Hi Demi!
my goal is to bring seL4 to the average user via running a browser
Firefox?? on top of seL4 so compromising the browser makes "impossible" to
cross the seL4 virtualization barrier (let's ignore emulation layers
exposure surface). From here possibilities are endless: running virtualized
browser on top of seL4 on top of an insecure OS (Windows/Linux/Mac.. ),
running multiple VMs (similar to QubesOS), etc. Every scenario is different.
The Linux guest, is, as far I understand ciber security, untrusted (Linux
kernel is untrusted). Everything on top (i.e. Firefox) untrusted.
The hardware will depend. Right now is x86_64 but I'm emulating aarch64 via
qemu to speed up dev things as for me x86_64 seL4 support is still too
complex (I"m alone on seL4 dev stuff so I always look the easiest path for
demo purposes). Anyway, the hardware is not something I care, things are
evolving so fast...(
https://docs.qualcomm.com/bundle/publicresource/topics/80-62010-1/Getting-st...)
ideas are more important and I bet on experimenting with seL4 to virtualize
anything anywhere.
The only thing I care here in this kind of virtualization is all the "glue"
software to get hardware access on the host (now I use qemu but who knows,
maybe at some point someone can remove qemu and run seL4 natively
virtualized on Windows/Linux/Mac). We put a man on the Moon...
Not sure how this experiment will end up, what I'm sure is I want to use
seL4 everywhere, and Windows looks to me like the perfect Circus for my
little Frankenstein... :-)
El jue., 11 abr. 2024 18:06, Demi Marie Obenour
Thank you Peter, I'll give it a try... Anyway, is there any "out-of-the-box" example of a Linux Guest with gpu passthrough enabled? I mean, it would be nice to have a real example demo ready to use so engineers/companies around the Globe can try it. I'm getting mad trying to run a Firefox in a Linux Guest (see attached screenshot) and was jut able to start it on a headless Linux guest server with no GPU (remote X window) but performance is horrible (not usable) so I can not even do a demo. This is a show stopper for seL4. It is nice to have all the stuff to build
"from scratch", but the market needs "ready to use" stuff so people can
On 4/10/24 04:32, Hugo V.C. wrote: thing try
it. Is there anything usable out there (just to try)?🙏
What is your goal here? Is the Linux guest trusted or untrusted? If it is trusted, what untrusted code is running on the system? What hardware are you running on? -- Sincerely, Demi Marie Obenour (she/her/hers)
_______________________________________________ Devel mailing list -- devel@sel4.systems To unsubscribe send an email to devel-leave@sel4.systems