{{Header}} {{title|title= Existing Ports of and Porting {{project_name_long}} to other Architectures }} {{#seo: |description=Architecture specific packages in {{project_name_short}}. "Special packages". Software maintained by third parties. Compiled software. Kernel modules. Shared objects. Tips on porting {{project_name_short}} to other platforms. "amd64" means Intel and AMD. Porting Simplicity. }} {{ports_mininav}}
arm64
/ Raspberry Pi ( RPi )] ([[Dev/Build_Documentation/Physical_Isolation#How_To_Install_Whonix-Gateway_on_the_Raspberry_Pi_3_B_.28RPI3.29|wiki]]) ([[unsupported]])
* Whonix on Mac
M1
(ARM
) based: [[MacOS#M1|project status]] / [https://forums.whonix.org/t/whonix-on-mac-m1-arm/11310 forum discussion]
= Existing Ports of {{kicksecure}} =
* ppc64el
{{kicksecure}} functional, created using distro-morphing on a test server for {{project_name_short}} developer Patrick.
* Distro-morphing should generate viable images for KVM on arm64
.
== Notes ==
{{Anchor|NOTE}}
=== Note on Terminology ===
{{Amd64}}
=== Virtualization versus Emulation versus Architecture ===
* prerequisite knowledge: [[#Note on Terminology|Note on Terminology]]
* Examples of architectures: amd64, arm64, riscv64, POWER9
* Examples of virtualizers: VirtualBox and KVM.
* Examples of emulators: QEMU and Bochs.
* Virtualizers: The guest operating system architecture must be compatible with the host operating system architecture. For instance, an amd64 host can only virtualize an amd64 guest. It is impossible to run arm64, riscv64, POWER9, etc. inside a virtualizer.
* Emulators: The guest operating system architecture does not need to be compatible with the host operating system architecture. For example, an amd64 host can emulate an amd64, riscv64, POWER9, etc. guest.
* Speed comparison: Virtualizers are faster than emulators, which are too slow for everyday desktop operating system production use cases.
* Conclusion: Debian, Qubes, Kicksecure, Whonix builds for amd64
cannot be run on host architectures such as arm64
, riscv64
, POWER9
, etc. using a virtualizer such as VirtualBox or KVM.
* Porting: To run an operating system on a different architecture, a port is required. The base operaging system (in case of Whonix, that is Debian) needs to be available for that architecture. Furthermore, the derivative (Kickssecure, Whonix) architecture specific packages need to be able to be build for that architecture. This is most likely possible. These packages are documented below. Furthermore, a bootable image (VM or ISO) needs to be created. Depending on the architecture, this can be a difficult process, which is elaborated on {{kicksecure_wiki
|wikipage=Dev/image_creation
|text=Development of System Image Creation and Bootstrapping Tools
}}.
= Packages =
== Porting Simplicity ==
To simplify ports to other architectures, all of the following packages are optional dependencies. These packages have very useful functionality however to simplify bootstrapping a port of {{project_name_short}} for a quick motivational milestone to reach of {{project_name_short}} building and booting, all architecture specific packages are optional dependencies by design in {{project_name_short}}.
Therefore porters do not need to worry about any of the following packages during original porting work.
Most of {{project_name_short}} packages and all essential packages are architecture independent.
To simplify ports, {{project_name_short}} repository at time of writing supports the following architectures.
* https://github.com/Whonix/derivative-maker/blob/master/aptrepo_remote
* https://github.com/Whonix/derivative-maker/blob/master/aptrepo_local
amd64 arm64 armel armhf hurd-i386 hurd-amd64 i386 kfreebsd-amd64 kfreebsd-i386 mips mipsel powerpc ppc64 ppc64el s390x sparc source
This might be useful for [[Dev/Installation_from_Repository|distro-morphing]].
Distro-morphing might be the easiest way to create a proof of concept port of {{project_name_short}}. Following the spirit of [[Self_Support_First_Policy|Self Support First Policy]], first experimenting with Debian (which {{project_name_short}} is based on) first might be helpful.
A production quality, redistributable port of {{project_name_short}} however should be created using {{project_name_short}} build script instead of distro-morphing.
Related: [[Dev/Virtualization_Platform#Other_Virtualization_Platforms|porting {{project_name_short}} to other virtualizers]]
== bindp ==
* maintained by third party: yes
* compiled: yes
* compiled when: at package installation time / at {{project_name_short}} build time
* language: C
* no upstream version number
* documentation: none
* upstream: https://github.com/yongboy/bindp
* package source code: https://github.com/Kicksecure/bindp
* kernel module: no
== kloak ==
* maintained by third party: yes
* compiled: yes
* compiled when: during package build process / at {{project_name_short}} build time
* version number by upstream: yes
* architecture support: any
** https://github.com/vmonaco/kloak/issues/24
** https://github.com/vmonaco/kloak/issues/25
* documentation: [[Keystroke_Deanonymization#Kloak|kloak]]
* upstream: https://github.com/vmonaco/kloak
* Debian package source code: https://github.com/Whonix/kloak
* kernel module: no
* [https://forums.whonix.org/t/kloak-keystroke-anonymization-tool/7089 Kloak Forum Discussion]
== corridor ==
* maintained by third party: yes
* compiled: no
* language: sh
* version number by upstream: yes
* upstream architecture support: any
* documentation: [[Corridor]]
* upstream: https://github.com/rustybird/corridor
* Debian package source code: https://github.com/Whonix/corridor
* kernel module: no
* [https://forums.whonix.org/t/corridor-a-tor-traffic-whitelisting-gateway-a-clearnet-leak-tester/2765 corridor Development Discussion]
== tb-updater ==
* maintained by third party: no
* compiled: no
* contains binaries: no, because it is a downloader script
* language: bash
* version number by upstream: no
* architecture support:
** i386
and amd64
*** For the Linux platform The Tor Project is only providing i386
and amd64
downloads. See https://dist.torproject.org/torbrowser/.
** arm64
-> https://forums.whonix.org/t/arm64-tor-browser/11806
* Debian package source code: https://github.com/Kicksecure/tb-updater
* kernel module: no
== tirdad ==
* maintained by third party: yes
* compiled: yes
* compiled when: at package installation time / at {{project_name_short}} build time
* version number by upstream: upstream does not (yet) provide version numbers
* architecture support: [https://forums.whonix.org/t/tcp-isn-cpu-information-leak-protection-tirdad/8552/33 amd64
only]
** amd64
support: Yes.
** arm64
support: No, because the Linux kernel does not support live patching on arm64
.
** Other architecture support: TODO. In theory, yes, as long as the Linux kernel supports live patching on that architecture.
* documentation: TODO
* upstream: https://github.com/0xsirus/tirdad
* Debian package source code: https://github.com/Kicksecure/tirdad
* kernel module: yes
* kernel: Linux
only
* [https://forums.whonix.org/t/tcp-secure-sn-generation-in-linux-and-its-privacy-issues-tirdad-kernel-module-for-random-isn-generation/8552 tirdad Development Discussion]
== binaries-freedom ==
* Currently not in use.
== tor ==
* Architectures amd64
, i386
and arm64
are using the [https://deb.torproject.org deb.torproject.org
tor
package]. A newer version. The latest stable version provided by The Tor Project for the stable release of Debian. Why? See [[Dev/Tor]] and https://forums.whonix.org/t/tor-package-urgently-needs-update-to-v0-4-6-8-due-to-tor-browser-11-stable-fingerprintability/12762.
* Architectures other than amd64
, i386
and arm64
are using the [https://packages.debian.org packages.debian.org
tor
package]. An older version. The frozen stable version provided by Debian for Debian stable. This has a disadvantage: https://forums.whonix.org/t/tor-package-urgently-needs-update-to-v0-4-6-8-due-to-tor-browser-11-stable-fingerprintability/12762
* package maintained by third party: yes
* compiled during package build process: no
* contains binaries: yes
* version number by upstream: yes
= Check Tor SocksPort Reachability =
On {{project_name_workstation_long}}. Test.
{{Curl_Plain}} 10.152.152.10:9100 ; echo $?Should show.
Tor is not an HTTP Proxy Tor is not an HTTP Proxy
It appears you have configured your web browser to use Tor as an HTTP proxy. This is not correct: Tor is a SOCKS proxy, not an HTTP proxy. Please configure your client accordingly.
See https://www.torproject.org/documentation.html for more information.