We are inventing a name for the new hypervisor for MIPS architecture with hardware-supported virtualization
The other day at the office of Imagination Technologies in Santa Clara, California, a multi-core Linux specialist Leonid Yegoshin comes to me and says:
Yegoshin: Here, I wrote the world's smallest hypervisor.
I: Yes? What is the name?
')
Yegoshin: I have not yet invented. And the marketing did not let the name down. Think of a name! It all the same will be opensource-project.
Me: It is difficult for me to think of something like that. As the saying goes, "as you call a yacht, so it will float." We must ask the public.
Yegoshin: And I will be still in April in Dolgoprudny, at MIPT. Not been there since the 20th century. Are there anyone who is interested in MIPS-Linux / IoT / hypervisors on MIPS?
Me: Well, the public can also be asked about this.
So I wrote this post to ask the public. But first I will tell you who Leonid Egoshin is and what a hypervisor is.
***
Not all young people know, but the USSR had its own Unix. Not under Brezhnev, but under Andropov.
And one of the first Soviet Unixologists was Egoshin (he is the only one in the photo on the Red Square of the 1980s who smiles). Then Egoshin moved to Silicon Valley and began working at MIPS Technologies, which became Imagination Technologies. In the picture on the right, Egoshin is already in 2015, with the first motherboard brought to America from Russia with a Russian microprocessor Baikal-T - Egoshin helped to debug Linux on it:
And now what is a hypervisor.
A hypervisor is a program that manages the work of two or more operating systems that run on a processor simultaneously within virtual machines. It seems to a software inside a virtual machine that it owns the entire real machine, all of its I / O ports, memory and interrupts.
Virtualization is the next step after kernel / user mode (kernel mode / user mode). In the kernel / user paradigm, the operating system protects itself from user programs and user programs from each other. Kernel privilege mode is enabled when an interrupt occurs during the execution of a user program. Then the OS looks what happened, and can switch to the execution of another user program. In the case of virtualization on top of kernel / user, root / guest modes are also included to protect several guest operating systems from each other and share resources between them. This is the hypervisor in root mode:
https://www.imgtec.com/mips/architectures/virtualization/
Virtualization should not be confused with virtual memory. Virtual memory can exist without virtualization. In the virtual memory paradigm, the OS / kernel manages the hardware-supported translation table of virtual addresses used by user programs into physical addresses in memory. Thus, the OS creates the illusion of owning an address space with the same virtual addresses of several user programs, although they may have different physical addresses. In the case of virtualization, the virtual address translation table has the next level, to create illusions not only for user programs, but also for guest operating systems.
Virtualization can be of several types, including para-virtualization, when modification of the operating systems managed by the hyraiser and full virtualization are necessary, with hardware support, when the hypervisor-controlled OSs may not even feel the presence of the hypervisor.
In general, virtualization as a technology appeared more than 40 years ago, it was already at IBM / 370 IBM-ovsky mainframes (but not IBM / 360). In the USSR, virtualization was used on EU computers, which were similar to the corresponding IBM / 370. Virtualization was even reflected in American pop culture — a start-up in the art book of the first Internet boom of the 1990s, The First $ 20 Millions Most Difficult, was concerned in particular with Apple Mac virtualization on super cheap $ 300 USD PCs (then it was considered fantasy). By the way, the film, based on the novel, turned out to be one of the biggest failures in the history of Hollywood, earning only $ 5,491 (five thousand dollars with something) with $ 17 million spent ( see )
But back to Egoshin. The hypervisor Egshina runs on the MIPS M5150 processor core. This is an economical core that is used for Microchip PIC32MZ microcontrollers and for chips for the Internet of things.
“What about virtualization on the microcontroller ?!” the reader may exclaim. For security. Even on a small chip for IoT, let's say the built-in Linux can work at the same time and say a very secure code for working with financial transactions. Now, if a user installs a hacked operating system, it will not be able to access another OS that performs critical operations, because there is a hypervisor between the two OSs. This becomes especially important in the case of the Internet of things, when an iron or a toaster thrown into the home network can theoretically exchange information with the host’s host computer.
The Egoshinsky hypervisor can work on such a Digilent chiKIT WI-FIRE board:
And now give the floor to Leonid:
In general, if you have a good name for the hypervisor or a desire to cross at MIPT during Leonid Yoshishin’s visit to the alma mater in April, you can either write to him at Leonid.Yegoshin@imgtec.com , or leave comments here.
***
Help from Wikipedia about the photo on the left:
Yegoshin: Here, I wrote the world's smallest hypervisor.
I: Yes? What is the name?
')
Yegoshin: I have not yet invented. And the marketing did not let the name down. Think of a name! It all the same will be opensource-project.
Me: It is difficult for me to think of something like that. As the saying goes, "as you call a yacht, so it will float." We must ask the public.
Yegoshin: And I will be still in April in Dolgoprudny, at MIPT. Not been there since the 20th century. Are there anyone who is interested in MIPS-Linux / IoT / hypervisors on MIPS?
Me: Well, the public can also be asked about this.
So I wrote this post to ask the public. But first I will tell you who Leonid Egoshin is and what a hypervisor is.
***
Not all young people know, but the USSR had its own Unix. Not under Brezhnev, but under Andropov.
And one of the first Soviet Unixologists was Egoshin (he is the only one in the photo on the Red Square of the 1980s who smiles). Then Egoshin moved to Silicon Valley and began working at MIPS Technologies, which became Imagination Technologies. In the picture on the right, Egoshin is already in 2015, with the first motherboard brought to America from Russia with a Russian microprocessor Baikal-T - Egoshin helped to debug Linux on it:
And now what is a hypervisor.
A hypervisor is a program that manages the work of two or more operating systems that run on a processor simultaneously within virtual machines. It seems to a software inside a virtual machine that it owns the entire real machine, all of its I / O ports, memory and interrupts.
Virtualization is the next step after kernel / user mode (kernel mode / user mode). In the kernel / user paradigm, the operating system protects itself from user programs and user programs from each other. Kernel privilege mode is enabled when an interrupt occurs during the execution of a user program. Then the OS looks what happened, and can switch to the execution of another user program. In the case of virtualization on top of kernel / user, root / guest modes are also included to protect several guest operating systems from each other and share resources between them. This is the hypervisor in root mode:
https://www.imgtec.com/mips/architectures/virtualization/
Virtualization should not be confused with virtual memory. Virtual memory can exist without virtualization. In the virtual memory paradigm, the OS / kernel manages the hardware-supported translation table of virtual addresses used by user programs into physical addresses in memory. Thus, the OS creates the illusion of owning an address space with the same virtual addresses of several user programs, although they may have different physical addresses. In the case of virtualization, the virtual address translation table has the next level, to create illusions not only for user programs, but also for guest operating systems.
Virtualization can be of several types, including para-virtualization, when modification of the operating systems managed by the hyraiser and full virtualization are necessary, with hardware support, when the hypervisor-controlled OSs may not even feel the presence of the hypervisor.
In general, virtualization as a technology appeared more than 40 years ago, it was already at IBM / 370 IBM-ovsky mainframes (but not IBM / 360). In the USSR, virtualization was used on EU computers, which were similar to the corresponding IBM / 370. Virtualization was even reflected in American pop culture — a start-up in the art book of the first Internet boom of the 1990s, The First $ 20 Millions Most Difficult, was concerned in particular with Apple Mac virtualization on super cheap $ 300 USD PCs (then it was considered fantasy). By the way, the film, based on the novel, turned out to be one of the biggest failures in the history of Hollywood, earning only $ 5,491 (five thousand dollars with something) with $ 17 million spent ( see )
But back to Egoshin. The hypervisor Egshina runs on the MIPS M5150 processor core. This is an economical core that is used for Microchip PIC32MZ microcontrollers and for chips for the Internet of things.
“What about virtualization on the microcontroller ?!” the reader may exclaim. For security. Even on a small chip for IoT, let's say the built-in Linux can work at the same time and say a very secure code for working with financial transactions. Now, if a user installs a hacked operating system, it will not be able to access another OS that performs critical operations, because there is a hypervisor between the two OSs. This becomes especially important in the case of the Internet of things, when an iron or a toaster thrown into the home network can theoretically exchange information with the host’s host computer.
The Egoshinsky hypervisor can work on such a Digilent chiKIT WI-FIRE board:
And now give the floor to Leonid:
Yura, hypervisor basics:
Memory - 35Kilobyte code, 24KB data
Real-time values ​​-
1. Basic hypervisor call (HYPCALL): 74 clock cycles
2. Force context switch to root and back: 336 clock cycles
3. Emulation of guest register: 207 clock cycles
4. SW IRQ injection timing, no context switch: 173 clock cycles
Shared shared devices emulated as proprietary to each Guest:
- PIC32MZ Interrupt controller in EIC mod.
- Console UART.
- Read-only registers such as clock etc. The minimum size of the register block is 16 bytes.
At the moment, support only PIC32MZ (EF) model, its Interrupt controller and the device - the board, which can be bought cheaply.
The configuration is static, with the help of the desktop Python scripts that do recalculation of the location addresses of guests and their IRQ into tables for TLB (PTE) and interrupt management. At the end of the configuration, everything turns into one .srec file that can be inserted into the PIC32MZ using the pic32prog program from Vakulenko .
UPD: In addition, a fresh link to the urgency of the problem (virus in ATMs) - https://www.gazeta.ru/tech/2017/03/20/10584965/atm_virus.shtml#page2
In general, if you have a good name for the hypervisor or a desire to cross at MIPT during Leonid Yoshishin’s visit to the alma mater in April, you can either write to him at Leonid.Yegoshin@imgtec.com , or leave comments here.
***
Help from Wikipedia about the photo on the left:
Hidden texthttp://ru.wikipedia.org/wiki/%D0%94%D0%95%D0%9C%D0%9E%D0%A1
Around 1982-1983, copies of the UNIX operating system (v6 and v7) were brought to Moscow. Based on them at the Institute of Atomic Energy. I. Kurchatov, with the participation of a number of specialists from other organizations, carried out the adaptation of the system to local conditions - localization into Russian and adaptation to domestic technology, above all - to the SM-4 and SM-1420 machines. At the same time, localization was carried out at the Institute for Advanced Studies of Minavtoprom, where the new system was called “MNOS” (Machine Independent Operating System). Later, the two teams merged, and the system was renamed “DEMOS” (Dialogue Unified Mobile Operating System). In 1985, OS Demos version 2.0 was released (using BSD4.2 source code). The project closed in the early 1990s.
The developers of DEMOS were awarded in 1988 with the Prize of the USSR Council of Ministers on science and technology.
Authors Valery Bardin, Sergey Anshukov, Vadim Antonov, Alexey Rudnev, Sergey Ryzhkov, Nikolay Saukh, Dmitry Volodin, Sergey Vakulenko, Mikhail Korotayev, Pavel Khodakov, Andrey “ache” Chernov, Mikhail Paremsky, Sergey Usikov, Leonid Egoshin, Mikhail Davidov, Mikhail Flerov et al.
Source: https://habr.com/ru/post/324444/
All Articles