Running Qubes as A HVM under another Type 1 Hypervisor
148 views
Skip to first unread message
john.c...@ucdconnect.ie
Apr 17, 2017, 3:04:06 PM4/17/17
to qubes-users
Hi all,
Just wondering if this is possible.
Horrific security implications aside, it strikes me as an interesting set-up.
According to the Xen wiki [1] you can run Xen as a HVM under Xen, but with the limitation that the nested Xen installation cannot create a HVM itself.
So would this be possible with Qubes, in conjunction with some other hypervisor?
John.
Andrew David Wong
Apr 17, 2017, 5:44:06 PM4/17/17
to john.c...@ucdconnect.ie, qubes-users
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
It's already possible in Qubes 3.2. You can install Qubes as an HVM
inside of Qubes. (PV-only inside the HVM.)
- --
Andrew David Wong (Axon)
Community Manager, Qubes OS
https://www.qubes-os.org
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJY9TcXAAoJENtN07w5UDAwcN4P/RnapJ11qeZRHH/AfIorKVGK
JjDkW5+NTmGsc2/3qwj04mtsSgxwn87t0fPihrq9ltNAEakzBrC/pMzSxxqM+o9k
IO/J0S99HgpTHHWPUn+RWAyk15f24I0JYLNOpSMxaVnH9nxIgb1pT0iCH+BET79l
7xxpcigS42QdssBQAOGYwu0JoliCb0kYd46qh7lBhwml85oib5HbCFVUD0Yr6pq2
43n4MGowWEPYegN2TJniQOiwwU0ARxHeWvicF82Hq2MEAkcpzyezomfaDMtvtkm6
PN602ryRraL2tgGt8/Tjw2qOwlY6wWyu1nKL+GN8wr763ItDLjkP/ojn/OXQZxKF
eiZ7Dp8sn2xJABhros9FpQExFsSKXGRvK8l/qKalQcg5efhgwGywMFXglGMVCzaQ
n5GHrQuNidYUIo54l+1T3+h0njYMFQZthGLw+tpzTmwOx6a1RMRUNpYST/ToENOP
S6bhUI6zxBJnY+eSqYeqkl2xAcxt1pEhLS1lpLYiZD263kZgmfKvdqFlZnZqMro+
0aF+74dfJjk9ZexQPynOuVUZSHH1VLlyqVSlzQUQZaTCTMDEAba6MOvRc1vdQlZ/
+XGYRYz2ZmYDWoz82SvZx6BLF7hS9bBtaq1InjKRPNrH0erE/Mb3vnocWU2UGYHl
ioZpyZyKWOYae1c7xA6C
=aM20
-----END PGP SIGNATURE-----
Hash: SHA512
inside of Qubes. (PV-only inside the HVM.)
- --
Andrew David Wong (Axon)
Community Manager, Qubes OS
https://www.qubes-os.org
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJY9TcXAAoJENtN07w5UDAwcN4P/RnapJ11qeZRHH/AfIorKVGK
JjDkW5+NTmGsc2/3qwj04mtsSgxwn87t0fPihrq9ltNAEakzBrC/pMzSxxqM+o9k
IO/J0S99HgpTHHWPUn+RWAyk15f24I0JYLNOpSMxaVnH9nxIgb1pT0iCH+BET79l
7xxpcigS42QdssBQAOGYwu0JoliCb0kYd46qh7lBhwml85oib5HbCFVUD0Yr6pq2
43n4MGowWEPYegN2TJniQOiwwU0ARxHeWvicF82Hq2MEAkcpzyezomfaDMtvtkm6
PN602ryRraL2tgGt8/Tjw2qOwlY6wWyu1nKL+GN8wr763ItDLjkP/ojn/OXQZxKF
eiZ7Dp8sn2xJABhros9FpQExFsSKXGRvK8l/qKalQcg5efhgwGywMFXglGMVCzaQ
n5GHrQuNidYUIo54l+1T3+h0njYMFQZthGLw+tpzTmwOx6a1RMRUNpYST/ToENOP
S6bhUI6zxBJnY+eSqYeqkl2xAcxt1pEhLS1lpLYiZD263kZgmfKvdqFlZnZqMro+
0aF+74dfJjk9ZexQPynOuVUZSHH1VLlyqVSlzQUQZaTCTMDEAba6MOvRc1vdQlZ/
+XGYRYz2ZmYDWoz82SvZx6BLF7hS9bBtaq1InjKRPNrH0erE/Mb3vnocWU2UGYHl
ioZpyZyKWOYae1c7xA6C
=aM20
-----END PGP SIGNATURE-----
Message has been deleted
john.c...@ucdconnect.ie
Apr 17, 2017, 6:09:03 PM4/17/17
to qubes-users, john.c...@ucdconnect.ie
On Monday, 17 April 2017 22:44:06 UTC+1, Andrew David Wong wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
>
> On 2017-04-17 12:04, john.c...@ucdconnect.ie wrote:
> > Hi all,
> >
> > Just wondering if this is possible.
> >
> > Horrific security implications aside, it strikes me as an
> > interesting set-up.
> >
> > According to the Xen wiki [1] you can run Xen as a HVM under Xen,
> > but with the limitation that the nested Xen installation cannot
> > create a HVM itself.
> >
> > So would this be possible with Qubes, in conjunction with some
> > other hypervisor?
> >
> > John.
> >
> > [1] https://wiki.xenproject.org/wiki/Xen_FAQ_Nesting
> >
>
> It's already possible in Qubes 3.2. You can install Qubes as an HVM
> inside of Qubes. (PV-only inside the HVM.)
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
>
> On 2017-04-17 12:04, john.c...@ucdconnect.ie wrote:
> > Hi all,
> >
> > Just wondering if this is possible.
> >
> > Horrific security implications aside, it strikes me as an
> > interesting set-up.
> >
> > According to the Xen wiki [1] you can run Xen as a HVM under Xen,
> > but with the limitation that the nested Xen installation cannot
> > create a HVM itself.
> >
> > So would this be possible with Qubes, in conjunction with some
> > other hypervisor?
> >
> > John.
> >
> > [1] https://wiki.xenproject.org/wiki/Xen_FAQ_Nesting
> >
>
> It's already possible in Qubes 3.2. You can install Qubes as an HVM
> inside of Qubes. (PV-only inside the HVM.)
What about under another hypervisor, such as unRAID or VMware>
Vít Šesták
Apr 18, 2017, 2:08:26 PM4/18/17
to qubes-users
I have heard of running QubesOS under VirtualBox with HVMs, but I don't know much details.
However, note that:
* QubesOS 4.0 will move away from PVs. Unless you get HVMs working (including PCI passthrough if you want networking), you will be out of luck with Qunes 4.0 or newer.
* As far as I remember, this is officially unsupported setup.
Regards,
Vít Šesták 'v6ak'
However, note that:
* QubesOS 4.0 will move away from PVs. Unless you get HVMs working (including PCI passthrough if you want networking), you will be out of luck with Qunes 4.0 or newer.
* As far as I remember, this is officially unsupported setup.
Regards,
Vít Šesták 'v6ak'
Reply all
Reply to author
Forward
0 new messages