General Feature Questions ​

What can I implement using openEuler WSL ​

You can implement the following using openEuler WSL:

• Deploy and use an openEuler LTS version on Windows.
• Create a smooth cross-platform development experience leveraging Visual Studio Code and openEuler WSL.
• Build a Kubernetes cluster in openEuler WSL.
• Use openEuler command-line programs or scripts to process files in Windows or WSL.

What does the hmdfs of openEuler do ​

hmdfs stands for HarmonyOS Distributed File System. It is a soft bus-based distributed file system ported from the OpenHarmony community. hmdfs provides a globally consistent access view for each device dynamically connected to a network via the distributed soft bus (DSoftBus). It allows you to implement high-performance read and write operations on files using basic file system APIs, achieving low latency.

What is the SysCare of openEuler ​

SysCare is a system-level hotfix software that provides security patches and hotfixes for OSs. It can fix system errors without requiring host restarts. SysCare combines kernel-mode and user-mode hot patching to manage system repairs, saving time for users to focus on other aspects of their business. In the future, live OS upgrades will be provided to enhance O&M efficiency.

What is A-Ops ​

A-Ops is an OS-oriented O&M platform that provides intelligent O&M solutions covering data collection, health check, fault diagnosis, and fault rectification. The A-Ops project includes the following sub-projects: Gala (fault detection), X-diagnosis (fault locating), and Apollo (vulnerability rectification).

What capabilities does secGear provide ​

secGear provides:

• Architecture compatibility: It masks differences between various SDK APIs by sharing the same set of source code across multiple architectures.
• Easy development: The development tools and general-purpose security components allow users to focus on services, significantly improving development efficiency.
• High performance: The switchless feature improves interaction performance between the rich execution environment (REE) and trusted execution environment (TEE) by more than 10-fold in typical scenarios, such as frequent REE-TEE interactions and big data interaction.

What security technologies are used in AI for OS ​

Vulnerability discovery: Automatic vulnerability discovery is crucial to OS security. It identifies defects using code analysis, fuzz testing, or both. Traditional fuzz testing tools are often both random and blind when it comes to generating and selecting seeds, mutations, testing, and feedback. In addition, code analysis relies on defect pattern libraries, which need to manually be built by experts. AI improves this by detecting patterns in defect code datasets to enhance the precision and efficiency of vulnerability identification.

Intrusion detection: Modern security threats, such as Advanced Persistent Threats (APT), are sophisticated and persistent. Traditional security defenses often fail against unknown threats. AI enhances security by deeply analyzing data, extracting key features from high-dimensional datasets, and identifying system abnormalities effectively. This improves the accuracy and timeliness of attack blocking methods, such as in abnormal traffic and side-channel attack detection.

What are the advantages of the multi-level scheduling framework provided by openEuler ​

openEuler's multi-level scheduling framework allows you to choose the most suitable scheduling model for your needs and provides the following advantages:

• Higher flexibility and portability compared to traditional process/thread scheduling models.
• Faster model switching and scheduling thanks to the use of lightweight scheduling models.

How does openEuler ensure security ​

openEuler ensures security by providing the following comprehensive security features:

• Authenticity protection
• Integrity protection
• Confidentiality protection

What security isolation technologies does openEuler provide for the industrial sector ​

• Service isolation: Isolates potentially vulnerable services from known sources to minimize the impact of attacks on other system components.
• Code restriction: Limits code from untrusted sources to reduce potential harm to other system components.