Hi Demi! my goal is to bring seL4 to the average user via running a browser Firefox?? on top of seL4 so compromising the browser makes "impossible" to cross the seL4 virtualization barrier (let's ignore emulation layers exposure surface). From here possibilities are endless: running virtualized browser on top of seL4 on top of an insecure OS (Windows/Linux/Mac.. ), running multiple VMs (similar to QubesOS), etc. Every scenario is different. The Linux guest, is, as far I understand ciber security, untrusted (Linux kernel is untrusted). Everything on top (i.e. Firefox) untrusted. The hardware will depend. Right now is x86_64 but I'm emulating aarch64 via qemu to speed up dev things as for me x86_64 seL4 support is still too complex (I"m alone on seL4 dev stuff so I always look the easiest path for demo purposes). Anyway, the hardware is not something I care, things are evolving so fast...( https://docs.qualcomm.com/bundle/publicresource/topics/80-62010-1/Getting-st...) ideas are more important and I bet on experimenting with seL4 to virtualize anything anywhere. The only thing I care here in this kind of virtualization is all the "glue" software to get hardware access on the host (now I use qemu but who knows, maybe at some point someone can remove qemu and run seL4 natively virtualized on Windows/Linux/Mac). We put a man on the Moon... Not sure how this experiment will end up, what I'm sure is I want to use seL4 everywhere, and Windows looks to me like the perfect Circus for my little Frankenstein... :-) El jue., 11 abr. 2024 18:06, Demi Marie Obenour <demiobenour@gmail.com> escribió:
Thank you Peter, I'll give it a try... Anyway, is there any "out-of-the-box" example of a Linux Guest with gpu passthrough enabled? I mean, it would be nice to have a real example demo ready to use so engineers/companies around the Globe can try it. I'm getting mad trying to run a Firefox in a Linux Guest (see attached screenshot) and was jut able to start it on a headless Linux guest server with no GPU (remote X window) but performance is horrible (not usable) so I can not even do a demo. This is a show stopper for seL4. It is nice to have all the stuff to build
"from scratch", but the market needs "ready to use" stuff so people can
On 4/10/24 04:32, Hugo V.C. wrote: thing try
it. Is there anything usable out there (just to try)?🙏
What is your goal here? Is the Linux guest trusted or untrusted? If it is trusted, what untrusted code is running on the system? What hardware are you running on? -- Sincerely, Demi Marie Obenour (she/her/hers)
_______________________________________________ Devel mailing list -- devel@sel4.systems To unsubscribe send an email to devel-leave@sel4.systems