" So I was assuming the isolation between VMs are more assured using sel4."
Yes. isolation is what is guaranteed and proved by seL4. This is the
"magic" of having it´s code formally verified and what makes the difference
with any other solution, in terms of isolation.
"In itself I am not worried if the VM is compromised."
Then go ahead. But remember that if VM is compromised then the solution is
compromised. So if you need to sell/distribute this solution you will need
to argue to your customers/users why you don´t care about VM compromise...
"Perhaps I could get usb stack ported natively... "
Anything you strip down from the VMs and port it to native code you get a
giant improvement in terms of security.
El mié, 19 oct 2022 a las 7:54,
Hugo V.C. wrote:
"My intention was to use a minimum image with no UI but importantly the USB drivers/stack."
Sure. This is a common approach and default VMs examples of seL4 tutorials are exactly that: a kernel + busybox, so no UI. Still this is just Linux with a very big kernel...
El mié., 19 oct. 2022 6:37, <james.hillman07(a)gmail.com> escribió:
Thanks everyone, really enjoy reading the discussion. Sorry for the lazy untargetted use of the word Linux. My intention was to use a minimum image with no UI but importantly the USB drivers/stack.
I guess the key issue is what the best data rate I could hope for between the VMs. _______________________________________________ Devel mailing list -- devel(a)sel4.systems To unsubscribe send an email to devel-leave(a)sel4.systems
So I was assuming the isolation between VMs are more assured using sel4. In itself I am not worried if the VM is compromised. Perhaps I could get usb stack ported natively...
Devel mailing list -- devel@sel4.systems To unsubscribe send an email to devel-leave@sel4.systems