Is X11 forwarding still implemented?
Jookia
166291 at ...9...
Thu Jun 18 17:50:46 CEST 2015
On Tue, Jun 16, 2015 at 05:59:30PM +0200, Norman Feske wrote:
> Hi Jookia,
Hi again,
> For a setup like the Turmvilla scenario where we have just a single
> "rich" Linux instance and a growing number of native Genode components,
> TrustZone would work well. If you decide to go this route, you may
> benefit from Martin's current line of work on providing a virtual block
> device to the normal world. The secure world retains the exclusive
> access to the real device and can make a partition available to the
> normal world. For the Turmvilla scenario, however, we need to complement
> this with something similar for the framebuffer and input devices. I
> just remember that we started our discussion exactly with this topic.
> :-) If you decide to give it a go, this would be very cool.
I'd certainly like to see this happen, perhaps I could re-use some work of
Qubes' implementation: https://www.qubes-os.org/doc/GUIdocs/
> You can actually run a fully-fledged Genode system in the secure world
> (as your future "normal" OS) and use the normal world for the "rich
> Linux VM".
That's great, though it's a bit of a hack for my use case. I'm using TrustZone
to trust less hardware instead of something like an IOMMU. Using it to also
provide application compatibility starts to break down the abstraction further
as there's now the three categories: untrusted hardware running GNU/Linux
applications, trusted hardware running GNU/Linux applications and trusted
hardware running Genode applications.
Unfortunately to my knowledge I can't use TrustZone and L4Linux or another
virtual machine together given base-hw's current feature set. Someone would have
to set up Fiasco.OC's TrustZone suppoort to work with Genode. So I think that
rules out both hardware isolation and secure GNU/Linux instances. Are there any
plans to change this?
For now I might focus on Fiasco.OC rather than TrustZone.
> Instead of going the Qubes route of using multiple Linux VMs as
> appliances, I would prefer to enable functionality natively on Genode
> without relying on virtual machines. There are two motivations behind
> this direction. First, native components are much lighter (with respect
> to resources, startup times, and the ease of configuration). Second,
> only by following this way, Genode will eventually become a
> self-sustainable system. If we keep on relying on the Linux kernel as
> application runtime, this will possibly never happen.
I completely agree!
> Cheers
> Norman
Cheers,
Jookia.
More information about the users
mailing list