Am Tue, 18 Jul 2017 14:20:00 -0700 schrieb Gavin Hindman-Intel <[email protected]>:
> Hi Jan, > > We're prototyping a future silicon feature that can crash the SoC if > the OS schedules some legacy transactions on them. Hacking the OS to > that extent is prohibitive, so our goal was to boot the system with > the cores offline and then only bring them up in a vm/inmate with a > restricted non-linux environment running in that inmate. Not sure it is a good idea to give your vm/inmate the power to crash the SoC. > We're mostly trying to assess the size of the changes that would be > required, and what the reasons were behind ignoring offline cores in > the jailhouse init. I guess the changes would be manageable. And since you are talking about a prototype you can start with hacking something in. You would have to tell the hypervisor which other cores exist but should not be given to linux when in is put into the root-cell. Maybe just put them into your root-cell config and mark them somehow. The hypervisor would take care of bringing them up. And now the driver and tool will probably contain a few assumptions, relax those and it should work. And when such a cell is destroyed or jailhouse is disabled, the cores should be offlined and not be given (back) to Linux. Maybe i overlooked something and it is not as easy as it seems to me right now ... "Linux never actually ran on this core" could be an interresting feature, especially if you can proof that somehow. Henning > -gavin > > On Tuesday, July 18, 2017 at 1:29:13 PM UTC-7, Jan Kiszka wrote: > > On 2017-07-18 20:23, Randy Witt wrote: > > > Is it possible for inmates to use cpus that are offline as far as > > > Linux is concerned? > > > > > > For example, suppose I have 4 cores and I use "maxcpus=2" to > > > prevent Linux from bringing cores 2,3 online. Can I still use > > > those cores for an inmate? > > > > > > I know the jailhouse driver queries online cpus, and my > > > experimentation says it currently doesn't work, but I wanted to > > > verify. This is because I actually have a scenario where I need > > > minimal poking of the core before the inmate code runs. > > > > > > Please accept my apologies if this has been asked before, I > > > couldn't find an answer. > > > > Jailhouse needs to initialize itself on each CPU it is supposed to > > manage. Therefore, its driver calls the init code on each of those > > CPUs. Other CPUs will remain out of reach for it and, thus, also > > for inmates. > > > > Theoretically, it would be possible to extend Jailhouse to > > physically bootstrap also offline CPUs without relying on Linux to > > hand them over in a booted state. Practically, that would mean > > making the hypervisor more complex. It would take a good use case > > to justify such an extension. > > > > Can you elaborate on the reasons? > > > > Jan > -- You received this message because you are subscribed to the Google Groups "Jailhouse" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
