-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
On Mon, Aug 08, 2022 at 03:24:51PM +0200, Hugo V.C. wrote:
You are absolutely rigth Demi. Anyway, I think the point here is not to "switch" from Xen to seL4, which is an giant task, but to start "something", some port of QubesOS, based on seL4. Obviously, it will lack most features, bad hardware support, etc, but I guess that as soon there's something that can be run, the community will slowly add effort to such project. If you remember the first versions of Linux, desktop support was horrible... But at some point there should be people starting new challenging stuff. I don't think we can have a QubesOS based on seL4 at short term, but if we start now, it can be a reality in few years. I can smell lot of interest on it...
- From a Qubes OS perspective, the approach I would prefer is to first get Qubes OS working on seL4, with the control plane running in a Linux VM as it does now. This is definitely less than optimal, but it is likely the quickest way to get Qubes on seL4 working at all, and therefore the solution that is the most likely to actually be finished. Over time, more and more of the code can be replaced by native seL4 components as those components become available. For instance, the firewall is currently based on Linux, but it is a stand-alone component that already has an alternative implementation based on MirageOS. Therefore, it would be an excellent candidate for replacement with a firewall running natively on seL4. - -- Sincerely, Demi Marie Obenour (she/her/hers) Invisible Things Lab