"So I'm interested in sel4 as I could run the processes in Linux VMs"
Sure, you can do it, but then the Linux Kernel becomes the weakest point and you have little or no control over it.
Ideally, I would not pass any sensible data flow to Linux, more over if there's any potential interaction with humans or something that can be manipulated by humans in any way. Any. Instead, use seL4 native app to do the sensible job and just use Linux for the "toys" (GUI, data rendering to human format, etc).
In my security designs I do all sensible stuff in native seL4 apps then I have an spartan and very controlled interface with Linux VM. Don't let Linux handle sensible data flows...
Just an idea... hope it helps.
El mar., 18 oct. 2022 22:30, Gernot Heiser gernot@unsw.edu.au escribió:
On 9 Oct 2022, at 19:51, James Hillman james.hillman07@gmail.com wrote:
Hi Sel4 developers,
I am new to this forum and hoping this is the right place to bounce my project idea off. I typically use FPGA to enforce security in my products but there are lots of reasons why FPGAs are not suitable for all use
cases.
I have also used low end microcontroller where one can review all the
code
to understand the security risks.
My latest project however involves two USB processes (one for each
physical
connection) with high throughput expectations. And to pass data streams
at
high typical throughput between them. Due to the wide range of USB type
of
devices I fear this would be too much code to review - it feels very OS like. Note, I don't need a GUI, it's headless.
So I'm interested in sel4 as I could run the processes in Linux VMs if I understand sel4 correctly. And whilst it's not the smallest processors I think they need to be more powerful to support the speeds. So this is
fine
. I am unsure how much of this project is already done, mainly thinking
the
usb driver perspective.
encapsulating drivers/protocol stacks into VMs is a standard design pattern. The seL4 Device Driver Framework will explicitly support this for Linux drivers, but it’s not going a high-performance approach…
Gernot
Devel mailing list -- devel@sel4.systems To unsubscribe send an email to devel-leave@sel4.systems