Re: [RFC, PATCH 0/24] VMI i386 Linux virtualization interface proposal

Re: [RFC, PATCH 0/24] VMI i386 Linux virtualization interface proposal

[Chuck Ebbert]

In-Reply-To: <20060315102522.GA5926@infradead.org>

On Wed, 15 Mar 2006 10:25:22 +0000, Christoph Hellwig wrote:

> I agree with Zach here, the Xen hypervisor <-> kernel interface is
> not very nice.  This proposal seems like a step forward althogh it'll
> probably need to go through a few iterations.  Without and actually
> useable opensource hypevisor reference implementation it's totally
> unacceptable, though.

I'd like to see a test harness implementation that has no actual
hypervisor functionality and just implements the VMI calls natively.
This could be used to test the interface and would provide a nice
starting point for those who want to write a VMI hypervisor.


-- 
Chuck
"Penguins don't come from next door, they come from the Antarctic!"

Re: [RFC, PATCH 0/24] VMI i386 Linux virtualization interface proposal

[Zachary Amsden]

Chuck Ebbert wrote:
> In-Reply-To: <20060315102522.GA5926@infradead.org>
>
> On Wed, 15 Mar 2006 10:25:22 +0000, Christoph Hellwig wrote:
>   
> I'd like to see a test harness implementation that has no actual
> hypervisor functionality and just implements the VMI calls natively.
> This could be used to test the interface and would provide a nice
> starting point for those who want to write a VMI hypervisor.
>   

I was going to make one yesterday.  But Fry's electronics stopped 
carrying flashable blank PCI cards. :)  Anyone know of a vendor?

It is possible to do in a software layer, although it really is a lot 
easier to have the BIOS take care of all the fuss of finding a place in 
low memory for you to live, setting up the various memory maps and 
everything else for you.

There is enormous benefit to having such a layer - you have a very power 
test harness, not just to make sure VMI works, but even more 
importantly, to inspect and verify the native kernel operation as well.  
You have a plethora of imporant hooks into the system, which feed you 
knowledge you can not otherwise gain about which page tables have been 
made active, when you take IRQs, where the kernel stack lives.

All of this is ripe for a debug harness that can verify the kernel 
doesn't overflow the kernel stack, doesn't write to active page table 
entries without proper accessors and subsequent invalidations, and obeys 
the rules that are required for correctness when running under a 
hypervisor.  You probably even want to do hypervisor like things - such 
as write protecting the kernel page tables so that you can be confident 
there are no stray raw PTE accesses.

We actually found one (harmless on native) in i386, which was enabling 
NX bit.

Zach

Re: [Xen-devel] Re: [RFC, PATCH 0/24] VMI i386 Linux virtualization interface proposal

[Anthony Liguori]

Zachary Amsden wrote:
> Chuck Ebbert wrote:
>> In-Reply-To: <20060315102522.GA5926@infradead.org>
>>
>> On Wed, 15 Mar 2006 10:25:22 +0000, Christoph Hellwig wrote:
>>   I'd like to see a test harness implementation that has no actual
>> hypervisor functionality and just implements the VMI calls natively.
>> This could be used to test the interface and would provide a nice
>> starting point for those who want to write a VMI hypervisor.
>>   
>
> I was going to make one yesterday.  But Fry's electronics stopped 
> carrying flashable blank PCI cards. :)  Anyone know of a vendor?
It's very practical to just patch Qemu to load a VMI rom as an option 
ROM.  That makes such an example VMI ROM very practical without having 
to build a special PCI device.

Regards,

Anthony Liguori
> It is possible to do in a software layer, although it really is a lot 
> easier to have the BIOS take care of all the fuss of finding a place 
> in low memory for you to live, setting up the various memory maps and 
> everything else for you.
>
> There is enormous benefit to having such a layer - you have a very 
> power test harness, not just to make sure VMI works, but even more 
> importantly, to inspect and verify the native kernel operation as 
> well.  You have a plethora of imporant hooks into the system, which 
> feed you knowledge you can not otherwise gain about which page tables 
> have been made active, when you take IRQs, where the kernel stack lives.
>
> All of this is ripe for a debug harness that can verify the kernel 
> doesn't overflow the kernel stack, doesn't write to active page table 
> entries without proper accessors and subsequent invalidations, and 
> obeys the rules that are required for correctness when running under a 
> hypervisor.  You probably even want to do hypervisor like things - 
> such as write protecting the kernel page tables so that you can be 
> confident there are no stray raw PTE accesses.
>
> We actually found one (harmless on native) in i386, which was enabling 
> NX bit.
>
> Zach
>
> _______________________________________________
> Xen-devel mailing list
> Xen-devel@lists.xensource.com
> http://lists.xensource.com/xen-devel