Hi Tony,

My tongue in cheek response would be to say that you are doing this backwards and you should be wanting to run Xen on seL4.

More seriously though, what is the value that seL4 is providing in this setup? What are the specific threat scenarios that seL4 is mitigating against? If you are using seL4 to provide isolation of two applications, then since you are already relying on the isolation provided by Xen, why not cut out seL4 and run those two applications directly on Xen?

Not trying to discourage the proliferation on seL4, but we have not yet seen a compelling reason to want to run seL4 under something like Xen, which is part of the reason why we have made no effort to support it.

Adrian

On Sat 07-Jan-2017 6:11 AM, Tony Arcieri wrote:
Has anyone managed to run seL4 as a Xen HVM guest? I was more specifically curious about running seL4 on an EC2 instance.

I was curious about the possibility of using seL4 as the host OS for a "unikernel"-like deployment of a Rust application split into a small set of services living in different capability spaces (e.g. network, key storage / crypto)

--
Tony Arcieri


_______________________________________________
Devel mailing list
Devel@sel4.systems
https://sel4.systems/lists/listinfo/devel