Hi, This past (southern hemisphere) summer at NICTA we've had a student start work on a port of Qubes to seL4 . This work mainly focussed on providing the seL4 backend support needed for the Qubes R3 Hypervisor-Abstraction-Layer (see [1][2][3] for some info about the HAL and backend support it requires). The status of the project at the moment is that we have support for inter-VM communication using vchan and qrexec, and a very simple libvirt wrapper (that doesn't do much yet).
However there is still a bunch work to do in getting much of the libvirt functionality (managing VMs including creating and destroying VMs at runtime) working, and then getting the rest of Qubes running based on this backend support. Ihor [1] http://theinvisiblethings.blogspot.com.au/2013/03/introducing-qubes-odyssey-framework.html [2] http://theinvisiblethings.blogspot.com.au/2013/06/qubes-os-r3-alpha-preview-odyssey-hal.html [3] http://theinvisiblethings.blogspot.com.au/2014/11/qubes-r3odyssey-initial-source-code.html -- Ihor Kuz Senior Researcher NICTA | Locked Bag 6016 | UNSW, Sydney NSW 1466 T + 61 2 8306 0582 | F +61 2 8306 0406 www.nicta.com.au l [email protected] On 18/03/2015, at 10:35 PM, WhonixQubes <[email protected]> wrote: > Hello, > > I am the maintainer of the Qubes + Whonix project... > > https://www.whonix.org/wiki/Qubes > > Which is the port of Whonix OS (think a more secure Tor proxied VM) to Qubes > OS, which has upstream integration into the Qubes codebase now. > > > I am very interested in secure minimal kernels and hypervisors, and have been > discussing these topics publicly and privately with other interested > developers and investors recently. > > And I am also positioning to bring development resources to low-level > projects that can achieve a more optimal (and verifiable) secure TCB than > bloated Linux-based systems, as Qubes Dom0 is currently based upon. > > > Actually being able to read through and know all the code that is running on > a mission critical machine, a novel thought, huh. ;) > > > I am most interested in this Qubes blurb on the seL4 website... > > > https://sel4.systems/GettingStarted > > "Qubes is an open source operating system designed to provide strong security > for desktop computing using virtualisation to provide isolation. Qubes is > based on Xen. seL4 is a much better fit for Qubes. The project is to port > Qubes to seL4 (or develop an alternative Qubes-like system for seL4)." > > > I absolutely agree with this and would like to know more about what Qubes > development project might already underway be in the seL4 community in order > to consider the opportunity of providing some real assistance in the future. > > What's the status of this seL4 Qubes port project and who can I get in touch > with to talk more about accomplishing it? > > > Thanks! :) > > WhonixQubes > > _______________________________________________ > Devel mailing list > [email protected] > https://sel4.systems/lists/listinfo/devel _______________________________________________ Devel mailing list [email protected] https://sel4.systems/lists/listinfo/devel
