Abstract
For far too long the perceived necessity of low level coding in C lead to unsafe implementations. Go is not yet seen as a prime candidate for drivers and firmware. We aim to prove that the Go runtime can be a 1st class citizen in creating beautiful bare metal unikernels. We have developed TamaGo, a Go based operating environment framework which aims to allow deployment of firmware for powerful embedded ARM devices by using 0% C and 100% Go code. The goal is to dramatically reduce the attack surface posed by complex OSes while allowing unencumbered Go applications. TamaGo consists of a minimal, clean, compiler modification and driver set for ARM SoCs, which allows bare metal drivers and applications to be executed with pure Go code and minimal deviations from the standard Go runtime. The presentation explores the inspiration, challenges and implementation of such framework as well as providing sample applications that benefit from a pure Go bare metal environment. Deploying unikernels in pure Go allows a considerable reduction of embedded firmware attack surface, while maintaining the strength of Go runtime standard (and external) libraries. This enables the creation of HSMs, cryptocurrency stacks and many more applications without the requirement for complex OSes and libraries as dependencies.
