Re: [RFC, PATCH 0/24] VMI i386 Linux virtualization interface proposal

From: Zachary Amsden
Date: Fri Mar 17 2006 - 12:49:33 EST


Chuck Ebbert wrote:
In-Reply-To: <20060315102522.GA5926@xxxxxxxxxxxxx>

On Wed, 15 Mar 2006 10:25:22 +0000, Christoph Hellwig wrote:
I'd like to see a test harness implementation that has no actual
hypervisor functionality and just implements the VMI calls natively.
This could be used to test the interface and would provide a nice
starting point for those who want to write a VMI hypervisor.

I was going to make one yesterday. But Fry's electronics stopped carrying flashable blank PCI cards. :) Anyone know of a vendor?

It is possible to do in a software layer, although it really is a lot easier to have the BIOS take care of all the fuss of finding a place in low memory for you to live, setting up the various memory maps and everything else for you.

There is enormous benefit to having such a layer - you have a very power test harness, not just to make sure VMI works, but even more importantly, to inspect and verify the native kernel operation as well. You have a plethora of imporant hooks into the system, which feed you knowledge you can not otherwise gain about which page tables have been made active, when you take IRQs, where the kernel stack lives.

All of this is ripe for a debug harness that can verify the kernel doesn't overflow the kernel stack, doesn't write to active page table entries without proper accessors and subsequent invalidations, and obeys the rules that are required for correctness when running under a hypervisor. You probably even want to do hypervisor like things - such as write protecting the kernel page tables so that you can be confident there are no stray raw PTE accesses.

We actually found one (harmless on native) in i386, which was enabling NX bit.

Zach
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/