Siemens kambani mahara hypervisor kusunungurwa . Iyo hypervisor inotsigira x86_64 masisitimu ane VMX + EPT kana SVM + NPT (AMD-V) ekuwedzera, pamwe neARMv7 uye ARMv8/ARM64 processors ine virtualization extensions. Takaparadzana jenareta yemifananidzo yeJailhouse hypervisor, yakagadzirwa yakavakirwa paDebian mapakeji emidziyo inotsigirwa. Project code ane rezinesi pasi peGPLv2.
Iyo hypervisor inoshandiswa semodule yeLinux kernel uye inopa virtualization pane kernel level. Zvikamu zvevaenzi masisitimu zvakatoverengerwa muLinux kernel huru. Kugadzirisa kuzviparadzanisa nevamwe, iyo hardware virtualization masisitimu anopihwa neazvino maCPU anoshandiswa. Akasarudzika maficha eJailhouse kuita kwayo kukareruka kuita uye kutarisa pakusunga mashini chaiwo kune yakagadziriswa CPU, RAM nzvimbo uye hardware zvishandiso. Iyi nzira inobvumira imwe yemuviri multiprocessor server kutsigira kushanda kweakati wandei akazvimirira nharaunda, imwe neimwe inopihwa kune yayo processor musimboti.
Iine chinongedzo chakasimba kuCPU, iyo pamusoro peiyo hypervisor inodzikiswa uye kuita kwayo kunorerutswa zvakanyanya, sezvo pasina chikonzero chekumhanyisa chakaomesesa chekugovera zvigadziriso - kugovera yakaparadzana CPU musimboti kunovimbisa kuti hapana mamwe mabasa anoitwa paCPU iyi. . Kubatsira kweiyi nzira kugona kupa vimbiso yekuwana zviwanikwa uye kufungidzira kuita, izvo zvinoita kuti Jailhouse ive mhinduro yakakodzera yekugadzira mabasa anoitwa munguva chaiyo. Iyo yakaderera ishoma scalability, inoganhurwa nehuwandu hweCPU cores.
MuJailhouse terminology, nharaunda chaidzo dzinonzi "kamera" (sero, mune yejerihouse mamiriro). Mukati mekamera, sisitimu inotaridzika senge-processor server inoratidza kuita kune kuita kweCPU yakatsaurirwa musimboti. Iyo kamera inogona kumhanyisa nharaunda yeanopokana sisitimu yekushandisa, pamwe neyakabviswa-pasi nharaunda yekumhanyisa imwe application kana yakanyatsogadzirirwa yega maapplication akagadzirirwa kugadzirisa chaiyo-nguva matambudziko. Iyo configuration yakaiswa mukati , iyo inosarudza iyo CPU, nzvimbo dzekuyeuka, uye I/O ports dzakagoverwa kunharaunda.
Mukuburitswa kutsva
- Yakawedzerwa rutsigiro rweRaspberry Pi 4 Model B uye Texas Instruments J721E-EVM mapuratifomu;
- ivshmem mudziyo unoshandiswa kuronga kudyidzana pakati pemasero. Pamusoro peiyo ivshmem itsva, unogona kuita chekufambisa cheVIRTIO;
- Yakagadzirisa kugona kudzima kusikwa kwemapeji makuru ekurangarira (hombe peji) kuvharira kusazvibata. muIntel processors, iyo inobvumira anorwisa asina mukana kuti atange kuramba sevhisi zvichikonzera kuti sisitimu yarembera mu "Machine Check Error" nyika;
- Kune masisitimu ane ARM64 processors, rutsigiro rweSMMUv3 (System Memory Management Unit) uye TI PVU (Peripheral Virtualization Unit) inoitwa. PCI rutsigiro rwakawedzerwa kune dzakasarudzika nharaunda dzinomhanya pamusoro pe Hardware (isina-simbi);
- Pa x86 masisitimu emakamera emidzi, zvinokwanisika kugonesa iyo CR4.UMIP (User-Mode Instruction Prevention) modhi inopiwa neIntel processors, iyo inobvumidza iwe kurambidza kuurayiwa munzvimbo yemushandisi yemamwe mirairo, seSGDT, SLDT, SIDT. , SMSW uye STR, iyo inogona kushandiswa mukurwisa, inotarisirwa kuwedzera ropafadzo muhurongwa.
Source: opennet.ru