Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.
Sign upXen "no-real-mode" boot option integration into QubesOS #3388
Comments
andrewdavidwong
added
C: xen
enhancement
labels
Dec 10, 2017
andrewdavidwong
added this to the Release 4.0 milestone
Dec 10, 2017
andrewdavidwong
modified the milestones:
Release 4.0,
Release 4.1
Mar 31, 2018
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
tlaurion commentedDec 10, 2017
•
edited
Edited 7 times
-
tlaurion
edited Dec 13, 2017 (most recent)
-
tlaurion
edited Dec 10, 2017
-
tlaurion
edited Dec 10, 2017
-
tlaurion
edited Dec 10, 2017
-
tlaurion
edited Dec 10, 2017
-
tlaurion
edited Dec 10, 2017
-
tlaurion
edited Dec 10, 2017
Qubes OS version:
3.2, 4.0
Affected TemplateVMs:
dom0
General notes:
I'm wondering if there is any reason, or discussions I haven't found justifying QubesOS not including the effective
no-real-modepatches upstream from (1) (2) into QubesOS for it too boot from linux's coreboot payload.Steps to reproduce the behavior:
Every time QubesOS releases a security fix related to Xen and provides new Xen packages, Heads needs to patch Xen code to provide effective
no-real-modeboot option and include hypervisor binaries in provided firmware, resulting in unnecessary firmware upgrades and flashes from end users and system administrators.Related discussion between Trammel Hudson and Andrew Cooper
Expected behavior:
Inclusion of Heads's patchwork to support optional and effective
no-real-modeXen boot option, from QubesOS or upstream from Xen.Actual behavior:
Heads needs to patch QubesOS's Xen hypervisor to provide
no-real-modeboot option.Related issues:
osresearch/heads#227