Is X11 forwarding still implemented?

Norman Feske norman.feske at ...1...
Tue Jun 16 17:59:30 CEST 2015


Hi Jookia,

thanks for explaining your background. Now the picture becomes much clearer.

> I'm also a big fan of Qubes and security through isolation. Unfortunately, the
> Novena uses the i.MX6 chipset which has an ARM Cortex-A9 CPU which means there's
> no capacity for hardware-based virtualization or isolation. So I'm left with
> three choices: Don't isolate my environment and use a single GNU/Linux desktop,
> try porting Qubes to LXC and have a monolithic kernel as a hypervisor, or go
> down the road of using the wrong tool for the job: TrustZone.

For a setup like the Turmvilla scenario where we have just a single
"rich" Linux instance and a growing number of native Genode components,
TrustZone would work well. If you decide to go this route, you may
benefit from Martin's current line of work on providing a virtual block
device to the normal world. The secure world retains the exclusive
access to the real device and can make a partition available to the
normal world. For the Turmvilla scenario, however, we need to complement
this with something similar for the framebuffer and input devices. I
just remember that we started our discussion exactly with this topic.
:-) If you decide to give it a go, this would be very cool.

>>From what I know TrustZone is ideally used to host a small secure operating
> system alongside a regular operating system. I'd like to be able to use the
> TrustZone as my normal operating system and use the normal world for untrusted
> hardware like network adapters or USB sticks. Combining this with L4Linux I'm
> hoping I'll be able to have some virtual machines spread out in a Qubes fashion
> with some hardware protection.

You can actually run a fully-fledged Genode system in the secure world
(as your future "normal" OS) and use the normal world for the "rich
Linux VM".

Instead of going the Qubes route of using multiple Linux VMs as
appliances, I would prefer to enable functionality natively on Genode
without relying on virtual machines. There are two motivations behind
this direction. First, native components are much lighter (with respect
to resources, startup times, and the ease of configuration). Second,
only by following this way, Genode will eventually become a
self-sustainable system. If we keep on relying on the Linux kernel as
application runtime, this will possibly never happen.

Cheers
Norman

-- 
Dr.-Ing. Norman Feske
Genode Labs

http://www.genode-labs.com · http://genode.org

Genode Labs GmbH · Amtsgericht Dresden · HRB 28424 · Sitz Dresden
Geschäftsführer: Dr.-Ing. Norman Feske, Christian Helmuth




More information about the users mailing list