|
| 1 | +# xhyve |
| 2 | + |
| 3 | + |
| 4 | +<!-- https://thenounproject.com/term/squirrel/57718/ --> |
| 5 | + |
| 6 | +About |
| 7 | +----- |
| 8 | + |
| 9 | +The *xhyve hypervisor* is a port of [bhyve](http://www.bhyve.org) to OS X. It is built on top of Hypervisor.framework in OS X 10.10 Yosemite and higher, runs entirely in userspace, and has no other dependencies. It can run vanilla Linux distributions and may gain support for other guest operating systems in the future. |
| 10 | + |
| 11 | +License: BSD |
| 12 | + |
| 13 | +Introduction: [http://www.pagetable.com/?p=831](http://www.pagetable.com/?p=831) |
| 14 | + |
| 15 | +Requirements |
| 16 | +------------ |
| 17 | + |
| 18 | +* OS X 10.10 Yosemite or later |
| 19 | +* A 2010 or later Mac |
| 20 | + |
| 21 | +Building |
| 22 | +-------- |
| 23 | + |
| 24 | + $ make |
| 25 | + |
| 26 | +The resulting binary will be in build/xhyve |
| 27 | + |
| 28 | +Usage |
| 29 | +----- |
| 30 | + |
| 31 | + $ xhyve -h |
| 32 | + |
| 33 | + |
| 34 | +What is bhyve? |
| 35 | +-------------- |
| 36 | + |
| 37 | +bhyve is the FreeBSD hypervisor, roughly analogous to KVM + QEMU on Linux. It has a focus on simplicity and being legacy free. |
| 38 | + |
| 39 | +It exposes the following peripherals to virtual machines: |
| 40 | + |
| 41 | + - Local x(2)APIC |
| 42 | + - IO-APIC |
| 43 | + - 8259A PIC |
| 44 | + - 8253/8254 PIT |
| 45 | + - HPET |
| 46 | + - PM Timer |
| 47 | + - RTC |
| 48 | + - PCI |
| 49 | + - host bridge |
| 50 | + - passthrough |
| 51 | + - UART |
| 52 | + - AHCI (i.e. HDD and CD) |
| 53 | + - VirtIO block device |
| 54 | + - VirtIO networking |
| 55 | + - VirtIO RNG |
| 56 | + |
| 57 | +Notably absent are sound, USB, HID and any kind of graphics support. With a focus on server virtualization this is not strictly a requirement. bhyve may gain desktop virtualization capabilities in the future but this doesn't seem to be a priority. |
| 58 | + |
| 59 | +Unlike QEMU, byhve also currently lacks any kind of guest-side firmware (QEMU uses the GPL3 [SeaBIOS](http://www.seabios.org)), but aims to provide a compatible [OVMF EFI](http://www.linux-kvm.org/page/OVMF) in the near future. It does however provide ACPI, SMBIOS and MP Tables. |
| 60 | + |
| 61 | +bhyve architecture |
| 62 | +------------------ |
| 63 | + Linux |
| 64 | + I/O VM control FreeBSD NetBSD |
| 65 | + OpenBSD |
| 66 | + | A | A | | |
| 67 | + V | V | V V |
| 68 | + +-------------++-------------++-------------++-------------+ |
| 69 | + | || || || | |
| 70 | + | bhyve || bhyvectl || bhyveload || grub2-bhyve | |
| 71 | + | || || || | |
| 72 | + | || || || | |
| 73 | + +-------------++-------------++-------------++-------------+ |
| 74 | + +----------------------------------------------------------+ |
| 75 | + | libvmmapi | |
| 76 | + +----------------------------------------------------------+ |
| 77 | + A |
| 78 | + | user |
| 79 | + ------------------------------┼------------------------------ |
| 80 | + | ioctl FreeBSD kernel |
| 81 | + V |
| 82 | + +----------------------------+ |
| 83 | + | VMX/SVM host | |
| 84 | + | VMX/SVM guest | |
| 85 | + | VMX/SVM nested paging | |
| 86 | + | Timers | |
| 87 | + | Interrupts | |
| 88 | + +----------------------------+ |
| 89 | + vmm.ko |
| 90 | + |
| 91 | + |
| 92 | +**vmm.ko** |
| 93 | + |
| 94 | +The bhyve FreeBSD kernel module. Manages VM and vCPU objects, the guest physical address space and handles guest interaction with PIC, PIT, HPET, PM Timer, x(2)APIC and I/O-APIC. Contains a minimal x86 emulator to decode guest MMIO. Executes the two innermost vCPU runloops (VMX/SVM and interrupts/timers/paging). Has backends for Intel VMX and AMD SVM. Provides an ioctl and mmap API to userspace. |
| 95 | + |
| 96 | +**libvmmapi** |
| 97 | + |
| 98 | +Thin abstraction layer between the vmm.ko ioctl interface and the userspace C API. |
| 99 | + |
| 100 | +**bhyve** |
| 101 | + |
| 102 | +The userspace bhyve component (kind of a very light-weight QEMU) that executes virtual machines. Runs the guest I/O vCPU runloops. Manages ACPI, PCI and all non in-kernel devices. Interacts with vmm.ko through libvmmapi. |
| 103 | + |
| 104 | +**bhyvectl** |
| 105 | + |
| 106 | +Somewhat superfluous utility to introspect and manage the life cycle of virtual machines. Virtual machines and vCPUs can exist as kernel objects independently of a bhyve host process. Typically used to delete VM objects after use. Odd architectural choice. |
| 107 | + |
| 108 | +**bhyveload** |
| 109 | + |
| 110 | +Userspace port of the FreeBSD bootloader. Since bhyve still lacks a firmware this is a cumbersome workaround to bootstrap a guest operating system. It creates a VM object, loads the FreeBSD kernel into guest memory, sets up the initial vCPU state and then exits. Only then a VM can be executed by bhyve. |
| 111 | + |
| 112 | +**grub2-bhyve** |
| 113 | + |
| 114 | +Performs the same function as bhyveload but is a userspace port of [GRUB2](http://github.com/grehan-freebsd/grub2-bhyve). It is used to bootstrap guest operating systems other than FreeBSD, i.e. Linux, OpenBSD and NetBSD. |
| 115 | + |
| 116 | +Support for Windows guests is work in progress and dependent on the EFI port. |
| 117 | + |
| 118 | + |
| 119 | +xhyve architecture |
| 120 | +------------------ |
| 121 | + +----------------------------------------------------------+ |
| 122 | + | xhyve | |
| 123 | + | | |
| 124 | + | I/O | |
| 125 | + | | |
| 126 | + | | |
| 127 | + | | |
| 128 | + |+--------------------------------------------------------+| |
| 129 | + || vmm VMX guest || |
| 130 | + || Timers || |
| 131 | + || Interrupts || |
| 132 | + |+--------------------------------------------------------+| |
| 133 | + +----------------------------------------------------------+ |
| 134 | + +----------------------------------------------------------+ |
| 135 | + | Hypervisor.framework | |
| 136 | + +----------------------------------------------------------+ |
| 137 | + A |
| 138 | + | user |
| 139 | + ------------------------------┼------------------------------ |
| 140 | + |syscall xnu kernel |
| 141 | + V |
| 142 | + |
| 143 | + VMX host |
| 144 | + VMX nested paging |
| 145 | + |
| 146 | + |
| 147 | +xhyve shares most of the code with bhyve but is architecturally very different. Hypervisor.framework provides an interface to the VMX VMCS guest state and a safe subset of the VMCS control fields, thus making userspace hypervisors without any additional kernel extensions possible. The VMX host state and all aspects of nested paging are handled by the OS X kernel, you can manage the guest physical address space simply through mapping of regions of your own address space. |
| 148 | + |
| 149 | +*xhyve* is equivalent to the *bhyve* process but gains a subset of a userspace port of the vmm kernel module. SVM, PCI passthrough and the VMX host and EPT aspects are dropped. The vmm component provides a libvmmapi compatible interface to xhyve. Hypervisor.framework seems to enforce a strict 1:1 relationship between a host process/VM and host thread/vCPU, that means VMs and vCPUs can only be interacted with by the processes and threads that created them. Therefore, unlike bhyve, xhyve needs to adhere to a single process model. Multiple virtual machines can be created by launching multiple instances of xhyve. xhyve retains most of the bhyve command line interface. |
| 150 | + |
| 151 | +*bhyvectl*, *bhyveload* and *grub2-bhyve* are incompatible with a single process model and are dropped. As a stop-gap solution until we have a proper firmware xhyve supports the Linux [kexec protocol](http://www.kernel.org/doc/Documentation/x86/boot.txt), a very simple and straightforward way to bootstrap a Linux kernel. It takes a bzImage and optionally initrd image and kernel parameter string as input. |
| 152 | + |
| 153 | +TODO |
| 154 | +---- |
| 155 | + |
| 156 | +- vmm: |
| 157 | + - enable APIC access page to speed up APIC emulation |
| 158 | + - enable x2APIC MSRs (even faster) |
| 159 | + - vmm_callout: |
| 160 | + - is a quick'n'dirty implementation of the FreeBSD kernel callout mechanism |
| 161 | + - seems to be racy |
| 162 | + - fix races or perhaps replace with something better |
| 163 | + - use per vCPU timer event thread (performance)? |
| 164 | + - some 32-bit guests are broken (support PAE paging in VMCS) |
| 165 | + - PCID guest support (performance) |
| 166 | +- block_if: |
| 167 | + - OS X does not support preadv/pwritev, we need to serialize reads and writes for the time being until we find a better solution. |
| 168 | + - support block devices other than plain files |
| 169 | +- virtio_net: |
| 170 | + - make it not require root |
| 171 | + - unify TAP and vmnet backends |
| 172 | + - performance: send/receive more than a single packet at a time |
| 173 | +- ACPI tables don't work |
| 174 | + - bhyve creates ASL on the fly and then calls out to an ASL compiler (iasl) on |
| 175 | + every VM boot to create the DSDT: |
| 176 | + - remove dependency on iasl by creating AML bytecode directly |
| 177 | + - shouldn't be to hard since we we are only interested in a very small |
| 178 | + subset of ASL |
| 179 | +- virtio_rnd: |
| 180 | + - is untested |
| 181 | +- remove explicit state transitions: |
| 182 | + - since only the owning task/thread can modify the VM/vCPUs a lot of the synchronization might be unnecessary |
| 183 | +- performance, performance and performance |
| 184 | +- remove vestigial code, cleanup |
0 commit comments