Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

qubes_security_level service #6

Closed
marmarek opened this issue Mar 8, 2015 · 10 comments
Closed

qubes_security_level service #6

marmarek opened this issue Mar 8, 2015 · 10 comments
Labels
C: core P: minor Priority: minor. The lowest priority, below "default." T: enhancement Type: enhancement. A new feature that does not yet exist or improvement of existing functionality.
Milestone
Release 4.0

Comments

@marmarek
Copy link
Member

marmarek commented Mar 8, 2015

Reported by joanna on 6 Apr 2010 17:10 UTC
...and display a warning to the user, that e.g. without IOMMU/VT-d there is no point of having a NetVM, as it cannot be securely isolated on a system without VT-d.

Migrated-From: https://wiki.qubes-os.org/ticket/6
@marmarek marmarek added this to the Release 1 Beta 1 milestone Mar 8, 2015
@marmarek marmarek added T: enhancement Type: enhancement. A new feature that does not yet exist or improvement of existing functionality. C: core P: minor Priority: minor. The lowest priority, below "default." labels Mar 8, 2015
@marmarek
Copy link
Member Author

marmarek commented Mar 8, 2015

Modified by joanna on 14 Mar 2011 21:26 UTC

@marmarek
Copy link
Member Author

marmarek commented Mar 8, 2015

Comment by joanna on 11 Apr 2011 12:20 UTC
Also present an option to enable VT-d.

Also, our installer should generate two grub entries:

  • Qubes
  • Qubes (IOMMU/VT-d enabled)

By default we should be booting without iommu (because it often causes problems with incompatible GPUs), but always display a warning when we figure out IOMMU is not supported or not enabled.

@marmarek marmarek added P: major Priority: major. Between "default" and "critical" in severity. and removed P: minor Priority: minor. The lowest priority, below "default." labels Mar 8, 2015
@marmarek
Copy link
Member Author

marmarek commented Mar 8, 2015

Modified by joanna on 28 May 2011 09:04 UTC

@marmarek
Copy link
Member Author

marmarek commented Mar 8, 2015

Comment by joanna on 25 Sep 2011 10:50 UTC
We should have a service called qubes_security_level that would be the last init.d service started in Dom0. This service's task would be to evaluate the level of security based on current platform config. Currently this would be just the availability of the VT-d. In the future we would add more criteria, such as:

  • is also Interrupt Remapping enabled?
  • is full screen for AppVMs allowed by guid or not?
  • has the system been started using TPM-based trusted boot (Anti Evil Maid) or not?
  • is the whole filesystem encrypted or not?
  • etc...

Also, we should have a little app (or part of the qubes manager) that would be displaying an icon in the tray that would be representing the current security level (a number from 1-5, coloured from red to green/blue). When user clicks on the icon we should display a quick explanation what factors contributed to given security level.

@marmarek
Copy link
Member Author

marmarek commented Mar 8, 2015

Modified by joanna on 25 Sep 2011 10:51 UTC

@marmarek marmarek changed the title Detect when running without IOMMU/VT-d enabled qubes_security_level service Mar 8, 2015
@marmarek
Copy link
Member Author

marmarek commented Mar 8, 2015

Comment by joanna on 19 Oct 2011 08:59 UTC
This is currently tricky to implement, because we don't know how to implement "stickiness" of the variable that holds the level -- it should be possible to ensure that once the user "lowers" the security level, e.g. by booting the system with VT-d disabled, then the level will never get back to the previously high level.

So, currently we can just add some trivial indicator e.g. to Qubes Manager -- TBD.

@marmarek marmarek modified the milestones: Release 2, Release 1 Beta 3 Mar 8, 2015
@marmarek
Copy link
Member Author

marmarek commented Mar 8, 2015

Modified by joanna on 8 Oct 2012 09:23 UTC

@marmarek marmarek modified the milestones: Release 2 Beta 3, Release 2 Mar 8, 2015
@marmarek
Copy link
Member Author

marmarek commented Mar 8, 2015

Modified by joanna on 12 Mar 2013 10:27 UTC

@marmarek marmarek added P: minor Priority: minor. The lowest priority, below "default." and removed P: major Priority: major. Between "default" and "critical" in severity. labels Mar 8, 2015
@marmarek
Copy link
Member Author

marmarek commented Mar 8, 2015

Modified by joanna on 1 Aug 2013 12:51 UTC

@marmarek marmarek modified the milestones: Release 3, Release 2 Beta 3 Mar 8, 2015
@marmarek marmarek added this to the Release 4.0 milestone May 27, 2015
@marmarek marmarek removed this from the Release 3.0 milestone May 27, 2015
@TNTBOMBOM TNTBOMBOM mentioned this issue Dec 12, 2015
Closed
@TNTBOMBOM TNTBOMBOM mentioned this issue Dec 31, 2015
Closed
@TNTBOMBOM TNTBOMBOM mentioned this issue Jan 16, 2016
Closed
@TNTBOMBOM TNTBOMBOM mentioned this issue Feb 1, 2016
Closed
This was referenced Jun 30, 2016
Closed
Open
@rootkovska
Copy link
Member

Now tracked as part of the #2134.

@ideologysec ideologysec mentioned this issue Apr 3, 2017
Closed
@abis866i abis866i mentioned this issue Jun 30, 2018
Closed
@marmarek marmarek mentioned this issue Feb 15, 2022
Merged
@Anondoe Anondoe mentioned this issue Apr 6, 2022
Closed
@umbratic umbratic mentioned this issue Oct 30, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
C: core P: minor Priority: minor. The lowest priority, below "default." T: enhancement Type: enhancement. A new feature that does not yet exist or improvement of existing functionality.
Projects
None yet
Milestone
Release 4.0
Development

No branches or pull requests
2 participants
@marmarek @rootkovska