transplantation of virtualbox to the nova microhypervisor
play

Transplantation of VirtualBox to the NOVA microhypervisor Norman - PowerPoint PPT Presentation

Mar 13, 2024 •542 likes •963 views

Transplantation of VirtualBox to the NOVA microhypervisor Norman Feske < norman.feske@genode-labs.com > Outline 1. VirtualBox 2. NOVA microhypervisor and Genode 3. Steps 4. Demo + Outlook 5. War stories Transplantation of VirtualBox

  1. Transplantation of VirtualBox to the NOVA microhypervisor Norman Feske < norman.feske@genode-labs.com >

  2. Outline 1. VirtualBox 2. NOVA microhypervisor and Genode 3. Steps 4. Demo + Outlook 5. War stories Transplantation of VirtualBox to the NOVA microhypervisor 2

  3. Outline 1. VirtualBox 2. NOVA microhypervisor and Genode 3. Steps 4. Demo + Outlook 5. War stories Transplantation of VirtualBox to the NOVA microhypervisor 3

  4. Architecture overview config, status SVC VM VM xpcom xpcom process process IPCD xpcom xpcom VirtualBox VBoxManage Application /dev/vboxdrv /dev/vboxdrv Transplantation of VirtualBox to the NOVA microhypervisor 4

  5. Starting up a VM process VM process open /dev/vboxdrv kernel vboxdrv.ko Transplantation of VirtualBox to the NOVA microhypervisor 5

  6. VM process running root mode non-root mode VM process load VMMR0 /dev/vboxdrv kernel vboxdrv.ko VMMR0 / Hypervisor Transplantation of VirtualBox to the NOVA microhypervisor 6

  7. Entering the Guest OS root mode non-root mode VM process ioctrl VM RUN Guest OS /dev/vboxdrv kernel vboxdrv.ko world switch Transplantation of VirtualBox to the NOVA microhypervisor 7

  8. Flow of a virtualization event non-root mode root mode VM process VM RUN returns Guest OS /dev/vboxdrv kernel vboxdrv.ko no yes VMMR0 ? world switch Transplantation of VirtualBox to the NOVA microhypervisor 8

  9. Risks for desktop virtualization root mode non-root mode VM process Guest OS /dev/vboxdrv kernel highly complex vboxdrv.ko VMMR0 / Hypervisor Transplantation of VirtualBox to the NOVA microhypervisor 9

  10. Risks for desktop virtualization root mode non-root mode VM process access control? Guest OS /dev/vboxdrv kernel highly complex vboxdrv.ko VMMR0 / Hypervisor Transplantation of VirtualBox to the NOVA microhypervisor 10

  11. Risks for desktop virtualization root mode non-root mode authorized to change the kernel VM process highly complex access control? Guest OS /dev/vboxdrv kernel highly complex vboxdrv.ko VMMR0 / Hypervisor Transplantation of VirtualBox to the NOVA microhypervisor 11

  12. Outline 1. VirtualBox 2. NOVA microhypervisor and Genode 3. Steps 4. Demo + Outlook 5. War stories Transplantation of VirtualBox to the NOVA microhypervisor 12

  13. NOVA architecture Guest OS Guest OS Guest OS non-root mode root mode VMM VMM VMM Resource management Apps Drivers 9,000 SLOC kernel NOVA Microhypervisor Transplantation of VirtualBox to the NOVA microhypervisor 13

  14. Flow of a virtualization event User-level VMM Guest OS � UTCB VMCS copy UTCB world switch NOVA Transplantation of VirtualBox to the NOVA microhypervisor 14

  15. Genode OS architecture → Application-specific TCB Transplantation of VirtualBox to the NOVA microhypervisor 15

  16. Genode OS framework Transplantation of VirtualBox to the NOVA microhypervisor 16

  17. Genode combined with virtualization Transplantation of VirtualBox to the NOVA microhypervisor 17

  18. Seoul VMM on top of Genode/NOVA Unmodified Guest OS Kernel virtual virtual virtual CPU RAM device Resource Device VMM Multiplexer Driver Init Core User Mode NOVA Hypervisor Privileged Mode Transplantation of VirtualBox to the NOVA microhypervisor 18

  19. Idea Device models and features of VirtualBox + Security of the Genode/NOVA architecture Transplantation of VirtualBox to the NOVA microhypervisor 19

  20. Outline 1. VirtualBox 2. NOVA microhypervisor and Genode 3. Steps 4. Demo + Outlook 5. War stories Transplantation of VirtualBox to the NOVA microhypervisor 20

  21. Identify the interesting parts Entire VirtualBox code base > 4 million lines of code (sloccount) Narrowed to the interesting parts > 2 million lines of code src/VBox/VMM src/recompiler src/VBox/Main src/libs/liblzf-3.4 src/VBox/Runtime src/libs/liblzf-3.4/cs src/VBox/Devices src/libs/libxml2-2.6.31 src/VBox/Storage src/libs/zlib-1.2.6 src/VBox/GuestHost include/VBox src/VBox/Disassembler include/iprt src/VBox/HostServices Transplantation of VirtualBox to the NOVA microhypervisor 21

  22. Porting the VirtualBox Runtime to Genode Facilitate Genode’s existing infrastructure ◮ 3rd-party software management tools ◮ FreeBSD libc ◮ Standard C++ library ◮ POSIX threads → Most parts of the POSIX runtime could be reused Transplantation of VirtualBox to the NOVA microhypervisor 22

  23. VM process initialization Enable subsystems one by one Guest memory (accessed by recompiler and device models) RAM, MMIO I/O-port handling PGM, HWACCM, TM Device models, PDM, BIOS Host drivers ◮ Using the “Basic front end” ◮ Reimplement SDLConsole interface Transplantation of VirtualBox to the NOVA microhypervisor 23

  24. A look inside a VM process Recompiler Hardware Acceleration Execution Manager VM VM Exit Enter Instruction Emulator Transplantation of VirtualBox to the NOVA microhypervisor 24

  25. Start with executing the recompiler only Recompiler Hardware Acceleration Execution Manager Instruction Emulator Transplantation of VirtualBox to the NOVA microhypervisor 25

  26. Simple test scenario FB SDL VirtualBox Input Framebuffer ISO image Init ROM Core kernel Linux Transplantation of VirtualBox to the NOVA microhypervisor 26

  27. Increasing guest complexity 1. Custom-made Genode OS scenarios 2. Small Linux-based images (Tinycore, GRML) 3. Windows XP Transplantation of VirtualBox to the NOVA microhypervisor 27

  28. Windows XP as a guest FB SDL LX Proxy FS VirtualBox Input File system Framebuffer VDI image Init Core Core kernel Linux Transplantation of VirtualBox to the NOVA microhypervisor 28

  29. Move scenario to NOVA VESA driver Rump FS AHCI driver PS/2 driver VirtualBox Input File system Framebuffer Block VDI image Init Core kernel NOVA Transplantation of VirtualBox to the NOVA microhypervisor 29

  30. Entering non-root mode Recompiler Hardware Acceleration Execution Manager IRQs VM VM Exit Enter Instruction Emulator Transplantation of VirtualBox to the NOVA microhypervisor 30

  31. Entering non-root mode VBox VM state ↔ NOVA UTCB state Virtualization of guest memory (EPT faults) Enter VT-x conservatively (if protected mode and paging enabled) Inject IRQs into recompiler Later: IRQ injection via NOVA into VT-X Transplantation of VirtualBox to the NOVA microhypervisor 31

  32. Adding features Additional drivers Networking Guest tools Shared folders Host clock Mouse-pointer synchronization Transplantation of VirtualBox to the NOVA microhypervisor 32

  33. Update to VirtualBox 4.3 Basic front end no longer supported Use of main front end code to NOVA port ◮ Custom console implementation ◮ Shortcut XPCOM middleware → Support for using .vbox files Transplantation of VirtualBox to the NOVA microhypervisor 33

  34. Outline 1. VirtualBox 2. NOVA microhypervisor and Genode 3. Steps 4. Demo + Outlook 5. War stories Transplantation of VirtualBox to the NOVA microhypervisor 34

  35. Demo Windows 7 running in VirtualBox directly on top of NOVA Transplantation of VirtualBox to the NOVA microhypervisor 35

  36. Adaptation of VirtualBox to Genode/NOVA Ported code 400,000 lines of code (sloccount) New code 6,200 lines (sloccount) hm, iommio, ioport, mm, pdm, pgm, sup Modifications of the original code 510 lines added 120 lines removed Transplantation of VirtualBox to the NOVA microhypervisor 36

  37. Current state and outlook Usable performance, optimization ongoing Focused on VT-X, SVM not regularly tested Reduces TCB complexity to two orders of magnitude Useful for building appliances in high-security computing Stepping stone for using Genode as a general-purpose OS Transplantation of VirtualBox to the NOVA microhypervisor 37

  38. Outline 1. VirtualBox 2. NOVA microhypervisor and Genode 3. Steps 4. Demo + Outlook 5. War stories Transplantation of VirtualBox to the NOVA microhypervisor 38

  39. War stories Invalid guest state TLB consistency Interrupt handling Large files in shared folders Transplantation of VirtualBox to the NOVA microhypervisor 39

  40. Thank you Genode OS Framework http://genode.org Genode Labs GmbH http://www.genode-labs.com Source code at GitHub http://github.com/genodelabs/genode Transplantation of VirtualBox to the NOVA microhypervisor 40

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

NOVA Microhypervisor on ARMv8-A FOSDEM 2020 Udo Steinberg BedRock Systems, Inc. February 2,

NOVA Microhypervisor on ARMv8-A FOSDEM 2020 Udo Steinberg BedRock Systems, Inc. February 2,

NOVA Microhypervisor on ARMv8-A FOSDEM 2020 Udo Steinberg BedRock Systems, Inc. February 2, 2020 Udo Steinberg (BedRock Systems, Inc.) NOVA Microhypervisor on ARMv8-A February 2, 2020 1 / 17 Outline NOVA Microhypervisor 1 ARMv8-A

297 views • 17 slides
CS7038 - Malware Analysis - Wk01.2 VirtualBox Lab Setup and Crash Course Coleman Kane

CS7038 - Malware Analysis - Wk01.2 VirtualBox Lab Setup and Crash Course Coleman Kane

CS7038 - Malware Analysis - Wk01.2 VirtualBox Lab Setup and Crash Course Coleman Kane kaneca@mail.uc.edu January 12, 2017 VirtualBox Virtualization is a feature present in nearly all consumer CPUs these days that enables you to

557 views • 14 slides
NEURONAL TRANSPLANTATION AND ITS IMPLICATIONS IN PARKINSONS DISEASE 1. INTRODUCTION 2.

NEURONAL TRANSPLANTATION AND ITS IMPLICATIONS IN PARKINSONS DISEASE 1. INTRODUCTION 2.

NEURONAL TRANSPLANTATION AND ITS IMPLICATIONS IN PARKINSONS DISEASE 1. INTRODUCTION 2. ESSENTIAL ELEMENTS OF NEURONAL TRANSPLANTATION 3. CELL TYPES AND METHODS OF NEURONAL TRANSPLANTATION 4. NEURONAL TRANSPLANTATION IN ANIMAL MODELS OF PD

536 views • 16 slides
Transplantation Society development of the science and clinical practice Transplantation

Transplantation Society development of the science and clinical practice Transplantation

9/28/2016 Transplantation Society development of the science and clinical practice Transplantation Building Bridges scientific communication to Excellence continuing education guidance on the ethical practice How can we use our

401 views • 9 slides
Transplantation for Mantle Cell Lymphoma Using Post-Transplantation Cyclophosphamide Graft-

Transplantation for Mantle Cell Lymphoma Using Post-Transplantation Cyclophosphamide Graft-

Haploidentical Allogeneic Hematopoietic Cell Transplantation for Mantle Cell Lymphoma Using Post-Transplantation Cyclophosphamide Graft- versus-Host Disease Prophylaxis . Luca Castagna, MD Institut Paoli Calmettes, Marseille Humanitas Research

635 views • 14 slides
Section 3: Introduction to Mininet Simulate a simple network using Mininet Before we start... 1.

Section 3: Introduction to Mininet Simulate a simple network using Mininet Before we start... 1.

Section 3: Introduction to Mininet Simulate a simple network using Mininet Before we start... 1. Download VirtualBox: https://www.virtualbox.org/wiki/Downloads (We expect that you have already downloaded and installed VirtualBox!) 2. Download

296 views • 17 slides
Section 3: Introduction to Mininet Simulate a simple network using Mininet Before we start... 1.

Section 3: Introduction to Mininet Simulate a simple network using Mininet Before we start... 1.

Section 3: Introduction to Mininet Simulate a simple network using Mininet Before we start... 1. Download VirtualBox: https://www.virtualbox.org/wiki/Downloads (We expect that you have already downloaded and installed VirtualBox!) 2. Download

433 views • 16 slides
Workshop Requirements Grab a USB key! A computer with: 2+GB RAM VirtualBox and

Workshop Requirements Grab a USB key! A computer with: 2+GB RAM VirtualBox and

Workshop Requirements Grab a USB key! A computer with: 2+GB RAM VirtualBox and Vagrant - Both included on USB drive VM: 30GB disk image Windows users need ssh client (putty, cygwin) Copy DesignateInstall

774 views • 40 slides
Brain Death and Organ Transplantation in Japan: The Enactment of Organ Transplantation Act of

Brain Death and Organ Transplantation in Japan: The Enactment of Organ Transplantation Act of

Brain Death and Organ Transplantation in Japan: The Enactment of Organ Transplantation Act of 1997 Eiji Maruyama Kobe University Kobe, Japan History of Japanese Laws Concerning Transplantation 1997.06: An Act Concerning Organ

699 views • 12 slides
HR Connection Orientation Welcome to the NOVA Team! Whats on the Agenda? NOVA Overview

HR Connection Orientation Welcome to the NOVA Team! Whats on the Agenda? NOVA Overview

HR Connection Orientation Welcome to the NOVA Team! Whats on the Agenda? NOVA Overview Your HR Team Benefits Timekeeping Whats Next About NOVA NOVA is one of 23 colleges within the Virginia Community College

624 views • 40 slides
Transplantation in Autoimmune Disease He Huang, M.D., Ph.D. Bone Marrow transplantation Center

Transplantation in Autoimmune Disease He Huang, M.D., Ph.D. Bone Marrow transplantation Center

Transplantation in Autoimmune Disease He Huang, M.D., Ph.D. Bone Marrow transplantation Center The First Affiliated Hospital Zhejiang University School of Medicine China Contents Rationale for HSCT Auto-HSCT for autoimmune disease

1.11k views • 65 slides
Live Donor Liver Transplantation: A Life Saving Option for End Stage Liver Disease

Live Donor Liver Transplantation: A Life Saving Option for End Stage Liver Disease

March 12, 2019 Live Donor Liver Transplantation: A Life Saving Option for End Stage Liver Disease Abhi Humar, MD Clinical Director, Thomas E. Starzl Transplantation Institute 1 PITTSBURGHTHE BIRTHPLACE OF LIVER TRANSPLANTATION

519 views • 24 slides
Nova onboarding What is Nova Novas mission is To implement services and associated

Nova onboarding What is Nova Novas mission is To implement services and associated

Nova onboarding What is Nova Novas mission is To implement services and associated libraries to provide massively scalable, on demand, self service access to compute resources, including bare metal, virtual machines, and containers.

344 views • 10 slides
Scaling Nova with CellsV2 The Nova Developer and the CERN Operator perspective Dan Smith (Red

Scaling Nova with CellsV2 The Nova Developer and the CERN Operator perspective Dan Smith (Red

Scaling Nova with CellsV2 The Nova Developer and the CERN Operator perspective Dan Smith (Red Hat) Belmiro Moreira (CERN) Your deployment probably looks like this: API DB/MQ Computes Nova with Cells(v1) This special router needs separate

892 views • 24 slides
Cross-section measurements at the NOvA near detector Linda Cremonesi for the NOvA Collaboration

Cross-section measurements at the NOvA near detector Linda Cremonesi for the NOvA Collaboration

Sandbox Studio, Chicago Cross-section measurements at the NOvA near detector Linda Cremonesi for the NOvA Collaboration Outline Overview of the NOvA beam, detector and simulation Inclusive measurements Pion production measurements

544 views • 37 slides
one year of running RedIRIS NOVA Esther.Robles@rediris.es 2011 2042 : RedIRIS NOVA 2

one year of running RedIRIS NOVA Esther.Robles@rediris.es 2011 2042 : RedIRIS NOVA 2

one year of running RedIRIS NOVA Esther.Robles@rediris.es 2011 2042 : RedIRIS NOVA 2 RedIRIS IP Backbone 2x10G 10G RedIRIS External Connectivity TERENA Network Architects Workshop 4 RedIRIS NOVA Optical Equipment

461 views • 21 slides
Stat 8931 (Aster Models) Lecture Slides Deck 3 Using Model Matrices instead of Formulas Charles

Stat 8931 (Aster Models) Lecture Slides Deck 3 Using Model Matrices instead of Formulas Charles

Stat 8931 (Aster Models) Lecture Slides Deck 3 Using Model Matrices instead of Formulas Charles J. Geyer School of Statistics University of Minnesota October 1, 2018 R and License The version of R used to make these slides is 3.5.1. The

1.05k views • 87 slides
WBMT Continental Regions 4 Continental regions used for the WBMT Global Analysis AMR/PAH:

WBMT Continental Regions 4 Continental regions used for the WBMT Global Analysis AMR/PAH:

WBMT Continental Regions 4 Continental regions used for the WBMT Global Analysis AMR/PAH: Region of the Americas EUR: European Region EMR/AFR: Eastern Mediterranean/African Region SEAR/WPR: South-East Asia/Western Pacific

451 views • 13 slides
Automated Software Transplantation ( ISSTA 2015 ) Earl T. Mark Yue Alexandru Justyna Barr

Automated Software Transplantation ( ISSTA 2015 ) Earl T. Mark Yue Alexandru Justyna Barr

Automated Software Transplantation ( ISSTA 2015 ) Earl T. Mark Yue Alexandru Justyna Barr Harman Jia Marginean Petke CREST, University College London Justyna Petke Automated Software Transplantation Genetic Improvement of Software

418 views • 22 slides
Automated Software Transplantation Earl T. Mark Yue Alexandru Justyna Barr Harman Jia

Automated Software Transplantation Earl T. Mark Yue Alexandru Justyna Barr Harman Jia

Automated Software Transplantation Earl T. Mark Yue Alexandru Justyna Barr Harman Jia Marginean Petke CREST, University College London Alexandru Marginean Automated Software Transplantation Why Autotransplantation? ~100 players

593 views • 20 slides
Visit of the Swedish Inquiry concerning organ donation and transplantation London April 28 th

Visit of the Swedish Inquiry concerning organ donation and transplantation London April 28 th

Visit of the Swedish Inquiry concerning organ donation and transplantation London April 28 th 29 th , 2014 Monday 28th April Association of Anaesthetists, 21 Portland Place, London W1B 1PY 10.00 Arrival 10.30 Welcome, introductions and

317 views • 7 slides
Partnering For Care: Help Your CF Care Center Help You Thrive August 19, 2010 This Web cast is

Partnering For Care: Help Your CF Care Center Help You Thrive August 19, 2010 This Web cast is

Partnering For Care: Help Your CF Care Center Help You Thrive August 19, 2010 This Web cast is supported by an unrestricted educational grant from Genentech, Inc. Archived CF Education Web Casts www.cff.org/LivingWithCF/Webcasts ff /Li i

847 views • 50 slides
Current situation of Organ Transplantation and Social Background in Japan and Social Background

Current situation of Organ Transplantation and Social Background in Japan and Social Background

Current situation of Organ Transplantation and Social Background in Japan and Social Background in Japan Teleconference at APAN 2011-8-25 Naohiko Fukami, M.D., Jyunichi Yoshida, M.D., Atsushi Sugitani, M.D., Ph.D. Department of Urology and

645 views • 26 slides
Transplantation Rejection of foreign tissue grafts is due to immune responses to alloantigens

Transplantation Rejection of foreign tissue grafts is due to immune responses to alloantigens

Transplantation Rejection of foreign tissue grafts is due to immune responses to alloantigens on the graft Blood group antigens Polymorphic MHC antigens Minor histocompatibility antigens B Menu F Alloantigen Presentation

415 views • 3 slides

More recommend