Hugo V.C. wrote:
> " So I was assuming the isolation between VMs are more assured using sel4."
>
> Yes. isolation is what is guaranteed and proved by seL4. This is the
> "magic" of having it´s code formally verified and what makes the difference
> with any other solution, in terms of isolation.
>
> "In itself I am not worried if the VM is compromised."
>
> Then go ahead. But remember that if VM is compromised then the solution is
> compromised. So if you need to sell/distribute this solution you will need
> to argue to your customers/users why you don´t care about VM compromise...
>
> "Perhaps I could get usb stack ported natively... "
>
> Anything you strip down from the VMs and port it to native code you get a
> giant improvement in terms of security.
>
> El mié, 19 oct 2022 a las 7:54, <james.hillman07(a)gmail.com> escribió:
>
> > Hugo V.C. wrote:
> > "My intention was to use a minimum image
> > with no UI but importantly the
> > USB
> > drivers/stack."
> >
> > Sure. This is a common approach and default VMs examples of seL4
> > tutorials
> > are exactly that: a kernel + busybox, so no UI.
> > Still this is just Linux
> > with a very big kernel...
> >
> >
> > El mié., 19 oct. 2022 6:37, <james.hillman07(a)gmail.com>
> > escribió:
> >
> > > Thanks everyone, really enjoy reading the discussion.
> > > Sorry for the lazy
> > > untargetted use of the word Linux. My intention was to use a minimum
> > image
> > > with no UI but importantly the USB
> > drivers/stack.
> > >
> > > I guess the key issue is what the best data rate I could hope for
> > between
> > > the VMs.
> > > _______________________________________________
> > > Devel mailing list -- devel(a)sel4.systems
> > > To unsubscribe send an email to devel-leave(a)sel4.systems
> > >
> > >
> > So I was assuming the isolation between VMs are more assured using sel4.
> > In itself I am not worried if the VM is compromised. Perhaps I could get
> > usb stack ported natively...
> > _______________________________________________
> > Devel mailing list -- devel(a)sel4.systems
> > To unsubscribe send an email to devel-leave(a)sel4.systems
> >
> >
Thanks for confirming and continuing the discussion. I think my use case the
system gets reset (read only os) on every use and a typical use time is perhaps
a few minutes. In terms of minimising the impact of comprimise I'm thinking of
using three VMs - insecure/comprimise exposed, a "between states" VM which
would enforce data flow syntax/packet checking between the other two VMs, and a
secure/trusted VM.
_______________________________________________
Devel mailing list -- [email protected]
To unsubscribe send an email to [email protected]
