|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [MirageOS-devel] Xen vs Qubes target
On Sun, 22 Mar 2020 at 18:28, Hannes Mehnert <hannes@xxxxxxxxxxx> wrote: > > Hi, > > I'm still struggling why there is a separate `-t qubes` target from the > `-t xen`, and furthermore why qubes-mirage-firewall etc. use `-t xen` > (and not `-t qubes`). From my understanding, the main difference in the > mirage tool is the default IP configuration, which uses > Qubes_ipv4.Make(..) for the qubes target, and Static_ipv4.Make(..) for > the Xen target. As I recall, `-t qubes` was designed so that unikernels that don't know anything about Qubes can run there. e.g. it automatically started dummy versions of services (e.g. qrexec, qubesdb, gui) that were required. Unikernels that make use of Qubes features specifically use `-t xen` so they can start these services manually and have full control over them. However, it may be less useful than it used to be, as Qubes no longer requires dummy services to be provided (see `man qvm-features`), and it would probably be better simply to disable any defaults that the unikernel overrides (maybe mirage already does this; I don't remember). > I'm asking since I intended to work on "use /qubes-random-seed from > QubesDB to seed the RNG", but I'm not sure how the logic should be to > decide whether to use this or not, I initially thought "if the target is > Qubes", but given the above, it may be more suitable to read this value > "if qubesdb is used and as well the random number generator" -- but > unfortunately I don't know how such a logic could be embedded in functoria. > > Any ideas / pointers? -- talex5 (GitHub/Twitter) http://roscidus.com/blog/ GPG: 5DD5 8D70 899C 454A 966D 6A51 7513 3C8F 94F6 E0CC _______________________________________________ MirageOS-devel mailing list MirageOS-devel@xxxxxxxxxxxxxxxxxxxx https://lists.xenproject.org/mailman/listinfo/mirageos-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |