Full virtualization in De-RISC

Mar 31, 2022

Virtualization is an operating system paradigm in which the system kernel enables the hosting of multiple isolated computer systems on a single physical computer system. These virtual computer systems are often called virtual machines or partitions. The ability to virtualize an entire computer system enables multiple independent operating systems to execute concurrently on the shared hardware platform. Such operating systems are often referred to as “guest” operating systems because they are allowed to share the physical hardware as guests of the software layer that owns it. This layer is called a hypervisor.

Nowadays, several techniques to achieve virtualization exist. Among them, a hypervisor, like XtratuM from fentISS, can implement full virtualization, where the hypervisor provides partitions with an identical interference to that of the underlying hardware platform (i.e., the real/physical machine). Such partition is, therefore, capable of hosting unmodified software. The key advantage to full virtualization over other forms of virtualization is the ability to use unmodified versions of trustworthy guest operating systems and that do not require the maintenance associated with custom modifications, since the guest OS is fully abstracted (completely decoupled) from the underlying hardware by the virtualization layer.

Full virtualization is only possible with the right combination of hardware and software elements. Traditionally, the use of hypervisor software would require modification of guest operating systems so that they would run in user mode on the processors while the hypervisor software is running in supervisor mode. However, in the scope of the De-RISC project, the development of the System-on-Chip platform has taken advantage of the full virtualization capacities of the RISC-V ISA specification by implementing the Hypervisor (H) Extension, which supports the virtualization of CPUs by making sensitive registers and instructions privileged to a Hypervisor-Extended Supervisor mode (HS-mode) and improves virtualization performance by reducing the frequency of traps generated by privileged instructions from the guest OS.

Therefore, the XtratuM hypervisor software has been subsequently updated to make use of the H extension by effectively replicating the underlying hardware behaviour to the runtime environment. This allows hosting operating systems as guests to this hypervisor without any modification (no para-virtualization is needed). XNG runs in HS-mode implemented by the H extension, and supports hosting a guest OS in virtual VS-mode (Virtualized Supervisor mode).