Is X11 forwarding still implemented?

Norman Feske norman.feske at ...1...
Mon Jun 15 10:15:03 CEST 2015


Hi Jookia,

> I see! I assumed it was doing something like Qubes does, given it's one of the
> things that lead me to Genode as it's not available on ARM or using TrustZone.

the result looks similar (seamlessly integrated windows of different
domains) but the underlying mechanism is different.

>> The mechanism worked well enough to integrate one or multiple X11 window
>> systems into one nitpicker GUI. However, today, in the age of window
>> compositing, I would implement this feature differently. Instead of
>> relying on a guest-OS window manager to manage the X11 windows, I would
>> use a custom compositor that exports the buffers with the content of
>> each window to the Genode world - similar to how the X11 integration
>> works on Qubes OS. This approach has the benefit that all windows (of
>> both Linux applications and Genode applications) could be managed by a
>> single window manager running on Genode.
> 
> Which sounds like something I might look in to doing. I'm a newbie but I have
> passion, which I suppose makes up for it? I'm not really confident enough to
> think I could do this securely though I suppose if I went the route of trying to
> get it upstreamed as a Genode feature it'd get code reviewed, yes?

Sure! Don't be afraid of making mistakes. We all do. ;-)

>> That said, right now, there is no tangible plan on our side to implement
>> this idea. Maybe you'd like to investigate it? ;-)
> 
> Perhaps. My main concern is secure communication between Genode and GNU/Linux.
> Or Genode and Genode. I'd like to eventually glue a bunch of running machines
> together, virtual or not, and build a metamachine that I can use for my
> computing, with secure logins somehow.
> 
> Right now the virtual machine monitor I've seen communicates through UART which
> I don't imagine has a particularly good amount of bandwidth. I assume Genode has
> some kind of IPC, perhaps it'd be nice to extend this to run with services on
> other machines (virtual or physical) which could be provided by other Genode or
> X11 services.
> 
> This sounds convoluted but eventually I'd like to have Genode running in the
> normal world too and use the secure world for my actual screen and keyboard
> inputs. Perhaps even scaling it up we could start to see situations where I
> could use my laptop as a thin screen and keyboard for applications running on my
> desktop. That's maybe too radical and dreamy.

Thanks for sharing your motivation behind exploring Genode.

As you are repeatedly speaking of TrustZone, I assume that you are going
to target ARM only?

Cheers
Norman

-- 
Dr.-Ing. Norman Feske
Genode Labs

http://www.genode-labs.com · http://genode.org

Genode Labs GmbH · Amtsgericht Dresden · HRB 28424 · Sitz Dresden
Geschäftsführer: Dr.-Ing. Norman Feske, Christian Helmuth




More information about the users mailing list