Look Mum, no VM Exits! (Almost)

Multi-core CPUs are a standard component in many modern embedded systems. Their virtualisation extensions enable the isolation of services, and gain popularity to implement mixed-criticality or otherwise split systems. We present Jailhouse, a Linux-based, OS-agnostic partitioning hypervisor that uses novel architectural approaches to combine Linux, a powerful general-purpose system, with strictly isolated special-purpose components. Our design goals favour simplicity over features, establish a minimal code base, and minimise hypervisor activity. Direct assignment of hardware to guests, together with a deferred initialisation scheme, offloads any complex hardware handling and bootstrapping issues from the hypervisor to the general purpose OS. The hypervisor establishes isolated domains that directly access physical resources without the need for emulation or paravirtualisation. This retains, with negligible system overhead, Linux's feature-richness in uncritical parts, while frugal safety and real-time critical workloads execute in isolated, safe domains.

[1]  Ye Li,et al.  A virtualized separation kernel for mixed criticality systems , 2014, VEE '14.

[2]  Gerwin Klein,et al.  Operating system verification—An overview , 2009 .

[3]  Gernot Heiser,et al.  Hardware-supported virtualization on ARM , 2011, APSys.

[4]  Robert P. Goldberg,et al.  Architectural Principles for Virtual Computer Systems , 1973 .

[5]  Gerald J. Popek,et al.  Formal requirements for virtualizable third generation architectures , 1974, SOSP '73.

[6]  Steve Vestal,et al.  Preemptive Scheduling of Multi-criticality Systems with Varying Degrees of Execution Time Assurance , 2007, 28th IEEE International Real-Time Systems Symposium (RTSS 2007).

[7]  Manfred Broy,et al.  Challenges in automotive software engineering , 2006, ICSE.

[8]  Robert Kaiser,et al.  Evolution of the PikeOS Microkernel , 2015 .

[9]  Ismael Ripoll,et al.  Partitioned Embedded Architecture Based on Hypervisor: The XtratuM Approach , 2010, 2010 European Dependable Computing Conference.

[10]  Chenyang Lu,et al.  RT-Xen: Towards real-time hypervisor scheduling in Xen , 2011, 2011 Proceedings of the Ninth ACM International Conference on Embedded Software (EMSOFT).

[11]  Ulrich Drepper,et al.  The Cost of Virtualization , 2008, ACM Queue.

[12]  Gernot Heiser,et al.  The role of virtualization in embedded systems , 2008, IIES '08.

[13]  Udo Steinberg,et al.  NOVA: a microhypervisor-based secure virtualization architecture , 2010, EuroSys '10.

[14]  Dawson R. Engler,et al.  Exokernel: an operating system architecture for application-level resource management , 1995, SOSP.

[15]  Jorge Pereira,et al.  Towards a lightweight embedded virtualization architecture exploiting ARM TrustZone , 2014, Proceedings of the 2014 IEEE Emerging Technology and Factory Automation (ETFA).

[16]  Gil Neiger,et al.  Intel virtualization technology , 2005, Computer.