The Bareflank 3.0 hypervisor has been released, providing a toolkit for the rapid development of specialized hypervisors. Bareflank is written in C++ and supports C++ STL. The modular architecture of Bareflank makes it easy to expand existing hypervisor capabilities and create your own hypervisor options, both running on top of hardware (like Xen) and running in an existing software environment (like VirtualBox). It is possible to run the operating system of the host environment in a separate virtual machine. The project code is distributed under the LGPL 2.1 license.
Bareflank provides support for Linux, Windows, and UEFI on 64-bit Intel and AMD CPUs. Intel VT-x technology is used for hardware partitioning of virtual machine resources. Support for macOS and BSD systems is planned for the future, as well as the ability to work on the ARM64 platform. Additionally, the project develops its own driver for loading VMM (Virtual Machine Manager), an ELF loader for loading VVM modules, and a bfm application for controlling the hypervisor from user space. A toolkit is provided for writing extensions using elements defined in the C++11/14 specifications, an exception stack unwinding library (unwind), as well as its own runtime library to support the use of constructors/destructors and registration of exception handlers.
On the basis of Bareflank, the development of the Boxy virtualization system is underway, which supports the launch of guest systems and allows the use of lightweight virtual machines with Linux and Unikernel to run specialized services or applications. In the form of isolated services, you can run both ordinary web services and applications that have special requirements for reliability and security, free from the influence of the host environment (the host environment is isolated in a separate virtual machine). Bareflank is also at the heart of the MicroV hypervisor, designed to run minimalistic virtual machines (single application virtual machine) that implements the KVM API and is suitable for building mission-critical systems.
The main innovations of Bareflank 3.0:
- Transition to the use of the microkernel concept. Previously, the hypervisor had a monolithic architecture, in which, in order to extend functionality, it was necessary to use a special API for registering callback calls, which made it difficult to develop extensions due to being tied to the C ++ language and internals. The new microkernel-based architecture splits the hypervisor into kernel components running on the zero ring of protection and extensions running on the third ring (user space). Both parts run in VMX root mode, and everything else, including the host environment, in non-root VMX mode. User-space extensions implement Virtual Machine Manager (VMM) functionality and interact with the hypervisor kernel through backward compatible system calls. Extensions can be created in any programming language, including the use of the Rust language.
- We switched to using our own BSL library with support for Rust and C++, which replaced the external libraries libc++ and newlib. Removing external dependencies allowed Bareflank to implement native Windows compilation support to simplify development on this platform.
- Added support for AMD processors. Moreover, the development of Bareflank is now carried out on a system with an AMD CPU and only then ported to an Intel CPU.
- Support for the ARMv8 architecture has been added to the bootloader, for which hypervisor adaptation will be completed in one of the next releases.
- Compliance with mission-critical systems development requirements of AUTOSAR and MISRA.
Source: opennet.ru