FreeBSD Jails for QubesOS isolation

Hey everyone,

I’m writing because I’m interested to work on FreeBSD jails as an alternative to Xen for isolation in QubesOS. And I have some questions about it, that someone on this list can maybe find the time to answer. My message to qubes-devel got bounced for some reasone, so I’m trying here.

I recently learned about FreeBSD’s jails, which provide isolation similar to a chroot environment, but with proper virtualization of the file system, the set of users and the networking subsystem.

I’ve also read about Joanna’s vision of Qubes air here.

Joanna argues that using Xen to achieve the separation is not really at the essence of Qubes, and she shows how the cloud or seperate raspberry Pis could also be used for this purpose in a future version of Qubes.

Along the same train of thought, it should be possible to build on top of FreeBSD’s jails, right? This is something that I would have interest in doing some work on, perhaps as part of my master thesis. My main motivation is to have a version of QubesOS with lower overhead on the virtualization technology. I’m aware that there may be differences in the protection offered for e.g. attacks on speculative execution between using Xen or FreeBSD’s jails for the isolation. So I don’t think one technology would make the other useless, but rather that they would be two options to choose from depending on the threat model.

My question is: Is it actually possible to start building this by implementing the things described under “Under the hood: qubes’ interfaces” in the “Qubes Air” blogpost for FreeBSD jails? Or is there something missing from the side of QubesOS that first needs some work? Or do you think this is a stupid idea to begin with? :stuck_out_tongue:

Best wishes
Keno

1 Like