Thanks, Jan.
I am pretty clear now.

On 2021/10/18 19:36, Jan Kiszka wrote:
> On 18.10.21 09:00, Zheng Chuan wrote:
>>
>>
>> On 2021/10/18 13:41, Jan Kiszka wrote:
>>> On 18.10.21 06:24, Zheng Chuan wrote:
>>>> Hi, Jan.
>>>>
>>>> On 2021/10/14 17:34, Jan Kiszka wrote:
>>>>> On 12.10.21 13:57, Zheng Chuan wrote:
>>>>>> Hi all,
>>>>>>
>>>>>> After reading the code of jailhouse, I have a few questions.
>>>>>> 1.Once Jailhouse is activated, the boot Linux will run as a VM. If it is 
>>>>>> possible to run VM by KVM(nested mode) in the root cell?
>>>>>>
>>>>>
>>>>> Nope, but you can find traces of an attempt in
>>>>> https://github.com/siemens/jailhouse/commits/wip/kvm
>>>>>
>>>> OK. I'll look into it.
>>>>
>>>>>> 2.I wonder why the root cell need to runs in guest mode? Whether 
>>>>>> jailhouse can run root cell in host mode, create KVM VM inside
>>>>>> root cell. So jailhouse can support both partition and VM.
>>>>>
>>>>> Two main reasons:
>>>>>
>>>>>  - security/safety: If you leave the root Linux running in host mode, it
>>>>>    becomes part of the trusted code base, increasing it by a "few"
>>>>>    orders of magnitude
>>>>>  - functionality: only by intercepting certain I/O accesses, Jailhouse
>>>>>    is able to emulate the ivshmem devices
>>>>>
>>>> OK, I got it
>>>>>>
>>>>>> 3.When create a non-root cell, the jailhouse driver executes cpu_down() 
>>>>>> to offline CPUs, but the offline CPU seems to be running
>>>>>> and respond to interruptions. And the hypervisor seems to have done 
>>>>>> nothing to wake up the CPUs(assigned to non-root cell),
>>>>>> or did I miss the important part of the code?
>>>>>
>>>>> The offlined and then "stolen" CPUs of the non-root cell are first
>>>>> parked and then finally started again at (amost) architectural reset
>>>>> state when doing "jailhouse cell start". On x86, you can see the SIPIs
>>>>> being injected for that in the Jailhouse log.
>>>>>
>>>> Yes. However, I am still a little confused about the status of "offline" 
>>>> cpu.
>>>> i. On x86, is it at real mode or protected mode after we do cpu_down() 
>>>> within vmlanuch?
>>>> ii. is that different from cpu_down() of host?
>>>> iii. on x86,does it conflict with the bootstrap of linux guest since the 
>>>> kernel will do transform from real mode to protected mode?
>>>
>>> We hand over the CPUs in real-mode, as architecturally defined. The only
>>> differences are:
>>>
>>>  - reset address can be configured to be different to 0xFFFFFFF0
>>>  - all CPUs are started at once in a new cell, not just a single boot-
>>>    strap processor
>>>
>>> You can study that by looking at inmates/lib/x86/header-{32,64}.S. This
>>> is the code run first after cell start when using our own inmates.
>>>
>>> Jan
>>>
>> OK, Let me list the initialization of non-root cell in my mind.
>> 1. When we do cell_create, the cpus we wanted are "offline" by the root cell 
>> module. now the "offline" cpus are in real-mode with vmlanuch.
> 
> More exactly, jailhouse module takes CPUs of upcoming non-root cell
> offline (just cli; hlt, not yet real mode), but Linux could still bring
> them up again at this point.
> 
>> 2. The jailhouse sends nmi, and the wanted cpus do vm-exits into jailhouse 
>> (well, i am not sure can cpu response the nmi in real-mode?)
> 
> NMIs are handled only in hypervisor mode (root mode). They serve as
> hypervisor IPIs, take the guest into hypervisor mode, and let the
> hypervisor do what needs to be done.
> 
>> 3. The jailhouse will park them and point the rip into parking_code, and 
>> then the cpus will do hlt code after vm-entry
> 
> Yep. From that point on, Linux will no longer be able to bring the CPUs
> online again - INIT/SIPI for those cores will be rejected.
> 
>> 4. When we do cell_start, the jailhouse sends nmi again, the wanted cpus do 
>> vm-exits into jailhouse.
>> 5. The jailhouse will reset the rip into 0xFFFFFFF0, and the cpus will do 
>> vm-entry after arch_reset_cpu().
>> 6. ok, the /lib/x86/header-{32,64}.S turns on, and also the jailhouse will 
>> work while the inmates sends the sint and sipi.
> 
> Those INIT/SIPI calls are actually emulated. Allowing the guest to issue
> them in reality would bring the CPUs in the wrong state.
> 
>>
>> Is that right?
>>
> 
> Generally, yes!
> 
> Jan
> 

-- 
Regards.
Chuan

-- 
You received this message because you are subscribed to the Google Groups 
"Jailhouse" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To view this discussion on the web visit 
https://groups.google.com/d/msgid/jailhouse-dev/df8c5de1-1062-cf73-2060-601934a30e9f%40huawei.com.

Reply via email to