Questions about mirage-firewall

Instead of low memory usage, what is the advantage and disadvantage between sys-firewall and mirage-firewall? In my knowledge, the security of sys-fiewall is fully depends on its template, but mirage-firewall then? Unikernel?

Also curious about qubes-mirage-skeleton, I read the github but still confusing. May anyone explain that?

You are right on both counts.
low resource requirement, fast boot; security depends on unikernel.

This was poc to show how mirage could be used as a qrexec agent.
It’s now outdated, as mirage itself will handle the qube setup.
Not a lot more to say.

Excuse the dumb question, but since it sounds like a win-win, why is it not the default in Qubes? Are there drawbacks?

It is a good question. But now it isn’t even available as official community template. I’m observing it’s developer attempts to make it happen, and hope that it will happen in near future (now there is one more bug that I’m aware that blocking it).


Fair enough, thank you for the link. I see that one would have to copy untrusted content into dom0 so that could be a deal breaker.

As I understand It shouldn’t be to dangerous since you only stream binary data to a folder without any processing (Do not run tar in dom0 (closes #84). · mirage/qubes-mirage-firewall@f9842e8 · GitHub). But It will be way better if we can install it directly from Qubes, since for now when You build Mirage Firewall Yourself You will not have right checksum for the builder script since there was some changes in the toolchain… and when You download binary (that according to developers is build super securely) from the Github release site, You don’t have any checksum or signature for it and You have to trust github infrastructure and Your internet provider…

Thanks, I’ve find lot’s of information about mirageOS and unikernel.
Another question about mirage firewall is that, I created mirage’s Template, and its AppVM, run it, no problem, but when I attempted to shutdown, it hadn’t shutdown within 60 seconds and I have to “kill” it. Although it is not a must to run in AppVM, where goes wrong? It works when it is Standalone.