Hi, What about mirage firewall integration? Leonard is working hard ^^ https://github.com/talex5/mirage-qubes
Le lundi 8 février 2016 16:24:04 UTC+1, Anil Madhavapeddy a écrit : > > On 7 Feb 2016, at 22:33, Thomas Leonard <[email protected] <javascript:>> > wrote: > > > >> How is that related to Mirage OS? It can be distributed/installed as > >> minimal root.img, containing just /boot directory with: > >> - a Mirage OS binary > >> - grub2 configuration starting it > >> > >> Why not installing it directly as a kernel (also using some new qrexec > >> service)? Two reasons: > >> - VM kernel loaded from dom0 filesystem is parsed by a toolstack > >> running there. While the attack surface is quite small here > >> (probably only uncompressing code), it still exists > > This is indeed how we boot on EC2 at the moment (which uses pv-grub also). > > https://github.com/mirage/mirage/blob/master/scripts/ec2.sh > > A Mirage Xen unikernel is wrapped in a minimal image that includes a > grub.conf that points to it. > > Anil
_______________________________________________ MirageOS-devel mailing list [email protected] http://lists.xenproject.org/cgi-bin/mailman/listinfo/mirageos-devel
