Ok, we can use pvgrub2-pvh in order to be able to use PVH virt_mod. But are there any other security implications on using native kernel in PVH mode against using kernel packaged and provided by Qubes devs in PVH mode too?
1 Like
Using pvgrub2-pvh can allow you to use PVH virtualization mode with a native kernel, rather than using a kernel provided by the Qubes developers. As I mentioned earlier, there may be some security implications to consider when using a native kernel in PVH mode, as compared to using a kernel provided by the Qubes developers in PVH mode. One potential issue is that a native kernel may not have the same level of security hardening as a kernel provided by the Qubes developers, which could make it more vulnerable to attacks. Additionally, the Qubes developers may have implemented additional security measures in their kernel that are not present in a native kernel, which could provide additional protection against certain types of attacks. It is important to carefully evaluate the security implications of using a native kernel in PVH mode before making a decision.
Also look into https://ebpf.io if you really want to go deep into kernel development.
1 Like
Which ones?
How would I know?
Which, if?
How?
Thanks!
2 Likes
1 Like