It is possible that Framework Team can create mainboard as certified and specially for QubeOS?
Possible? Sure!
Likely? Not in my opinion. 
Framework doesnât yet seem to have the spare resources to dedicate to niche alternative mainboards like that.
But if QubeOS desired, they could make a special mainboard.
DeepComputing did it with their RISC-V Mainboard.
frame.work/products/deep-computing-risc-v-mainboard
Just wondering, what would QubeOS even need special for a mainboard?
1 Like
100% this. QubesOS is just way too niche, and Framework is too small a team to make products with such a limited market. Official QubesOS certification requires open-source firmware, which has long been requested but is unlikely any time soon due to the amount of resources it would require to switch firmware vendors.
Qubes OS currently targets x86_64 only and requires Intel VT-x/VT-d or AMD-V/AMD-Vi. The RISC-V StarFive JH7110 (SiFive U74 cores) used in the RISC-V Framework 13 mainboard does not have the RISC-V Hypervisor âHâ extension, so you donât get hardware virtualization/IOMMU needed for Xen/Qubes. Xen-on-RISC-V is making progress in upstream, but Qubes hasnât added a RISC-V port and provides installers only for x86_64. The RISC-V mainboard itself is positioned as a developer board, not a consumer-ready Qubes target.
They were not suggesting using the RISC-V board for QubesOS, they were suggesting that QubesOS could make their own board, just as DeepComputing did.
2 Likes
Look at the requirements list for QubesOS certification, itâs clear that Qubes will run through the tests but that they expect submitted devices to be prepared by the submitters making the hardware.
Selling with QubesOS pre-installed seems achievable if the other challenges can be overcome â the worst seems to be:
- one untrusted USB plus trusted PS/2 keyboard and trackpad for on-device control or dual USB controllers with one trusted and hard-wired to on-device keyboard and trackpad
- ec-firmware being fully open-source with â(properly authenticated) CPU-vendor-provided blobs for silicon and memory initializationâ
K3n.
I mean, they can expect anything they want.
I can expect a solid gold award for⌠simply existing, ainât going to get it. Likewise, I just donât think Qubes will get a special tailor-made mainboard, just for them. Someday, when FW gets coreboot, and it no longer requires anything tailor-made, maybe theyâll go for Qubes certification.
Looking over the list of current Qubes-certified devices, were any of them made just for Qubes? Or were they just already existing devices that happened to already meet Qubeâs requirements and needed limited effort to get certification.
British English is my first language, so I apologise for using loose phrasing when I meant to say âQubes Team have a set of rules by which they will judge any hardware as certified and, to get certified by Qubes Team by following the rules they have set out, you send them hardware you have prepared yourself.â
Clicking on the links, this stands out:
- The V54 and V56 product names are shared between a couple of vendors and have identical product images (and crucially coreboot firmware) so I infer thatâs a whitebox design you might buy by the hundred from an OEM.
- The X230 and T430 are both refurbished ThinkPads (which also run coreboot).
- The NitroPC Pro 1 & 2 and the Dasharo FidelisGuard Z690 have PS/2 ports on the back for local keyboard+mouse and configure the USB for use in guest VMâs.
I have no guess on how much âlimited extra effortâ is needed.
This is going to sound sarcastic because of this forum setting, but I mean it sincerely 
: Please have todayâs solid gold award for simply existing. You do you.
1 Like
You might want to try Genode /Sculpt which has many similarities in concept such as heavy use of virtualization for security.
I would argue Sculpt is actually more sophisticated because it is a clean sheet design with such things as capability based security and microkernel rather than a Linux distribution that has been kludged to achieve these ends.
Genode have a Framework in house they use for testing Sculpt, so you could say framework is an approved product.