Apologies for the incoherent title: I'd like to better understand the design choices of this project and discuss how it relates to other projects in this space. First I'd like to say that I think that using crosvm is a really great decision. Google has a lot of manpower working on ChromeOS and Android, and building on their work is something that should pay off, especially for a project such as Spectrum that tackles such a huge undertaking (building a secure OS).
Here's a few questions to kick off the discussion:
- Have you considered using a micro kernel based host like seL4, similar to what Genode does (at least as I understand it)? - Have you considered gVisor [1] for lightweight compartmentalization? - Have you considered reusing stuff from the Whonix project?
## References