Yes Damon, this really helps. Thank you! El lun., 21 jun. 2021 8:13, Lee, Damon (Data61, Eveleigh) < damon....@data61.csiro.au> escribió:
> Hi Hugo, > > > I wonder how to have seL4 host not passing network frames to Linux VM > > guest. I mean, I would like to have seL4 dealing with TCP/IP and > processing > > packets at the host level but then I want to use a custom communication > > channel with the Linux guest. So, the very first step would be to stop > > forwarding network frames to the guest. Any hint where I can start > > experimenting with this? > > You could perhaps use the VirtIO networking driver to expose a virtual > network > card over to the VM and then have that virtual card be backed by the actual > Ethernet device on the board. You could then insert a firewall/packet > processing > layer in between the Ethernet device and the VirtIO networking driver to > process > packets before they're delivered to the VirtIO networking driver and into > the > virtual machine. So it'd look like this: > > Ethernet device -> Packet processing layer -> VirtIO networking driver -> > VM > > There's an example of the VirtIO networking drivers in use in [1] and a > Firewall > CAmkES component in [2]. [3] shows the Firewall in use. > > Hope this helps, > Damon > > [1] > > https://github.com/nomadeel/camkes-vm-examples/tree/master/apps/Arm/vm_virtio_net > [2] https://github.com/seL4/camkes-vm/tree/master/components/Firewall > [3] > > https://github.com/nomadeel/camkes-vm-examples/blob/master/apps/x86/cma34cr_centos/cma34cr_centos.camkes > > _______________________________________________ > Devel mailing list -- devel@sel4.systems > To unsubscribe send an email to devel-leave@sel4.systems > _______________________________________________ Devel mailing list -- devel@sel4.systems To unsubscribe send an email to devel-leave@sel4.systems
