From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.3 (2019-12-06) on atuin.qyliss.net X-Spam-Level: X-Spam-Status: No, score=-1.5 required=3.0 tests=ALL_TRUSTED, FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI autolearn=unavailable autolearn_force=no version=3.4.3 Received: by atuin.qyliss.net (Postfix, from userid 496) id 44A4C689D; Fri, 12 Jun 2020 11:16:25 +0000 (UTC) Received: from [127.0.0.1] (localhost [IPv6:::1]) by atuin.qyliss.net (Postfix) with ESMTP id 59C1E686F; Fri, 12 Jun 2020 11:16:15 +0000 (UTC) Received: by atuin.qyliss.net (Postfix, from userid 496) id 73DA167DA; Fri, 12 Jun 2020 11:16:13 +0000 (UTC) Received: from localhost (localhost [IPv6:::1]) by atuin.qyliss.net (Postfix) with ESMTP id 6346767D9 for ; Fri, 12 Jun 2020 11:16:11 +0000 (UTC) Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Subject: High level design and other related projects From: "infokiller ." To: discuss@spectrum-os.org Date: Fri, 12 Jun 2020 11:16:11 -0000 Message-ID: <159196057136.15924.4785359159629836782@localhost> User-Agent: HyperKitty on https://spectrum-os.org/ Message-ID-Hash: IRRXLBMRYEVX2C4FJRRG5G65Y7VYWCO4 X-Message-ID-Hash: IRRXLBMRYEVX2C4FJRRG5G65Y7VYWCO4 X-MailFrom: joweill@icloud.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-config-1; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; suspicious-header X-Mailman-Version: 3.3.1 Precedence: list List-Id: General high-level discussion about Spectrum Archived-At: List-Archive: List-Help: List-Post: List-Subscribe: List-Unsubscribe: Apologies for the incoherent title: I'd like to better understand the design choices of this project and discuss how it relates to other projects in this space. First I'd like to say that I think that using crosvm is a really great decision. Google has a lot of manpower working on ChromeOS and Android, and building on their work is something that should pay off, especially for a project such as Spectrum that tackles such a huge undertaking (building a secure OS). Here's a few questions to kick off the discussion: - Have you considered using a micro kernel based host like seL4, similar to what Genode does (at least as I understand it)? - Have you considered gVisor [1] for lightweight compartmentalization? - Have you considered reusing stuff from the Whonix project? ## References [1] https://github.com/google/gvisor