←back to thread

Qubes OS will ship pre-installed on Purism’s security-focused Librem 13 laptop

(arstechnica.com)
154 points walterbell | 4 comments | 15 Dec 15 07:52 UTC | HN request time: 0.834s | source
Show context
clebio ◴[15 Dec 15 12:59 UTC] No.10737497[source]
Is this running multiple, heterogenous OS on one laptop, or multiple, homogenous OS (e.g. linux a lá docker) on one laptop?

I've wanted for years to run Windows and Linux on one laptop simultaneously via hypervisors -- not dual-booting, not not-OS-is-host, etc. -- but was of the impression that hardware/IO would not be feasible.

replies(2): >>10737534 #>>10738180 #
1. transpute ◴[15 Dec 15 15:15 UTC] No.10738180[source]
This is made possible by a combination of Xen, laptops/desktops with CPU/BIOS which support Intel VT-d, and software like Qubes which mediate among the separated workloads. Non-interactve VMs are typically used to perform I/O, e.g. NICs. If you don't need 3D graphics, guest VM graphics can be virtualized into "windows" with colored borders. If you are on a desktop, discrete GPUs can be dedicated to a VM via VT-d, which enables 3D graphics with near-native performance.

With the right (supported) hardware and BIOS, it works. Hence the benefit of this pre-validated bundle. Hopefully more OEMs move to support concurrent Windows & Linux, since manufacturers can use the open-source software to evaluate the compatibiilty of pre-release hardware like the upcoming Skylake Xeon laptops.

Purism (and the vendors that preceded them) deserve credit for prioritizing security and privacy, despite current opaqueness of Intel platform implementations. Intel's customers are OEMs, not end-users. To influence Intel's multi-year roadmaps, more OEMs will need to make similar security/privacy requests to Intel. OEMs can benefit from upstream contributions that integrated with their unique hardware improvements, like kill switches for sensors.

replies(1): >>10738356 #
2. jmnicolas ◴[15 Dec 15 15:41 UTC] No.10738356[source]
> If you are on a desktop, discrete GPUs can be dedicated to a VM via VT-d, which enables 3D graphics with near-native performance.

Well this is the theory. You'd better be a Unix guru if you want to make it work, they have some questions about it on their Google group and it looks shaky.

It widens the attack surface too.

replies(1): >>10738495 #
3. transpute ◴[15 Dec 15 16:02 UTC] No.10738495[source]
Xen GPU passthrough works if the GPU vendor supports VT-d passthrough. Many AMD discrete GPUs work in this configuration, from low end to high end versions. Nvidia high end models may work, but low end models are unlikely to work.

Yes, the attack surface is widened to include the GPU, with isolation theoretically provided by the VT-d IOMMU. Some recent Intel CPUs support hardware virtualization of the integrated GPU, which likely further widens the attack surface, but enables multiple VMs to have hardware-accelerated graphics. This supports KVM and Xen, but is not (yet?) supported by Qubes, https://01.org/igvt-g/blogs/wangbo85/2015/intel-gvt-g-xengt-.... If the guest workload is OpenGL, http://www.virtualgl.org/About/Introduction could be an alternative.

replies(1): >>10743287 #
4. creshal ◴[16 Dec 15 09:47 UTC] No.10743287{3}[source]
It "works", but have you ever deployed that in production? Kernel updates frequently break it, and the setups tends to be extremely flimsy.