Genode 📖 Wikipedia

Genode
The desktop system Sculpt based on Genode
Developer	Genode Labs
Written in	C++
Working state	Current
Source model	Open source
Initial release	2008; 18 years ago (2008)
Latest release	26.05[1]  / 29 May 2026; 18 days ago (29 May 2026)
Repository	codeberg.org/genodelabs/genode
Marketing target	Desktop computers Embedded systems
Available in	English
Supported platforms	ARM, RISC-V, x86-64
Kernel type	Microkernel
Userland	Genode, POSIX
License	AGPL-3.0-only and commercial
Official website	genode.org

Genode is a novel OS architecture that aims to improve software safety by applying a strict organizational structure to all software components including device drivers, system services, and applications.

Within the Genode project, the Operating System framework is an open-source tool kit for building highly secure component-based operating systems, whereas Sculpt is a pre-built distribution for personal computers and smartphones.

Genode is frequently used in academia for computer science research.

Genode was first conceived as the Bastei OS Architecture^[2] research report at the Technical University of Dresden (TU Dresden). The focus of the report was to determine the practicality of a component-based OS using capability-based security. This work was influenced by concurrent research at Dresden into virtualisation and microkernels which would itself mature into the NOVA microhypervisor^[3] subsequently adopted as the Sculpt kernel. Following the success of an early prototype, the authors of the report founded the company Genode Labs to develop Bastei as the Genode OS Framework.

On 29 May 2026, with the release of 26.05 the Repository is migrated from github to codeberg.^[4]

Genode OS framework is a tool kit for building highly secure special-purpose operating systems. It scales from embedded systems with as little as 4 MB of memory to highly dynamic general-purpose workloads.^[5]

The system is based on a recursive structure. Each program is executed in a dedicated sandbox and gets granted only those access rights and resources that are required to fulfill its specific purpose. Programs can create and manage sub-sandboxes out of their own resources, thereby forming hierarchies where policies can be applied at each level. The framework provides mechanisms to let programs communicate with each other and trade their resources, but only in strictly defined manners. Thanks to this rigid regime, the attack surface of security-critical functions can be reduced by orders of magnitude compared to contemporary operating systems.^[5]

The framework aligns the construction principles of microkernels with Unix philosophy. In line with Unix philosophy, Genode is a collection of small building blocks, out of which sophisticated systems can be composed. But unlike Unix, those building blocks include not only applications but also all classical OS functionalities including kernels, device drivers, file systems, and protocol stacks.^[5]

Genode supports the x86 (32 and 64 bit), ARM (32 and 64 bit), and RISC-V (64 bit) CPU architectures. On x86, modern architectural features such as IOMMUs and hardware virtualization can be utilized. On ARM, Genode is able to take advantage of TrustZone and virtualization technology.^[5]

Genode can be deployed on a variety of different kernels including most members of the L4 microkernel family (NOVA, seL4, Fiasco.OC, OKL4 v2.1, L4ka::Pistachio, L4/Fiasco). Furthermore, it can be used on top of the Linux kernel to attain rapid development-test cycles during development. Additionally, the framework is accompanied with a custom microkernel that has been specifically developed for Genode and thereby further reduces the complexity of the trusted computing base compared to other kernels.^[5]

Genode supports virtualization at different levels:

• Using NOVA or Genode's custom kernel, faithful virtualization via VirtualBox allows for the execution of unmodified guest operating systems as Genode subsystems. Alternatively, the Seoul virtual machine monitor can be used to run unmodified Linux-based guest OSes.
• On ARM, Genode can be used as TrustZone monitor, or as a virtual machine monitor that facilitates ARM's virtualization extensions.^[5]

The Framework consists of hundreds of ready-to-use components such as:

• Device drivers for most common PC peripherals including networking, storage, display, USB, PS/2, Intel wireless, Intel GPUs, and audio.
• Device drivers for a variety of ARM-based SoCs, in particular the NXP i.MX family.
• A GUI stack including a low-complexity GUI server, window management, and widget toolkits such as Qt.
• Networking components such as TCP/IP stacks and packet-level network services.
• Applications based on the POSIX interface, including GNU coreutils, bash, GCC, binutils, and findutils.^[5]

Genode is offered as free and open source software with commercial licensing available on request.^[6]

Updates are released quarterly.^[7] Development follows a roadmap for each year with longer term aspirations listed separately.^[8]

Pre-built general purpose operating system for commodity PC hardware and the PinePhone. As Genode Labs' in-house distribution Sculpt is used daily by the Genode developers.^[9]

The design of the user interface is guided by the underlying design philosophy of Genode and thus diverges from mainstream convention.^[10] This approach is typified by "Leitzentrale", an interactive chart of the system components, accessible at any time. A sizeable library of applications have been ported to Sculpt from KDE.

The name "Sculpt" derives from the intention for users to sculpt their own desktop incorporating only their desired components.^[11]

Genode Labs maintain extensive documentation of their products.^[12] The master reference is "Genode Foundations" which provides a holistic description of the Framework and is revised annually. This is supported by "Genode Applications" which covers developing and porting applications to Genode, and "Genode Platforms" which deals with low level and hardware related topics.

Genode acknowledge that the unorthodox interface of Sculpt may intimidate some users.^[11] Bryan Lunduke regards Sculpt as the "weirdest" contemporary operating system.^[13]

• HelenOS, a desktop microkernel based operating system
• QNX, a proprietary Unix-like operating system hosted by a microkernel
• Qubes OS, a desktop operating system that provides security through virtualization
• Fuchsia, a capability based OS from Google
• Capability-based security
• RedoxOS

Wikimedia Commons has media related to Genode.

Official websites

• Official website
• Genodians (Genode community blog)
• Genode Labs

Research projects

• KV-Cache: A Scalable High-Performance Web-Object Cache for Manycore
• TrApps: Secure Compartments in the Evil Cloud
• Development of an Embedded Platform for Secure CPS Services
• Secure-OS project of IIT Madras
• Kernel isolation of a Capability-based security Operating System
• Mobile Device Security with ARM TrustZone