[ANNOUNCE] NOVA Microhypervisor 0.1 prerelease
Hi, The NOVA project is happy to announce that there is a prerelease of the NOVA microhypervisor available for download at http://www.hypervisor.org/ or http://os.inf.tu-dresden.de/~us15/nova/ under the terms of the GNU Public License version 2. NOVA is based on a modern microhypervisor written in C++ and assembler. It currently supports x86-32 SMP platforms with hardware virtualization features, such as Intel VT-x or AMD-V, and facilitates running multiple unmodified guest operating systems in virtual machines with near-native performance. On machines without VT-x or AMD-V, the functionality is reduced to that of a microkernel. Like third-generation microkernels, the NOVA microhypervisor uses a capability-based authorization model and provides only basic mechanisms for spatial and temporal isolation, scheduling, communication and delegation of platform resources. Additional services are provided by an unprivileged multi-server user environment running on top of the microhypervisor. In NOVA, we implemented almost all of the virtualization functionality in a deprivileged user-level virtual-machine monitor. This design choice improves the overall security of the system, because exploitation of a bug in the platform virtualization code only compromises the VMM and leaves the remaining components unaffected. Cheers, - Udo
The NOVA project is happy to announce that there is a prerelease of NUL, the NOVA userland, available for download at http://os.inf.tu-dresden.de/~kauer/nova/ under the terms of GPLv2. NUL is the multi-server user environment designed for NOVA. It is componentized into host-drivers, device models and virtual executors.
From these components applications are build. The most prominent apps are the Partition Manager, called sigma0, and the x86 VMM (Virtual-Machine Monitor) called Vancouver.
The VMM allows to run unmodified guest operating systems on top of the microhypervisor. It contains the virtual device models to give an OS the illusion of running on bare hardware. Furthermore it emulates realmode and MMIO instructions and provides a virtual BIOS. Furthermore, we prepared a Demo CD that shows NOVA in action, with multiple VMs running Linux, L4/Fiasco and L4Ka::Pistachio. The demo runs on platforms that support Intel VT-x or AMD-V NPT. It can be downloaded from http://os.inf.tu-dresden.de/~jsteckli/nova/NOVA-Xmas-Alpha.iso Merry Christmas and happy hacking, Bernhard Kauer
Hello: I tried to compile the Nova in the AMD 64-bit platform and found some errors like this: {standard input}: Assembler messages: {standard input}:163: Error: no such instruction: `invept 16(%esp),%eax' {standard input}: Assembler messages: {standard input}:91: Error: no such instruction: `invvpid (%esp),%eax' {standard input}:349: Error: no such instruction: `invvpid (%esp),%eax' I removed these codes and it could compile sussessfully. But i am not sure this behaviour is correct or not. I also ran the Nova-demo-cd in the AMD 64-bit platform and the nova could boot. And cycleburner could WORK well but VMM can't work because of this error: start_modules: create_pd = 5 (error number). That's all. Cheng Guanghui On Wednesday 23 December 2009 23:04:12 Udo A. Steinberg wrote:
Hi,
The NOVA project is happy to announce that there is a prerelease of the NOVA microhypervisor available for download at http://www.hypervisor.org/ or http://os.inf.tu-dresden.de/~us15/nova/ under the terms of the GNU Public License version 2.
NOVA is based on a modern microhypervisor written in C++ and assembler. It currently supports x86-32 SMP platforms with hardware virtualization features, such as Intel VT-x or AMD-V, and facilitates running multiple unmodified guest operating systems in virtual machines with near-native performance. On machines without VT-x or AMD-V, the functionality is reduced to that of a microkernel.
Like third-generation microkernels, the NOVA microhypervisor uses a capability-based authorization model and provides only basic mechanisms for spatial and temporal isolation, scheduling, communication and delegation of platform resources. Additional services are provided by an unprivileged multi-server user environment running on top of the microhypervisor.
In NOVA, we implemented almost all of the virtualization functionality in a deprivileged user-level virtual-machine monitor. This design choice improves the overall security of the system, because exploitation of a bug in the platform virtualization code only compromises the VMM and leaves the remaining components unaffected.
Cheers,
- Udo
Hi, On 29.12.2009, at 14:29, Guanghui, Cheng wrote:
I tried to compile the Nova in the AMD 64-bit platform and found some errors like this: {standard input}: Assembler messages: {standard input}:163: Error: no such instruction: `invept 16(%esp),%eax' {standard input}: Assembler messages: {standard input}:91: Error: no such instruction: `invvpid (%esp),%eax' {standard input}:349: Error: no such instruction: `invvpid (%esp),%eax' I removed these codes and it could compile sussessfully. But i am not sure this behaviour is correct or not. I also ran the Nova-demo-cd in the AMD 64-bit platform and the nova could boot. And cycleburner could WORK well but VMM can't work because of this error: start_modules: create_pd = 5 (error number).
I also was hit by that problem - your binutils are probably too old. I upgraded to the most recent version of binutils (2.20 - however, I'm cross-compiling on OS X with a i386-linux-elf cross toolchain) and the compile succeeded. Hope that helps, Michael
On Tue, 29 Dec 2009 21:29:40 +0800 Guanghui, Cheng (GC) wrote: GC> Hello: GC> I tried to compile the Nova in the AMD 64-bit platform and found GC> some errors like this: GC> {standard input}: Assembler messages: GC> {standard input}:163: Error: no such instruction: `invept 16(%esp),%eax' GC> {standard input}: Assembler messages: GC> {standard input}:91: Error: no such instruction: `invvpid (%esp),%eax' GC> {standard input}:349: Error: no such instruction: `invvpid (%esp),%eax' Your binutils are too old and therefore cannot assemble these instructions. If you run "ld -v" you'll see what version you have. You'll need at least the version mentioned in the README file. GC> I removed these codes and it could compile sussessfully. But i GC> am not sure this behaviour is correct or not. With the code removed, the hypervisor will not function correctly. GC> I also ran the Nova-demo-cd in the AMD 64-bit platform and the GC> nova could boot. And cycleburner could WORK well but VMM can't work GC> because of this error: GC> start_modules: GC> create_pd = 5 (error number). Looks like your CPU does not support virtualization. What CPU is it? Output of "cat /proc/cpuinfo" under Linux would be helpful. Cheers, - Udo
On Tuesday 29 December 2009 23:07:44 Udo A. Steinberg wrote:
On Tue, 29 Dec 2009 21:29:40 +0800 Guanghui, Cheng (GC) wrote:
GC> Hello: GC> I tried to compile the Nova in the AMD 64-bit platform and found GC> some errors like this: GC> {standard input}: Assembler messages: GC> {standard input}:163: Error: no such instruction: `invept 16(%esp),%eax' GC> {standard input}: Assembler messages: GC> {standard input}:91: Error: no such instruction: `invvpid (%esp),%eax' GC> {standard input}:349: Error: no such instruction: `invvpid (%esp),%eax'
Your binutils are too old and therefore cannot assemble these instructions. If you run "ld -v" you'll see what version you have. You'll need at least the version mentioned in the README file.
GC> I removed these codes and it could compile sussessfully. But i GC> am not sure this behaviour is correct or not.
With the code removed, the hypervisor will not function correctly. Got it. GC> I also ran the Nova-demo-cd in the AMD 64-bit platform and the GC> nova could boot. And cycleburner could WORK well but VMM can't work GC> because of this error: GC> start_modules: GC> create_pd = 5 (error number).
Looks like your CPU does not support virtualization. What CPU is it? Output of "cat /proc/cpuinfo" under Linux would be helpful. My cpu is svm-capable but not npt capable. I thought the svm-capable cpu was also npt-capable. i need to upgrade the machine. Thanks. Cheng
Hello, just out of curiosity: assuming I run a Linux VM on top of NOVA. NOVA runs obviously in ring 0. In which protection ring of the CPU will the Linux kernel be executed? Ring 1 or together with the userland apps in ring 3? Cheers, Marcel Am Mittwoch, 23. Dezember 2009 schrieb Udo A. Steinberg:
Hi,
The NOVA project is happy to announce that there is a prerelease of the NOVA microhypervisor available for download at http://www.hypervisor.org/ or http://os.inf.tu-dresden.de/~us15/nova/ under the terms of the GNU Public License version 2.
NOVA is based on a modern microhypervisor written in C++ and assembler. It currently supports x86-32 SMP platforms with hardware virtualization features, such as Intel VT-x or AMD-V, and facilitates running multiple unmodified guest operating systems in virtual machines with near-native performance. On machines without VT-x or AMD-V, the functionality is reduced to that of a microkernel.
Like third-generation microkernels, the NOVA microhypervisor uses a capability-based authorization model and provides only basic mechanisms for spatial and temporal isolation, scheduling, communication and delegation of platform resources. Additional services are provided by an unprivileged multi-server user environment running on top of the microhypervisor.
In NOVA, we implemented almost all of the virtualization functionality in a deprivileged user-level virtual-machine monitor. This design choice improves the overall security of the system, because exploitation of a bug in the platform virtualization code only compromises the VMM and leaves the remaining components unaffected.
Cheers,
- Udo
On 8 Mar 2010 19:01:50 +0100 Marcel Winandy (MW) wrote: MW> just out of curiosity: assuming I run a Linux VM on top of NOVA. NOVA MW> runs obviously in ring 0. In which protection ring of the CPU will the MW> Linux kernel be executed? Ring 1 or together with the userland apps in MW> ring 3? Neither in ring 1 nor in ring 3. A CPU that supports VMX or SVM provides 4 host rings and 4 guest rings. They are used as follows: host/ring0=NOVA microhypervisor, host/ring3=NOVA user-level environment, guest/ring0=Linux kernel, guest/ring3=Linux apps. Cheers, - Udo
A CPU that supports VMX or SVM provides 4 host rings and 4 guest rings. They are used as follows: host/ring0=NOVA microhypervisor, host/ring3=NOVA user-level environment, guest/ring0=Linux kernel, guest/ring3=Linux apps.
Interesting that it requires SVM/VMX. Seeing as there are good performance reasons for Linux VirtIO and other cooperative para-virtualization schemes I'm wondering what the reasoning is for making a new hypervisor that doesn't support such a feature. I notice the NOVA page is lacking in an FAQ - could someone here educate me? Is this just a "you want performance? Use our ABI!" deal? Cheers, Thomas
On Mon, 8 Mar 2010 11:31:52 -0800 Thomas DuBuisson (TD) wrote: TD> > A CPU that supports VMX or SVM provides 4 host rings and 4 guest rings. TD> > They are used as follows: host/ring0=NOVA microhypervisor, TD> > host/ring3=NOVA user-level environment, guest/ring0=Linux kernel, TD> > guest/ring3=Linux apps. TD> TD> Interesting that it requires SVM/VMX. Seeing as there are good TD> performance reasons for Linux VirtIO and other cooperative TD> para-virtualization schemes I'm wondering what the reasoning is for TD> making a new hypervisor that doesn't support such a feature. I notice TD> the NOVA page is lacking in an FAQ - could someone here educate me? TD> Is this just a "you want performance? Use our ABI!" deal? If you want to paravirtualize I/O, then you can do so in NOVA without even modifying the hypervisor. All you need is extend the device emulation in the user-level VMM so that it comprehends whatever VirtIO interface is used by your favorite guest OS. However, NOVA does not support paravirtualized guest operating systems that use ring compression or ring deprivileging to be able to run in user mode on top of something else (e.g., L4Linux) -- which is presumably what Marcel inquired about. I don't get the part about the ABI. An unmodified guest operating system does not care about the hypervisor ABI at all. Cheers, - Udo
participants (6)
-
Bernhard Kauer -
Guanghui, Cheng -
Marcel Winandy -
Michael Engel -
Thomas DuBuisson -
Udo A. Steinberg