On 18.10.21 09:00, Zheng Chuan wrote:
>
>
> On 2021/10/18 13:41, Jan Kiszka wrote:
>> On 18.10.21 06:24, Zheng Chuan wrote:
>>> Hi, Jan.
>>>
>>> On 2021/10/14 17:34, Jan Kiszka wrote:
>>>> On 12.10.21 13:57, Zheng Chuan wrote:
>>>>> Hi all,
>>>>>
>>>>> After reading the code of jailhouse, I have a few questions.
>>>>> 1.Once Jailhouse is activated, the boot Linux will run as a VM. If it is
>>>>> possible to run VM by KVM(nested mode) in the root cell?
>>>>>
>>>>
>>>> Nope, but you can find traces of an attempt in
>>>> https://github.com/siemens/jailhouse/commits/wip/kvm
>>>>
>>> OK. I'll look into it.
>>>
>>>>> 2.I wonder why the root cell need to runs in guest mode? Whether
>>>>> jailhouse can run root cell in host mode, create KVM VM inside
>>>>> root cell. So jailhouse can support both partition and VM.
>>>>
>>>> Two main reasons:
>>>>
>>>> - security/safety: If you leave the root Linux running in host mode, it
>>>> becomes part of the trusted code base, increasing it by a "few"
>>>> orders of magnitude
>>>> - functionality: only by intercepting certain I/O accesses, Jailhouse
>>>> is able to emulate the ivshmem devices
>>>>
>>> OK, I got it
>>>>>
>>>>> 3.When create a non-root cell, the jailhouse driver executes cpu_down()
>>>>> to offline CPUs, but the offline CPU seems to be running
>>>>> and respond to interruptions. And the hypervisor seems to have done
>>>>> nothing to wake up the CPUs(assigned to non-root cell),
>>>>> or did I miss the important part of the code?
>>>>
>>>> The offlined and then "stolen" CPUs of the non-root cell are first
>>>> parked and then finally started again at (amost) architectural reset
>>>> state when doing "jailhouse cell start". On x86, you can see the SIPIs
>>>> being injected for that in the Jailhouse log.
>>>>
>>> Yes. However, I am still a little confused about the status of "offline"
>>> cpu.
>>> i. On x86, is it at real mode or protected mode after we do cpu_down()
>>> within vmlanuch?
>>> ii. is that different from cpu_down() of host?
>>> iii. on x86,does it conflict with the bootstrap of linux guest since the
>>> kernel will do transform from real mode to protected mode?
>>
>> We hand over the CPUs in real-mode, as architecturally defined. The only
>> differences are:
>>
>> - reset address can be configured to be different to 0xFFFFFFF0
>> - all CPUs are started at once in a new cell, not just a single boot-
>> strap processor
>>
>> You can study that by looking at inmates/lib/x86/header-{32,64}.S. This
>> is the code run first after cell start when using our own inmates.
>>
>> Jan
>>
> OK, Let me list the initialization of non-root cell in my mind.
> 1. When we do cell_create, the cpus we wanted are "offline" by the root cell
> module. now the "offline" cpus are in real-mode with vmlanuch.
More exactly, jailhouse module takes CPUs of upcoming non-root cell
offline (just cli; hlt, not yet real mode), but Linux could still bring
them up again at this point.
> 2. The jailhouse sends nmi, and the wanted cpus do vm-exits into jailhouse
> (well, i am not sure can cpu response the nmi in real-mode?)
NMIs are handled only in hypervisor mode (root mode). They serve as
hypervisor IPIs, take the guest into hypervisor mode, and let the
hypervisor do what needs to be done.
> 3. The jailhouse will park them and point the rip into parking_code, and then
> the cpus will do hlt code after vm-entry
Yep. From that point on, Linux will no longer be able to bring the CPUs
online again - INIT/SIPI for those cores will be rejected.
> 4. When we do cell_start, the jailhouse sends nmi again, the wanted cpus do
> vm-exits into jailhouse.
> 5. The jailhouse will reset the rip into 0xFFFFFFF0, and the cpus will do
> vm-entry after arch_reset_cpu().
> 6. ok, the /lib/x86/header-{32,64}.S turns on, and also the jailhouse will
> work while the inmates sends the sint and sipi.
Those INIT/SIPI calls are actually emulated. Allowing the guest to issue
them in reality would bring the CPUs in the wrong state.
>
> Is that right?
>
Generally, yes!
Jan
--
Siemens AG, T RDA IOT
Corporate Competence Center Embedded Linux
--
You received this message because you are subscribed to the Google Groups
"Jailhouse" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/jailhouse-dev/9e90522c-9cf5-dc34-f8e6-d1c7abb2ddf6%40siemens.com.
