mcmcmc 1 hour ago||

And yet they still work for a company that has shown it isn’t overly concerned about quality or reliability in its products.

solarkraft 33 minutes ago||||

This is not about individual employees. It’s in the nature of being an employee to be beholden to what’s incentivized by their company’s management and structure.

ddtaylor 1 hour ago||||

They seem to be alienating a lot of their users right now in a lot of different products. There's a significant surge in open source software right now and Linux and all the people that are coming over are a bit more than usual. Their customer base seems tired of the game.

workfromspace 1 hour ago||||

Not op, and I generally agree with your assumption but not for Microsoft, as I don't think it's limited to Windows:

Teams, Office (especially online), One Drive, SharePoint, Azure, GitHub, LinkedIn, all became very shitty and partially unusable with increasing number of weird bugs or problems lately.

dvfjsdhgfv 59 minutes ago||||

The problems with Windows today have nothing to do with bugs but with the strategic vision of Nadella.

lysace 3 hours ago|||

This is also still small/unimportant enough not to be poisoned by their broken corporate culture.

rafram 6 hours ago|||

This isn't supposed to replace Windows, and it isn't a GUI desktop operating system at all. I doubt anyone working on this has anything to do with the modern Windows desktop UX.

dspillett 4 hours ago|||

> This isn't supposed to replace Windows,

OP wasn't suggesting it was, just that the lack of quality in one significant area of the company's output leads to a lack of confidence in other products that they release.

Reddit_MLP2 4 hours ago|||

but if the host OS is already comprised, what is the point of sandbox inside of it?

necovek 3 hours ago||

Maybe we need secure attestation for sandbox to be protected against compromised host :)

It does sound hard, and might need to employ homomorphic encryption with hw help for any memory access after code has been also verifiably unaltered through (uncompromised) hw attestation.

hudo 6 hours ago|||

UI of Windows is buggy and inconsistent. Kernel and low level stuff are actually very stable and good.

joe_mamba 6 hours ago|||

>Kernel and low level stuff are actually very stable and good.

This. A while ago a build of Win 11 was shared/leaked that was tailored for the Chinese government called "Windows G" and it had all the ads, games, telemetry, anti-malware and other bullshit removed and it flew on 4GB RAM. So Microsoft CAN DO IT, if they actually want to, they just don't want to for users.

You can get something similar yourself at home running all the debloat tools out there but since they're not officially supported, either you'll break future windows updates, or the future windows updates will break your setup, so it's not worth it.

bcraven 2 hours ago|||

Something similar, or indeed, exactly the same:

https://www.windowscentral.com/software-apps/windows-11/leak...

workfromspace 1 hour ago||||

I geniunely wonder if Windows G's start menu also use React and if the start menu, right click or Windows Search still sucks in Windows G or not :)

pjmlp 1 hour ago||

React Native, halfway between Web and native.

RajT88 5 hours ago||||

Talked about back in the Vista days publicly (I cannot find the articles now) - Microsoft has commitments to their hardware partners to help keep the hardware market from collapsing.

So they are not incentivized to keep Win32_Lean_N_Mean, but instead to put up artificial limits on how old of hardware can run W11.

I have no insider knowledge here, just this is a thing which get talked about around major Windows releases historically.

necovek 3 hours ago|||

If anything, Microsoft has a lot of problems because they support a wide variety of crappy hardware and allow just about anyone to write kernel level sw (drivers). Not sure if this changed, but they used to run in the ring0 even.

This was most evident back in the 90s when they shipped NT4: extremely stable as opposed to Win95 which introduced the infamous BSOD. But it supported everything, and NT4 had HW support on par with Linux (i.e. almost nothing from the cheap vendors).

joe_mamba 4 hours ago|||

>Microsoft has commitments to their hardware partners to help keep the hardware market from collapsing.

Citation needed since that makes no logical sense. You want to sell your SW product to the most common denominator to increase your sales, not to a market of HW that people don't yet have. Sounds like FUD.

>but instead to put up artificial limits on how old of hardware can run W11

They're not artificial. POPCNT / SSE4.2 became a hard requirement starting with Windows 11 24H2 (2024) (but that's for older CPUs), and only intel 8th gen and up have well functioning support for Virtualization-Based Security (VBS), HVCI (Hypervisor-protected Code Integrity), and MBEC (Mode-Based Execution Control). That's besides the TPM 2.0 which isn't actually a hard requirement or feature used by everyone, the other ones are way more important.

So at which point do we consider HW-based security a necessity instead of an artificial limit? With the ever increase in vulnerabilities and attack vectors, you gotta rip the bandaid at some point.

ssl-3 2 hours ago||

Windows 11 is running on my ThinkPad T530. Its CPU is very nearly 14 years old.

What is missing here that was present when this same computer was running Windows 10?

joe_mamba 2 hours ago||

>Windows 11 is running on my ThinkPad T530. Its CPU is very nearly 14 years old.

Yes, you can bypass HW checks to install it on a pentium 4 if you want, nothing new here.

>What is missing here that was present when this same computer was running Windows 10?

All the security features I listed in the comment above.

ssl-3 1 hour ago||

So, if I'm hearing this right:

This computer had the security features that you listed while it was running Windows 10, and now that it is running Windows 11 it is lacking them?

(I'm not trying to be snarky. That's simply an astonishing concept to me.)

TkTech 6 hours ago||||

Is this not just Windows LTSB/LTSC? Which has been a thing forever.

joe_mamba 6 hours ago||

Maybe, could also be that for a 9 figure government contract they'll provide a custom LTSC branch just for you with only the features you want.

drnick1 2 hours ago||||

Microsoft should just open source Windows at this point.

hilti 4 hours ago|||

Never heard of Windows G .. that sounds exactly what I want for my older Thinkpads :-)

qingcharles 2 hours ago|||

I've been starting with Tiny11 and then running the debloat scripts against it. Reduces the memory footprint to about 2GB and have found zero compatibility problems with doing this. You just have to use curl or something to download a browser because you won't even have Edge.

WarOnPrivacy 3 hours ago|||

> Windows G .. sounds exactly what I want for my older Thinkpads

I'm running 11 IoT Ent LTSC on a some T420; it runs pretty okay.

mananaysiempre 4 hours ago||||

> Kernel and low level stuff are actually very stable and good.

In their intended applications, which might or might not be the ones you need.

The slowness of the filesystem that necessitated a whole custom caching layer in Git for Windows, or the slowness of process creation that necessitated adding “picoprocesses” to the kernel so that WSL1 would perform acceptably and still wasn’t enough for it to survive, those are entirely due to the kernel’s archtecture.

It’s not necessarily a huge deal that NT makes a bad substrate for Unix, even if POSIX support has been in the product requirements since before Win32 was conceived. I agree with the MSR paper[1] on fork(), for instance. But for a Unix-head, the “good” in your statement comes with important caveats. The filesystem is in particular so slow that Windows users will unironically claim that Ripgrep is slow and build their own NTFS parsers to sell as the fix[2].

[1] https://lwn.net/Articles/785430/

[2] https://nitter.net/CharlieMQV/status/1972647630653227054

BrouteMinou 1 hour ago|||

The Windows filesystem isn't slow per se, it's a slowness caused by "a thousand cuts" type of problem.

https://github.com/Microsoft/WSL/issues/873#issuecomment-425...

jph00 4 hours ago||||

This is not due to slowness of the file system. Native ntfs tools are much faster than Unix ones in some situations. The issue is that running Unix software on windows will naturally have a performance impact. You see the same thing in reverse using Wine on Linux. Windows uses a different design for IO so requires software to be written with that design in mind.

m132 3 hours ago|||

> Native ntfs tools are much faster than Unix ones in some situations. The issue is that running Unix software on windows will naturally have a performance impact. You see the same thing in reverse using Wine on Linux.

Not true. There are increasingly more cases where Windows software, written with Windows in mind and only tested on Windows, performs better atop Wine.

Sure, there are interface incompatibilities that naturally create performance penalties, but a lot of stuff maps 1:1, and Windows was historically designed to support multiple user-space ABIs; Win32 calls are broken down into native kernel calls by kernel32, advapi32, etc., for example, similar to how libc works on Unix-like operating systems.

MadnessASAP 3 hours ago||||

It's pretty typical these days for software, particularly games of the DX9-11 eras to perform better on Wine/Proton then they do under native Windows on the same hardware.

noumenon1111 4 hours ago|||

[flagged]

p_ing 4 hours ago||||

The file system isn't slow. The slowness will be present in any file system due to the file system filters that all file system calls pass though.

mananaysiempre 3 hours ago||

Right, by “file system” here I mean all of the layers between the application talking in terms of named files and whatever first starts talking in terms of block addresses.

Also, as far as my (very limited) understanding goes, there are more architectural performance problems than just filters (and, to me, filters don’t necessarily sound like performance bankruptcy, provided the filter in question isn’t mandatory, un-removable Microsoft Defender). I seem to remember that path parsing is accomplished in NT by each handler chopping off the initial portion that it understands and passing the remaining suffix to the next one as an uninterpreted string (cf. COM monikers), unlike Unix where the slash-separated list is baked into the architecture, and the former design makes it much harder to have (what Unix calls) a “dentry cache” that would allow the kernel to look up meanings of popular names without going through the filesystem(s).

dgxyz 4 hours ago|||

This is on the mark.

But there's another issue which is what cripples windows for dev! NTFS has a terrible design flaw which is the fact that small files, under 640 bytes, are stored in the MFT. The MFT ends up having serious lock contention so lots of small file changes are slow. This screws up anything Unixy and git horribly.

WSL1 was built on top of that problem which was one of the many reasons it was slow as molasses.

Also why ReFS and "dev drive" exist...

exceptione 5 hours ago|||

NTFS, not so great.

p_ing 4 hours ago||

NTFS is just fine. Stable, reliable, fast, plenty of features for a general purpose file system.

exceptione 3 hours ago|||

Even with Defender etc off, it is not fun. Lots of small file IO brings it on its knees. Some wants to blame the Windows I/O system, I don't know, but what I do know is that when people choose NTFS it is because they haven't an alternative. Nobody chooses it based on its quality attributes. I dare to say there is no NTFS system that is faster than an EXT4 system.

If even MS internal teams rather want to avoid it, it seems like it isn't a great offering. https://news.ycombinator.com/item?id=41085376#41086062

p_ing 6 minutes ago||

NTFS on Linux should be near-par with ext4 on Linux.

Remember, I said the _file system_ was just fine. It's that extensible architecture above all file systems on NT that causes grief.

The only method to 'turn off' Defender is to use DevDrive, which enforces ReFS, and even then you only get async Defender, it's not possible to completely disable.

repelsteeltje 4 hours ago|||

...But no way can you wrap it into something that looks posix-y from the inside

p_ing 4 hours ago||

Why would you want to?

repelsteeltje 4 hours ago||

From the article, first use case:

> Example use cases include:

> * Running unmodified Linux programs on Windows

> * ...

That won't work if the unplugged Linux program assumes that mv replaces a file atomically; ntfs can't offer that.

p_ing 8 minutes ago||

NTFS uses atomic transactions, that's the only way it has the ability to recover after a fault.

You can read more if you wish in 'Inside the Windows NT File System' by Helen Custer, page 15.

b00ty4breakfast 37 minutes ago|||

I'm not defending MS in any capacity, but this library is open for viewing if you were so inclined.

necovek 3 hours ago|||

Windows is ultimately a lot more complex, and not open source. This also builds on the Linux ecosystem, so even if it comes from Microsoft, I imagine engineering culture is different from that on Windows and especially their online platforms (that's even worse than Windows if you ask me!).

BrouteMinou 1 hour ago|||

Microsoft US a massive corporation with so many people, business units, departments.

A comment like yours is just like saying: "I know a buggy open-source software, why would I trust that other open-source project? The open-source community burned all possible goodwill".

dooglius 3 hours ago|||

MSR is a somewhat independent org; you should be making predictions based on other MSR projects

autoexec 5 hours ago||

Microsoft doesn't have a very good track record with security or privacy. Maybe it works, but yeah you'll probably get screwed over at some point.

Still, the fact that it's open source is a good thing. People can now take that code and make something better (ripping out the AI for example) or just use bits and pieces for their own totally unrelated projects. I can't see that as anything but a win. I have no problem giving shitty companies credit where its due and they've done a good thing here.

gdevenyi 6 hours ago||

What is a 'library OS'?

bri3d 5 hours ago||

It's a library that is linked to in place of an operating system - so whatever interface the OS provided (syscalls+ioctls, SMC methods, etc.) ends up linked / compiled into the application directly, and the "external interface" of the application becomes something different.

This is how most unikernels work; the "OS" is linked directly into the application's address space and the "external interface" becomes either hardware access or hypercalls.

Wine is also arguably a form of "library OS," for example (although it goes deeper than the most strict definition by also re-implementing a lot of the userland libraries).

So for example with this project, you could take a Linux application's codebase, recompile it linked to LiteBox, and run it on SEV-SNP. Or take an OP-TEE TA, link it to LiteBox, and run it on Linux.

The notable thing here is that it tries to cut the interface in the middle down to an intermediate representation that's supposed to be sandbox-able - ie, instead of auditing and limiting hundreds of POSIX syscalls like you might with a traditional kernel capabilities system, you're supposed to be able to control access to just a few primitives that they're condensed down to in the middle.

kccqzy 5 hours ago||

> So for example with this project, you could take a Linux application's codebase, recompile it linked to LiteBox

If you have to recompile, you might as well choose to recompile to WASM+WASI. The sandboxing story here is excellent due to its web origins. I thought the point of LiteBox is that recompilation isn’t needed.

bri3d 5 hours ago||

Looking more closely, it looks like there are some "North" sides (platforms) with ABI shims (currently Linux and OP-TEE), but others (Windows, for example), would still require recompilation.

> If you have to recompile, you might as well choose to recompile to WASM+WASI.

I disagree here; this ignores the entire swath of functionality that an OS or runtime provides? Like, as just as an example, I can't "just recompile" my OP-TEE TA into WASM when it uses the KDF function from the OP-TEE runtime?

kccqzy 3 hours ago||

I had previous experience with WASM on TEE. Just use the foreign function interface. Remember WASM isn’t native code so you still need other native code to run WASM (such as wasmtime), and you can import other native functions into WASM through the runtime.

charles_f 5 hours ago|||

I think that's an OS in the form of a library, like Wine for example. From what I get from the description it allows you to run programs on your real OS and make it see a cut down API to your actual system to reduce the attack surface.

zamadatix 6 hours ago||

https://en.wikipedia.org/wiki/Operating_system#Library

cbondurant 6 hours ago||

at first I thought library OS might have meant an OS meant for use at a library.

Honestly far less interesting to know I was wrong.

rendaw 4 hours ago||

Is it not? You link the "library os" and you no longer need an os (when running in a supervisor) IIUC.

stackghost 2 hours ago||

I think parent poster was referring to an actual library, i.e. where you would borrow books.

That's also what I thought this was, and came to the comments expecting to see something neat about why libraries might need bespoke operating systems.

noumenon1111 4 hours ago|||

Me too. Honestly I was vibing on nostalgia for this: https://en.wikipedia.org/wiki/Dynix_(software)

KPGv2 5 hours ago||

yeah, same here, I was like "wow what an interesting side to their business, a whole operating system intended to serve public and academic libraries!"

tombert 6 hours ago||

I’m not sure I understand what a library OS is; can someone here elaborate?

wrs 5 hours ago||

A library OS is an OS that is linked directly to your program instead of being a separate program accessed through a syscall to kernel mode. About the same as a “unikernel”, but a more recent term.

Basically it lets your program run directly on a hypervisor VM, though this one will also run as a Linux/Windows/BSD process.

greatgib 5 hours ago||

My understanding of this is that it is a sandbox. Providing a common interface like if it was an OS for the program to run inside, but avoiding the program to use the OS directly.

What is unclear is if it uses its own common ABI or if you use the one of the host os. I don't know why but from the project description I have a little bit of feeling that this is another vibe coded project.

mlacks 2 hours ago||

Library Operating System (LibOS) is a type of operating system that runs in the address space of applications, allowing for a small, fixed set of abstractions to connect the library OS to the host OS kernel. This approach offers the promise of better system security and more rapid independent evolution of OS components. LibOS can run significant applications, such as Microsoft Excel, PowerPoint, and Internet Explorer, with significantly lower overhead than a full VM. It can also address many of the current uses of hardware virtual machines at a fraction of the overheads. 1

LibOS is lightweight, with extremely short startup time, and can be used to run Linux programs, making it a versatile option for various applications. It is designed to provide compatibility and sandboxing without the need for VMs, making it a lightweight alternative to containers and VMs. 1

The Library Operating System for Linux was announced on the Linux kernel mailing list, indicating its official recognition and support within the Linux community.

sneak 1 hour ago||

It runs linux programs, not PowerPoint or Excel.

HendrikHensen 1 hour ago||

Thanks, ChatGPT.

salvesefu 1 hour ago||

The GPT found this and thought it was relevant: "an introduction of library operating system for Linux" - https://lwn.net/Articles/637658/

dzonga 1 hour ago||

Microsoft gonna release a windows flavored Linux Distro soon ;)

throwoutway 5 hours ago||

No mention of starting with a design specification & then tied to formal verification the whole way?

It sounds interesting and a step forward (never heard of library Os itll now), but why won't this run into hundreds of the same security bugs that plague Windows if it's not spec'd and verified?

anon291 5 hours ago|

People seem to believe writing things in rust means it's correct.

bg24 3 hours ago|

Would be nice to see an OCI runtime and if it can give high-performant I/O as opposed to other we have today (eg. Gvisor).

More comments...