Unikernels, LibraryOSes (MirageOS,Gramine and Occulum)

Due to the reduced resource consumption and reduced attack surface of unikernels as opposed to shared
monolithic or even microkernels, are there any plans to create templates which use unikernel projects like:

Occulum (LibraryOS coded entirely in Rust w. Intel SGX support)

and or Gramine (LibraryOS w/ SGX support)?

using MirageOS as a libraryOS?

Just to clarify…Xen VMs are using a shared kernel is this correct? The VMs are sharing the same monolothic kernel?

Here are some more links on the MirageOS unikernel (LibraryOS) just to have it documented:

Here’s some more unikernel/LibraryOS projects:

https://occlum.io/ (coded in Rust)
Unikernels - Xen
Resources – Gramine
The Gramine Project · GitHub
HaLVM - Galois, Inc. (create use-case specific VMs use Haskell)

You can choose the kernel used by vms with (change VMNAME and VALUE accordingly):

qvm-prefs VMNAME kernel VALUE

You can do it with gui too, in the Qubes Manager.

If you want to install an arbitrary kernel in a vm, check out my guide: How to install older version of kernel on R4.1 - please help with a clear straightforward guide? - #2 by BEBF738VD

brilliant, thank you.

So each VM uses its own kernel its not a shared monolithic kernel

You can use shared kernels located in dom0: /var/lib/qubes/vm-kernels

Or you can use vm-specific kernels as mentioned in the guide I linked in my previous reply.