Runtime Architecture
Legato's runtime architecture manages each app in its own sandbox.
Apps communicate with each other using access-controlled message-passing services.
The Supervisor automatically creates sandboxes.
Applications
An application (we call them 'apps') is a collection of executable files, libraries, and/or other resource files (e.g., audio files, web pages) that can be deployed to a target device. Once installed on a device, an app can be started and stopped.
By default, each app runs in its own sandbox. When an app is constructed, all the files and IPC services it needs to access are declared. At runtime, the Supervisor and the Service Directory enforce that only approved files and IPC services are accessed by that app.
Supervisor
The Supervisor is a privileged process running on the target device that:
- creates and destroys Sandboxes for apps
- starts and stops apps
- performs fault recovery when apps fail (e.g., restarting the app).
Service Directory
Legato's Service Directory provides a secure way for client processes to find servers offering services they need, which ensures only authorized connections are established.
Config Tree
The Config Tree provides persistent App/System Configuration data storage organized in a tree structure.
Command line config tool
Config Tree API
Watchdog
Legato kickable watchdog service provides a timeout that can be configured in defFilesAdef
or specified at run time. If a kick is not received in the specified time, the supervisor signals to perform the action specified in watchdogAction.
Watchdog Service
Application Definition .adef
Logs
Legato provides a user-friendly way to control log message filtering for running app processes.
Command line log tool
Logging API.
Update Daemon
The Update Daemon accepts update pack files that contain software/firmware update instructions and associated data like libraries, executables, and resource files.
Update packs can be fed to the Update Daemon through the Software Update API or through the update tool.
The Update Daemon includes hooks that allow update packs to be digitally signed and/or encrypted for security reasons.
Copyright (C) Sierra Wireless Inc.