Transplantation of VirtualBox to the NOVA microhypervisor Norman - - PowerPoint PPT Presentation

transplantation of virtualbox to the nova microhypervisor
SMART_READER_LITE
LIVE PREVIEW

Transplantation of VirtualBox to the NOVA microhypervisor Norman - - PowerPoint PPT Presentation

Mar 13, 2024 542 likes •967 views

Transplantation of VirtualBox to the NOVA microhypervisor Norman Feske < norman.feske@genode-labs.com > Outline 1. VirtualBox 2. NOVA microhypervisor and Genode 3. Steps 4. Demo + Outlook 5. War stories Transplantation of VirtualBox

slide-1
SLIDE 1

Transplantation of VirtualBox to the NOVA microhypervisor

Norman Feske <norman.feske@genode-labs.com>

slide-2
SLIDE 2

Outline

  • 1. VirtualBox
  • 2. NOVA microhypervisor and Genode
  • 3. Steps
  • 4. Demo + Outlook
  • 5. War stories

Transplantation of VirtualBox to the NOVA microhypervisor 2

slide-3
SLIDE 3

Outline

  • 1. VirtualBox
  • 2. NOVA microhypervisor and Genode
  • 3. Steps
  • 4. Demo + Outlook
  • 5. War stories

Transplantation of VirtualBox to the NOVA microhypervisor 3

slide-4
SLIDE 4

Architecture overview

SVC config, status IPCD VM process VM process VBoxManage VirtualBox Application /dev/vboxdrv /dev/vboxdrv

xpcom xpcom xpcom xpcom

Transplantation of VirtualBox to the NOVA microhypervisor 4

slide-5
SLIDE 5

Starting up a VM process

VM process /dev/vboxdrv

  • pen

kernel vboxdrv.ko

Transplantation of VirtualBox to the NOVA microhypervisor 5

slide-6
SLIDE 6

VM process running

root mode non-root mode

VM process /dev/vboxdrv kernel vboxdrv.ko VMMR0 / Hypervisor load VMMR0

Transplantation of VirtualBox to the NOVA microhypervisor 6

slide-7
SLIDE 7

Entering the Guest OS

root mode non-root mode

Guest OS

VM process /dev/vboxdrv kernel vboxdrv.ko ioctrl VM RUN world switch

Transplantation of VirtualBox to the NOVA microhypervisor 7

slide-8
SLIDE 8

Flow of a virtualization event

root mode non-root mode

Guest OS

VM process /dev/vboxdrv kernel vboxdrv.ko world switch VMMR0 ? yes no VM RUN returns

Transplantation of VirtualBox to the NOVA microhypervisor 8

slide-9
SLIDE 9

Risks for desktop virtualization

root mode non-root mode

Guest OS

VM process /dev/vboxdrv kernel vboxdrv.ko VMMR0 / Hypervisor highly complex

Transplantation of VirtualBox to the NOVA microhypervisor 9

slide-10
SLIDE 10

Risks for desktop virtualization

root mode non-root mode

Guest OS

VM process /dev/vboxdrv kernel vboxdrv.ko VMMR0 / Hypervisor highly complex access control?

Transplantation of VirtualBox to the NOVA microhypervisor 10

slide-11
SLIDE 11

Risks for desktop virtualization

root mode non-root mode

Guest OS

VM process /dev/vboxdrv kernel vboxdrv.ko VMMR0 / Hypervisor highly complex access control? authorized to change the kernel highly complex

Transplantation of VirtualBox to the NOVA microhypervisor 11

slide-12
SLIDE 12

Outline

  • 1. VirtualBox
  • 2. NOVA microhypervisor and Genode
  • 3. Steps
  • 4. Demo + Outlook
  • 5. War stories

Transplantation of VirtualBox to the NOVA microhypervisor 12

slide-13
SLIDE 13

NOVA architecture

non-root mode root mode kernel NOVA Microhypervisor 9,000 SLOC Resource management Apps Drivers VMM VMM VMM Guest OS Guest OS Guest OS

Transplantation of VirtualBox to the NOVA microhypervisor 13

slide-14
SLIDE 14

Flow of a virtualization event

User-level VMM Guest OS NOVA

UTCB UTCB

  • VMCS

world switch

copy Transplantation of VirtualBox to the NOVA microhypervisor 14

slide-15
SLIDE 15

Genode OS architecture

→ Application-specific TCB

Transplantation of VirtualBox to the NOVA microhypervisor 15

slide-16
SLIDE 16

Genode OS framework

Transplantation of VirtualBox to the NOVA microhypervisor 16

slide-17
SLIDE 17

Genode combined with virtualization

Transplantation of VirtualBox to the NOVA microhypervisor 17

slide-18
SLIDE 18

Seoul VMM on top of Genode/NOVA

User Mode Privileged Mode

NOVA Hypervisor Core Init

Resource Multiplexer

Unmodified Guest OS

virtual CPU virtual device virtual RAM

VMM Device Driver Kernel Transplantation of VirtualBox to the NOVA microhypervisor 18

slide-19
SLIDE 19

Idea

Device models and features of VirtualBox

+

Security of the Genode/NOVA architecture

Transplantation of VirtualBox to the NOVA microhypervisor 19

slide-20
SLIDE 20

Outline

  • 1. VirtualBox
  • 2. NOVA microhypervisor and Genode
  • 3. Steps
  • 4. Demo + Outlook
  • 5. War stories

Transplantation of VirtualBox to the NOVA microhypervisor 20

slide-21
SLIDE 21

Identify the interesting parts

Entire VirtualBox code base > 4 million lines of code (sloccount) Narrowed to the interesting parts > 2 million lines of code

src/VBox/VMM src/recompiler src/VBox/Main src/libs/liblzf-3.4 src/VBox/Runtime src/libs/liblzf-3.4/cs src/VBox/Devices src/libs/libxml2-2.6.31 src/VBox/Storage src/libs/zlib-1.2.6 src/VBox/GuestHost include/VBox src/VBox/Disassembler include/iprt src/VBox/HostServices

Transplantation of VirtualBox to the NOVA microhypervisor 21

slide-22
SLIDE 22

Porting the VirtualBox Runtime to Genode

Facilitate Genode’s existing infrastructure

◮ 3rd-party software management tools ◮ FreeBSD libc ◮ Standard C++ library ◮ POSIX threads

→ Most parts of the POSIX runtime could be reused

Transplantation of VirtualBox to the NOVA microhypervisor 22

slide-23
SLIDE 23

VM process initialization

Enable subsystems one by one Guest memory (accessed by recompiler and device models) RAM, MMIO I/O-port handling PGM, HWACCM, TM Device models, PDM, BIOS Host drivers

◮ Using the “Basic front end” ◮ Reimplement SDLConsole interface Transplantation of VirtualBox to the NOVA microhypervisor 23

slide-24
SLIDE 24

A look inside a VM process

Execution Manager Recompiler Instruction Emulator Hardware Acceleration VM Enter VM Exit

Transplantation of VirtualBox to the NOVA microhypervisor 24

slide-25
SLIDE 25

Start with executing the recompiler only

Execution Manager Recompiler Instruction Emulator Hardware Acceleration

Transplantation of VirtualBox to the NOVA microhypervisor 25

slide-26
SLIDE 26

Simple test scenario

Linux Core

ROM

Init FB SDL

Framebuffer Input

VirtualBox ISO image kernel

Transplantation of VirtualBox to the NOVA microhypervisor 26

slide-27
SLIDE 27

Increasing guest complexity

  • 1. Custom-made Genode OS scenarios
  • 2. Small Linux-based images (Tinycore, GRML)
  • 3. Windows XP

Transplantation of VirtualBox to the NOVA microhypervisor 27

slide-28
SLIDE 28

Windows XP as a guest

Linux Core Core Init FB SDL

Framebuffer Input

VirtualBox LX Proxy FS

File system

VDI image kernel

Transplantation of VirtualBox to the NOVA microhypervisor 28

slide-29
SLIDE 29

Move scenario to NOVA

NOVA Core Init VirtualBox VESA driver

Framebuffer

PS/2 driver

Input

Rump FS

File system

AHCI driver

Block

VDI image kernel

Transplantation of VirtualBox to the NOVA microhypervisor 29

slide-30
SLIDE 30

Entering non-root mode

Execution Manager Recompiler Instruction Emulator Hardware Acceleration VM Enter VM Exit IRQs

Transplantation of VirtualBox to the NOVA microhypervisor 30

slide-31
SLIDE 31

Entering non-root mode

VBox VM state ↔ NOVA UTCB state Virtualization of guest memory (EPT faults) Enter VT-x conservatively (if protected mode and paging enabled) Inject IRQs into recompiler Later: IRQ injection via NOVA into VT-X

Transplantation of VirtualBox to the NOVA microhypervisor 31

slide-32
SLIDE 32

Adding features

Additional drivers Networking Guest tools Shared folders Host clock Mouse-pointer synchronization

Transplantation of VirtualBox to the NOVA microhypervisor 32

slide-33
SLIDE 33

Update to VirtualBox 4.3

Basic front end no longer supported Use of main front end code to NOVA port

◮ Custom console implementation ◮ Shortcut XPCOM middleware

→ Support for using .vbox files

Transplantation of VirtualBox to the NOVA microhypervisor 33

slide-34
SLIDE 34

Outline

  • 1. VirtualBox
  • 2. NOVA microhypervisor and Genode
  • 3. Steps
  • 4. Demo + Outlook
  • 5. War stories

Transplantation of VirtualBox to the NOVA microhypervisor 34

slide-35
SLIDE 35

Demo

Windows 7 running in VirtualBox directly on top of NOVA

Transplantation of VirtualBox to the NOVA microhypervisor 35

slide-36
SLIDE 36

Adaptation of VirtualBox to Genode/NOVA

Ported code 400,000 lines of code (sloccount) New code 6,200 lines (sloccount) hm, iommio, ioport, mm, pdm, pgm, sup Modifications of the original code 510 lines added 120 lines removed

Transplantation of VirtualBox to the NOVA microhypervisor 36

slide-37
SLIDE 37

Current state and outlook

Usable performance, optimization ongoing Focused on VT-X, SVM not regularly tested Reduces TCB complexity to two orders of magnitude Useful for building appliances in high-security computing Stepping stone for using Genode as a general-purpose OS

Transplantation of VirtualBox to the NOVA microhypervisor 37

slide-38
SLIDE 38

Outline

  • 1. VirtualBox
  • 2. NOVA microhypervisor and Genode
  • 3. Steps
  • 4. Demo + Outlook
  • 5. War stories

Transplantation of VirtualBox to the NOVA microhypervisor 38

slide-39
SLIDE 39

War stories

Invalid guest state TLB consistency Interrupt handling Large files in shared folders

Transplantation of VirtualBox to the NOVA microhypervisor 39

slide-40
SLIDE 40

Thank you

Genode OS Framework http://genode.org Genode Labs GmbH http://www.genode-labs.com Source code at GitHub http://github.com/genodelabs/genode

Transplantation of VirtualBox to the NOVA microhypervisor 40