opened 02:54AM - 18 Sep 18 UTC
T: enhancement
help wanted
C: core
P: default
bounty
QubesOS is the most secure operating system available, by far. However, it unfo…rtunately only runs on the x86 instruction set, which runs on unauditable and insecure firmware. The Power Architecture is a much more secure ISA. Products like the Talos II (edit: and now much more affordable Blackbird) with the Power9 CPU are fully open, with auditable schematics, firmware, and software - and being able to run QubesOS on such devices would be a huge win for the infosec community.
There are various ways to achieve this compatibility, so I thought that this issue could be a way to track them/discuss.
1 - Xen could have a ppc64 port (Raptor Computing Systems has offered free hardware to incentivize)
2 - Using the seL4 microkernel (https://github.com/QubesOS/qubes-issues/issues/3894), which is already looking into supporting the Power Architecture
3 - Qubes' Hypervisor Abstraction Layer (HAL), which utlizes libvirt to support multiple hypervisors, yet currently only supports Xen, could be expanded to support KVM, to run on ppc64.
Edit 2021/21/01:
Please see [here](https://github.com/QubesOS/qubes-issues/issues/4318#issuecomment-425749018) for general KVM target goals, and [here](https://github.com/QubesOS/qubes-issues/issues/4318#issuecomment-549986749) for a detailed list of tasks for KVM/Power.
See [here](https://github.com/QubesOS/qubes-issues/issues/4318#issuecomment-775609640) for most recent ppc64le/kvm status updates.
Please see the below chronological updates to funding:
- [1](https://github.com/QubesOS/qubes-issues/issues/4318#issuecomment-764908374)
- [2](https://github.com/QubesOS/qubes-issues/issues/4318#issuecomment-779379318)
- [3](https://github.com/QubesOS/qubes-issues/issues/4318#issuecomment-779497332)
In summary, for KVM we have a 3 bitcoin bounty, ~~and an additional 0.5 bitcoin remaining for matching funds~~ (deadline passed with 0.5 matching funds filled out of 1 bitcoin matching funds offered - see [here](https://github.com/QubesOS/qubes-issues/issues/4318#issuecomment-937007407)). The match offer expired on July 28th 2021.
Details of the bounty are below:
@leo-lb paid @shawnanastasio 0.2 btc out of his 1 bitcoin bounty here: https://github.com/QubesOS/qubes-issues/issues/4318#issuecomment-630972681
@Rspigler (me) paid Shawn 0.5 bitcoin out of his 1.5 bitcoin bounty [here](https://github.com/QubesOS/qubes-issues/issues/4318#issuecomment-779415652). I have also offered hardware (Blackbird mainboard and one 4 core Power9 CPU) for a developer who will use it towards this project. See post [here](https://github.com/QubesOS/qubes-issues/issues/4318#issuecomment-947341382).
@Rudd-O pledged 0.5 bitcoin [here](https://github.com/QubesOS/qubes-issues/issues/4318#issuecomment-779477070) (has paid 0).
~~I (Robert) have a remaining 0.5 matching bitcoin offer that expires on July 28th 2021.~~
To conclude, the total bounty is 3 bitcoin, with 0.7 bitcoin rewarded and 2.3 bitcoin remaining.
Last updated: November 10th, 2021
