[seL4] Re: Suitability for a project

"So I'm interested in sel4 as I could run the processes in Linux VMs" Sure, you can do it, but then the Linux Kernel becomes the weakest point and you have little or no control over it. Ideally, I would not pass any sensible data flow to Linux, more over if there's any potential interaction with humans or something that can be manipulated by humans in any way. Any. Instead, use seL4 native app to do the sensible job and just use Linux for the "toys" (GUI, data rendering to human format, etc). In my security designs I do all sensible stuff in native seL4 apps then I have an spartan and very controlled interface with Linux VM. Don't let Linux handle sensible data flows... Just an idea... hope it helps. El mar., 18 oct. 2022 22:30, Gernot Heiser escribió:

On 9 Oct 2022, at 19:51, James Hillman wrote:

...

Hi Sel4 developers,

I am new to this forum and hoping this is the right place to bounce my project idea off. I typically use FPGA to enforce security in my products but there are lots of reasons why FPGAs are not suitable for all use

...

I have also used low end microcontroller where one can review all the code to understand the security risks.

My latest project however involves two USB processes (one for each

...

connection) with high throughput expectations. And to pass data streams at high typical throughput between them. Due to the wide range of USB type of devices I fear this would be too much code to review - it feels very OS like. Note, I don't need a GUI, it's headless.

So I'm interested in sel4 as I could run the processes in Linux VMs if I understand sel4 correctly. And whilst it's not the smallest processors I think they need to be more powerful to support the speeds. So this is fine . I am unsure how much of this project is already done, mainly thinking

cases. physical the

...

usb driver perspective.

encapsulating drivers/protocol stacks into VMs is a standard design pattern. The seL4 Device Driver Framework will explicitly support this for Linux drivers, but it’s not going a high-performance approach…

Gernot

_______________________________________________ Devel mailing list -- devel@sel4.systems To unsubscribe send an email to devel-leave@sel4.systems