Kamfanin Siemens sakin hypervisor kyauta . Mai hypervisor yana goyan bayan tsarin x86_64 tare da VMX + EPT ko SVM + NPT (AMD-V), da kuma ARMv7 da ARMv8 / ARM64 masu sarrafawa tare da haɓaka haɓakawa. Na dabam janareta hoto don hypervisor Jailhouse, wanda aka ƙirƙira bisa fakitin Debian don na'urori masu tallafi. Lambar aikin mai lasisi a ƙarƙashin GPLv2.
Ana aiwatar da hypervisor azaman module don kwaya na Linux kuma yana ba da haɓakawa a matakin kernel. An riga an haɗa abubuwan da aka haɗa don tsarin baƙi a cikin babban kwaya ta Linux. Don sarrafa keɓancewa, ana amfani da hanyoyin sarrafa kayan aikin da CPUs na zamani ke bayarwa. Filayen fasalulluka na Jailhouse sune aiwatar da nauyi mai nauyi da mai da hankali kan ɗaure injunan kama-da-wane zuwa ƙayyadaddun CPU, yankin RAM da na'urorin hardware. Wannan tsarin yana ba da damar uwar garken multiprocessor na zahiri guda ɗaya don tallafawa ayyukan mahalli masu zaman kansu masu zaman kansu, kowannensu an sanya shi zuwa ainihin abin sarrafa nasa.
Tare da madaidaicin hanyar haɗi zuwa CPU, an rage girman saman hypervisor kuma an sauƙaƙe aiwatar da shi sosai, tunda babu buƙatar gudanar da tsarin rarraba albarkatu mai rikitarwa - keɓance keɓantaccen tushen CPU yana tabbatar da cewa ba a aiwatar da wasu ayyuka akan wannan CPU. . Amfanin wannan hanyar ita ce ikon samar da ingantaccen damar samun albarkatu da aikin da ake iya faɗi, wanda ke sa Jailhouse ya zama mafita mai dacewa don ƙirƙirar ayyukan da aka yi a ainihin lokacin. Ƙarƙashin ƙasa yana da ƙayyadaddun ƙayyadaddun ƙima, iyakance ta yawan adadin abubuwan CPU.
A cikin kalmomin Jailhouse, ana kiran mahallin kama-da-wane “kamara” (kwayoyin halitta, a cikin mahallin gidan yari). A cikin kyamarar, tsarin yana kama da uwar garken mai sarrafawa guda ɗaya yana nuna aiki zuwa aikin kwazo na CPU core. Kyamara na iya tafiyar da yanayin tsarin aiki na sabani, da kuma wuraren da aka cire don gudanar da aikace-aikacen guda ɗaya ko shirye-shirye na musamman na ɗaiɗaikun waɗanda aka ƙera don magance matsalolin lokaci-lokaci. An saita tsarin a ciki , wanda ke ƙayyade CPU, yankunan ƙwaƙwalwar ajiya, da tashar I/O da aka keɓe ga muhalli.
A cikin sabon sakin
- Ƙara tallafi don Rasberi Pi 4 Model B da Texas Instruments J721E-EVM dandamali;
- na'urar ivshmem da ake amfani da ita don tsara hulɗa tsakanin sel. A saman sabon ivshmem, za ku iya aiwatar da sufuri don VARTIO;
- An aiwatar da ikon musaki ƙirƙirar manyan shafukan ƙwaƙwalwar ajiya (babban shafi) don toshe raunin a cikin na'urori na Intel, wanda ke ba da damar maharan mara izini ya fara ƙin sabis wanda ya haifar da tsarin rataye a cikin "Kuskuren Duba Injin" jihar;
- Don tsarin tare da na'urori masu sarrafawa na ARM64, ana aiwatar da goyan bayan SMMUv3 (Sashin Gudanar da Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwararren Ƙwaƙwalwa ) da TI PVU. An ƙara goyon bayan PCI don keɓantaccen mahalli da ke gudana a saman kayan aiki (bare-metal);
- A kan tsarin x86 don kyamarori masu tushe, yana yiwuwa a kunna yanayin CR4.UMIP (User-Mode Instruction Prevention) wanda na'urori na Intel ke bayarwa, wanda ke ba ku damar hana aiwatarwa a cikin sararin mai amfani na wasu umarni, kamar SGDT, SLDT, SIDT. , SMSW da STR, waɗanda za a iya amfani da su a hare-haren , da nufin haɓaka gata a cikin tsarin.
source: budenet.ru