Inkampani yakwa-Siemens ukukhululwa kwe-hypervisor yamahhala . I-hypervisor isekela izinhlelo ze-x86_64 ezinezandiso ze-VMX+EPT noma i-SVM+NPT (AMD-V), kanye namaphrosesa we-ARMv7 kanye ne-ARMv8/ARM64 anezandiso ze-virtualization. Ngokuhlukana ijeneretha yesithombe ye-Jailhouse hypervisor, ekhiqizwe ngokusekelwe kumaphakheji e-Debian wamadivayisi asekelwe. Ikhodi yephrojekthi ilayisensi ngaphansi kwe-GPLv2.
I-hypervisor isetshenziswa njengemojula ye-Linux kernel futhi inikeza i-virtualization ezingeni le-kernel. Izingxenye zezinhlelo zezivakashi sezivele zifakiwe ku-Linux kernel eyinhloko. Ukuphatha ukuhlukaniswa, izindlela zokwenza izinto ezibonakalayo ezinikezwe ama-CPU esimanje ziyasetshenziswa. Izici ezihlukile ze-Jailhouse ukusetshenziswa kwayo okungasindi futhi igxile ekubopheni imishini ebonakalayo ku-CPU engashintshi, indawo ye-RAM namadivayisi wehadiwe. Le ndlela ivumela iseva eyodwa ye-multiprocessor ngokomzimba ukuthi isekele ukusebenza kwezindawo ezimbalwa ezizimele ezizimele, ngayinye eyabelwe umgogodla wayo wokucubungula.
Ngesixhumanisi esiqinile ku-CPU, i-overhead ye-hypervisor iyancishiswa futhi ukuqaliswa kwayo kwenziwa lula kakhulu, njengoba asikho isidingo sokusebenzisa ukuhlelwa kwezinsiza eziyinkimbinkimbi - ukwaba umgogodla we-CPU ohlukile kuqinisekisa ukuthi ayikho eminye imisebenzi eyenziwa kule CPU. . Inzuzo yale ndlela yikhono lokunikeza ukufinyelela okuqinisekisiwe kwezinsiza nokusebenza okubikezelwayo, okwenza i-Jailhouse ibe yisixazululo esifanelekile sokudala imisebenzi eyenziwa ngesikhathi sangempela. Okubi ukukala okukhawulelwe, kukhawulwe ngenani lama-CPU cores.
Kumatemu e-Jailhouse, izindawo ezibonakalayo zibizwa ngokuthi βamakhameraβ (iseli, kumongo wendlu yejele). Ngaphakathi kwekhamera, uhlelo lubukeka njengeseva yephrosesa eyodwa ebonisa ukusebenza ekusebenzeni kwe-CPU core ezinikele. Ikhamera ingasebenzisa indawo yesistimu yokusebenza engafanele, kanye nezimo ezisusiwe ukuze isebenze uhlelo olulodwa noma izinhlelo zokusebenza ezilungiselelwe ngokukhethekile ezidizayinelwe ukuxazulula izinkinga zesikhathi sangempela. Ukucushwa kusethiwe , enquma i-CPU, izifunda zenkumbulo, nezimbobo ze-I/O ezinikezwe imvelo.
Ekukhululweni okusha
- Ukwesekwa okwengeziwe kwamapulatifomu e-Raspberry Pi 4 Model B kanye ne-Texas Instruments J721E-EVM;
- ivshmem idivayisi esetshenziselwa ukuhlela ukusebenzisana phakathi kwamaseli. Ngaphezulu kwe-ivshmem entsha, ungasebenzisa ezokuthutha ze-VIRTIO;
- Kusetshenziswe ikhono lokukhubaza ukudalwa kwamakhasi enkumbulo amakhulu (ikhasi elikhulu) ukuze kuvinjwe ukuba sengozini kuma-Intel processors, avumela umhlaseli ongenalo ilungelo ukuthi aqale ukunqatshelwa kwesevisi okuholela ekutheni uhlelo lulengiswe kusimo sokuthi βIphutha Lokuhlola Umshiniβ;
- Kumasistimu anamaphrosesa e-ARM64, usekelo lwe-SMMUv3 (Iyunithi Yokulawula Inkumbulo Yesistimu) kanye ne-TI PVU (Iyunithi Ye-Peripheral Virtualization) iyasetshenziswa. Ukusekelwa kwe-PCI kwengezwe ezindaweni ezingazodwa ezisebenza phezu kwe-hardware (insimbi engenalutho);
- Kuzinhlelo ze-x86 zamakhamera ezimpande, kuyenzeka ukunika amandla imodi ye-CR4.UMIP (User-Mode Instruction Prevention) ehlinzekwa ama-Intel processors, akuvumela ukuthi uvimbele ukwenziwa endaweni yomsebenzisi kwemiyalelo ethile, njenge-SGDT, SLDT, SIDT , SMSW kanye STR, engasetshenziswa ekuhlaselweni , okuhloswe ngayo ukwandisa amalungelo ohlelweni.
Source: opennet.ru