[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [MirageOS-devel] Mirage OS and Qubes OS integration

Hi,

What about mirage firewall integration? Leonard is working hard ^^ https://github.com/talex5/mirage-qubes

Le lundi 8 février 2016 16:24:04 UTC+1, Anil Madhavapeddy a écrit :
On 7 Feb 2016, at 22:33, Thomas Leonard <tal...@xxxxxxxxx> wrote:
>
>> How is that related to Mirage OS? It can be distributed/installed as
>> minimal root.img, containing just /boot directory with:
>> - a Mirage OS binary
>> - grub2 configuration starting it
>>
>> Why not installing it directly as a kernel (also using some new qrexec
>> service)? Two reasons:
>> - VM kernel loaded from dom0 filesystem is parsed by a toolstack
>>   running there. While the attack surface is quite small here
>>   (probably only uncompressing code), it still exists

This is indeed how we boot on EC2 at the moment (which uses pv-grub also).

https://github.com/mirage/mirage/blob/master/scripts/ec2.sh

A Mirage Xen unikernel is wrapped in a minimal image that includes a grub.conf that points to it.

Anil
_______________________________________________
MirageOS-devel mailing list
MirageOS-devel@xxxxxxxxxxxxxxxxxxxx
http://lists.xenproject.org/cgi-bin/mailman/listinfo/mirageos-devel

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.