From: Stefan Hajnoczi <stefanha@redhat.com>
To: Cong Wang <xiyou.wangcong@gmail.com>
Cc: linux-kernel@vger.kernel.org, pasha.tatashin@soleen.com,
Cong Wang <cwang@multikernel.io>,
Andrew Morton <akpm@linux-foundation.org>,
Baoquan He <bhe@redhat.com>, Alexander Graf <graf@amazon.com>,
Mike Rapoport <rppt@kernel.org>,
Changyuan Lyu <changyuanl@google.com>,
kexec@lists.infradead.org, linux-mm@kvack.org
Subject: Re: [RFC Patch 0/7] kernel: Introduce multikernel architecture support
Date: Fri, 19 Sep 2025 17:26:50 -0400 [thread overview]
Message-ID: <20250919212650.GA275426@fedora> (raw)
In-Reply-To: <20250918222607.186488-1-xiyou.wangcong@gmail.com>
[-- Attachment #1: Type: text/plain, Size: 6230 bytes --]
On Thu, Sep 18, 2025 at 03:25:59PM -0700, Cong Wang wrote:
> This patch series introduces multikernel architecture support, enabling
> multiple independent kernel instances to coexist and communicate on a
> single physical machine. Each kernel instance can run on dedicated CPU
> cores while sharing the underlying hardware resources.
>
> The multikernel architecture provides several key benefits:
> - Improved fault isolation between different workloads
> - Enhanced security through kernel-level separation
What level of isolation does this patch series provide? What stops
kernel A from accessing kernel B's memory pages, sending interrupts to
its CPUs, etc?
> - Better resource utilization than traditional VM (KVM, Xen etc.)
> - Potential zero-down kernel update with KHO (Kernel Hand Over)
>
> Architecture Overview:
> The implementation leverages kexec infrastructure to load and manage
> multiple kernel images, with each kernel instance assigned to specific
> CPU cores. Inter-kernel communication is facilitated through a dedicated
> IPI framework that allows kernels to coordinate and share information
> when necessary.
>
> Key Components:
> 1. Enhanced kexec subsystem with dynamic kimage tracking
> 2. Generic IPI communication framework for inter-kernel messaging
> 3. Architecture-specific CPU bootstrap mechanisms (only x86 so far)
> 4. Proc interface for monitoring loaded kernel instances
>
> Patch Summary:
>
> Patch 1/7: Introduces basic multikernel support via kexec, allowing
> multiple kernel images to be loaded simultaneously.
>
> Patch 2/7: Adds x86-specific SMP INIT trampoline for bootstrapping
> CPUs with different kernel instances.
>
> Patch 3/7: Introduces dedicated MULTIKERNEL_VECTOR for x86 inter-kernel
> communication.
>
> Patch 4/7: Implements generic multikernel IPI communication framework
> for cross-kernel messaging and coordination.
>
> Patch 5/7: Adds arch_cpu_physical_id() function to obtain physical CPU
> identifiers for proper CPU management.
>
> Patch 6/7: Replaces static kimage globals with dynamic linked list
> infrastructure to support multiple kernel images.
>
> Patch 7/7: Adds /proc/multikernel interface for monitoring and debugging
> loaded kernel instances.
>
> The implementation maintains full backward compatibility with existing
> kexec functionality while adding the new multikernel capabilities.
>
> IMPORTANT NOTES:
>
> 1) This is a Request for Comments (RFC) submission. While the core
> architecture is functional, there are numerous implementation details
> that need improvement. The primary goal is to gather feedback on the
> high-level design and overall approach rather than focus on specific
> coding details at this stage.
>
> 2) This patch series represents only the foundational framework for
> multikernel support. It establishes the basic infrastructure and
> communication mechanisms. We welcome the community to build upon
> this foundation and develop their own solutions based on this
> framework.
>
> 3) Testing has been limited to the author's development machine using
> hard-coded boot parameters and specific hardware configurations.
> Community testing across different hardware platforms, configurations,
> and use cases would be greatly appreciated to identify potential
> issues and improve robustness. Obviously, don't use this code beyond
> testing.
>
> This work enables new use cases such as running real-time kernels
> alongside general-purpose kernels, isolating security-critical
> applications, and providing dedicated kernel instances for specific
> workloads etc..
This reminds me of Jailhouse, a partitioning hypervisor for Linux.
Jailhouse uses virtualization and other techniques to isolate CPUs,
allowing real-time workloads to run alongside Linux:
https://github.com/siemens/jailhouse
It would be interesting to hear your thoughts about where you want to go
with this series and how it compares with a partitioning hypervisor like
Jailhouse.
Thanks,
Stefan
>
> Signed-off-by: Cong Wang <cwang@multikernel.io>
>
> ---
>
> Cong Wang (7):
> kexec: Introduce multikernel support via kexec
> x86: Introduce SMP INIT trampoline for multikernel CPU bootstrap
> x86: Introduce MULTIKERNEL_VECTOR for inter-kernel communication
> kernel: Introduce generic multikernel IPI communication framework
> x86: Introduce arch_cpu_physical_id() to obtain physical CPU ID
> kexec: Implement dynamic kimage tracking
> kexec: Add /proc/multikernel interface for kimage tracking
>
> arch/powerpc/kexec/crash.c | 8 +-
> arch/x86/include/asm/idtentry.h | 1 +
> arch/x86/include/asm/irq_vectors.h | 1 +
> arch/x86/include/asm/smp.h | 7 +
> arch/x86/kernel/Makefile | 1 +
> arch/x86/kernel/crash.c | 4 +-
> arch/x86/kernel/head64.c | 5 +
> arch/x86/kernel/idt.c | 1 +
> arch/x86/kernel/setup.c | 3 +
> arch/x86/kernel/smp.c | 15 ++
> arch/x86/kernel/smpboot.c | 161 +++++++++++++
> arch/x86/kernel/trampoline_64_bsp.S | 288 ++++++++++++++++++++++
> arch/x86/kernel/vmlinux.lds.S | 6 +
> include/linux/kexec.h | 22 +-
> include/linux/multikernel.h | 81 +++++++
> include/uapi/linux/kexec.h | 1 +
> include/uapi/linux/reboot.h | 2 +-
> init/main.c | 2 +
> kernel/Makefile | 2 +-
> kernel/kexec.c | 103 +++++++-
> kernel/kexec_core.c | 359 ++++++++++++++++++++++++++++
> kernel/kexec_file.c | 33 ++-
> kernel/multikernel.c | 314 ++++++++++++++++++++++++
> kernel/reboot.c | 10 +
> 24 files changed, 1411 insertions(+), 19 deletions(-)
> create mode 100644 arch/x86/kernel/trampoline_64_bsp.S
> create mode 100644 include/linux/multikernel.h
> create mode 100644 kernel/multikernel.c
>
> --
> 2.34.1
>
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 488 bytes --]
next prev parent reply other threads:[~2025-09-19 21:28 UTC|newest]
Thread overview: 47+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-09-18 22:25 [RFC Patch 0/7] kernel: Introduce multikernel architecture support Cong Wang
2025-09-18 22:26 ` [RFC Patch 1/7] kexec: Introduce multikernel support via kexec Cong Wang
2025-09-20 5:33 ` kernel test robot
2025-09-20 6:48 ` kernel test robot
2025-09-18 22:26 ` [RFC Patch 2/7] x86: Introduce SMP INIT trampoline for multikernel CPU bootstrap Cong Wang
2025-09-18 22:26 ` [RFC Patch 3/7] x86: Introduce MULTIKERNEL_VECTOR for inter-kernel communication Cong Wang
2025-09-18 22:26 ` [RFC Patch 4/7] kernel: Introduce generic multikernel IPI communication framework Cong Wang
2025-09-18 22:26 ` [RFC Patch 5/7] x86: Introduce arch_cpu_physical_id() to obtain physical CPU ID Cong Wang
2025-09-18 22:26 ` [RFC Patch 6/7] kexec: Implement dynamic kimage tracking Cong Wang
2025-09-20 6:16 ` kernel test robot
2025-09-18 22:26 ` [RFC Patch 7/7] kexec: Add /proc/multikernel interface for " Cong Wang
2025-09-19 10:10 ` [syzbot ci] Re: kernel: Introduce multikernel architecture support syzbot ci
2025-09-19 13:14 ` [RFC Patch 0/7] " Pasha Tatashin
2025-09-20 21:13 ` Cong Wang
2025-09-19 21:26 ` Stefan Hajnoczi [this message]
2025-09-20 21:40 ` Cong Wang
2025-09-22 14:28 ` Stefan Hajnoczi
2025-09-22 22:41 ` Cong Wang
2025-09-23 17:05 ` Stefan Hajnoczi
2025-09-24 11:38 ` David Hildenbrand
2025-09-24 12:51 ` Stefan Hajnoczi
2025-09-24 18:28 ` Cong Wang
2025-09-24 19:03 ` Stefan Hajnoczi
2025-09-27 19:42 ` Cong Wang
2025-09-29 15:11 ` Stefan Hajnoczi
2025-10-02 4:17 ` Cong Wang
2025-09-24 17:18 ` Cong Wang
2025-09-21 1:47 ` Hillf Danton
2025-09-22 21:55 ` Cong Wang
2025-09-24 1:12 ` Hillf Danton
2025-09-24 17:30 ` Cong Wang
2025-09-24 22:42 ` Hillf Danton
2025-09-21 5:54 ` Jan Engelhardt
2025-09-21 6:24 ` Mike Rapoport
2025-09-24 17:51 ` Christoph Lameter (Ampere)
2025-09-24 18:39 ` Cong Wang
2025-09-26 9:50 ` Jarkko Sakkinen
2025-09-27 20:43 ` Cong Wang
2025-09-28 14:22 ` Jarkko Sakkinen
2025-09-28 14:36 ` Jarkko Sakkinen
2025-09-28 14:41 ` Jarkko Sakkinen
2025-09-25 15:47 ` Jiaxun Yang
2025-09-27 20:06 ` Cong Wang
2025-09-26 9:01 ` Jarkko Sakkinen
2025-09-27 20:27 ` Cong Wang
2025-09-27 20:39 ` Pasha Tatashin
2025-09-28 14:08 ` Jarkko Sakkinen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250919212650.GA275426@fedora \
--to=stefanha@redhat.com \
--cc=akpm@linux-foundation.org \
--cc=bhe@redhat.com \
--cc=changyuanl@google.com \
--cc=cwang@multikernel.io \
--cc=graf@amazon.com \
--cc=kexec@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=pasha.tatashin@soleen.com \
--cc=rppt@kernel.org \
--cc=xiyou.wangcong@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.