On Wed, Oct 14, 2020 at 8:24 PM <tetrahe...@danwin1210.me> wrote: > > A number of people are working on integrating OpenBSD into Qubes. > > In particular, OpenBSD's hardening and mitigations are potentially very > useful in talking to the NIC: Xen vulnerabilities have been repeatedly > found that would allow a guest with PCI access to compromise the entire > system, and on most machines the network card is a PCI device.
How could any hardening in OpenBSD protect from someone owning the hardware? Or do you mean that an OpenBSD guest would run with exclusive access to the NIC and then every other guest is routed through that guest?
