-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On Sat, Dec 07, 2019 at 08:33:59AM -0800, Qubes123 wrote: > > > > > The current plan for major features of Qubes OS 4.1 is: > > - experimental GUI VM and Audio VM (very limited and not yet ready for > > daily usage) > > - new qrexec policy format and significant qrexec performance > > improvements > > - major improvement for UEFI compatibility (grub2-efi is back, some > > changes in Xen to make it more uniform with Linux) > > - as usual, updated templates and dom0 (but still Fedora) > > > > You can also see draft release notes: > > https://github.com/QubesOS/qubes-doc/pull/828/files > > > > I'd say the above is 80-90% done. There is a possibility the first > > release candidate will be already this month. > > > > In the meantime we're also working on a reliable GPU passthrough with > > focus on Intel, without sacrificing security much (specifically, without > > running unsandboxed qemu), but it's not going to be part of R4.1 yet. > > Having that, and more tested and improved GUI VM integration would allow > > to make it default and greatly reduce size of dom0. > > > > > In connection with this topic - how do you plan to pass the VBIOS binary to > the Xen VM? I assume this will be required - maybe not for Intel iGPUs, > but for the rest..Some cards will need a blob to work in the guivm. And > since these blobs are already there in dom0, it will even be more secure to > have those only in the guivm. > Will it be done via Libvirt using the libxl xml's? > I did some testing already and it seems the <rom file='/path' /> in the > pci.xml template seem to "survive" the schema validations, and therefore > the file could be available for qemu to pass to the VM. However, so far > I couldn't get it passed yet, some patching is still needed to be done..
Yes, this is one of the problems to be solved. In many cases what you can express in libvirt doesn't always match what is specifically implemented in the libxl driver. - -- Best Regards, Marek Marczykowski-Górecki Invisible Things Lab A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? -----BEGIN PGP SIGNATURE----- iQEzBAEBCAAdFiEEhrpukzGPukRmQqkK24/THMrX1ywFAl3r1YUACgkQ24/THMrX 1yyjxAf/W+/CFfvGzcKrgZE3B3jBu7aLeGdnE1TfL6veeJbDja8FrZWd8Oyn/sUs UDfA7HtMMnM6GVKW7rfKoig4GieOcvxSg0jNWRg7NZJmQf7yvkdonPTLMhoSR5wM NQM/9HEAJ8W2RbTv2cOQiRkt2PVuphsUmirww0xSlIr6Fg3UrZna4c7dAGWTO6yV 9Bs8XM++uCLGgPt1IOvKRrOWBTHK06UuH8qf5DXrEMACVYR4NlN46aMId9fYgt7w iL44L/FVv0yh3TMwUWq5JmywUQyq1sOy8wMWW8uvUSiDrH8YImW9P3rdkPSv4+bg A2wn8/U3dWuIVlqxTth7FuEXf3D0qw== =PWt8 -----END PGP SIGNATURE----- -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/20191207163829.GT1122%40mail-itl.
