Back to the Overview

ELinOS 7.0.2 Feature List

ELinOS, Linux

Enhanced Security – SELinux

  • Extends ELinOS Security concept by using in-kernel security modules
  • Enforces Mandatory Access Control (MAC) with security policies
  • Limit privileges of user programs, system services, file access and network resources
  • Root user limited as well
  • Set of kernel modifications and user space tools
  • ELinOS provides the SELinux reference implementation by providing a ready-to-use feature

Read the blog post about SELinux

Enhanced Security – ANSSI Conformance

  • French National Cybersecurity Agency
  • Guideline for “Configuration recommendations of a GNU/Linux system”
  • Multiple hardening levels: Minimal, Intermediary (49 rules), Enhanced (69 rules) and High (81 rules)
  • Provides a feature to reach a specific security level
  • Testsuite for checking conformance to ANSSI rules and security level
  • Generates a summary for the user
  • Tool can be adapted to other local security guidelines, e.g. BSI – IT Grundschutz

Enhanced Security – Audit

  • Linux Auditing System collects certain types of system activities
  • CAPP-compliant (Controlled Access Protection Profiles) auditing system
  • Monitors password changes or system call activities
  • Provides daemon to monitor and log events (auditd)

Enhanced Security – Address Space Layout Randomization (ASLR)

  • Security measure against the abuse of buffer overflows in processes
  • Uses random locations for ELF sections
  • Compiler generates Position Independent Code (PIC/PIE)
  • Enabled by all shipped ELinOS binaries
  • Automatically enabled in Cross Toolchain for self compiled source code
  • Enables ASLR in kernel (KASLR) on supported platforms

Learn more about ASLR

Over-the-Air (OTA) Update / System Upgrade

  • Tool to create and install system update images based on SWUpdate
  • Supports customized update strategies
    • Update of single user application only
    • Full partition update with A/B or Rescue partitions

  • Highly configurable by supporting version check and pre-/post installation scripts
  • Update image can be prepared on the development machine
  • Single image delivery
  • Supports image validation and authentication
  • Integrated Web-Server to upload the image and execute update
  • API to integrate into user provided application

Learn more about Over-the-Air Software Updates

Boot to Qt

  • Feature to automatically boot a Qt application
  • Documentation how to integrate ELinOS into Qt Creator

BSP Updates

  • i.MX6 and i.MX8 updated to NXP 1.1.0 release
  • VMWare BSP updated to support SATA and 64bit

Minor Features

  • New Feature for early user space init
  • New autostart feature
  • P4Linux optimization for reading the TSC clock in userspace on x86_64
  • New Python v3 feature


  • CVE-2021-33909 aka Sequoia fixed
  • Linux kernel update to v4.19.205
  • more than 100 security related CVEs fixed
  • Multiple improvements for the PikeOS Virtual Clock Manager driver
  • ltrace on ARMv8 support
  • P4Linux MSI-X interrupt detection fixed

Learn more at