implementation of xen pvhvm drivers in openbsd
play

Implementation of Xen PVHVM drivers in OpenBSD Mike Belopuhov - PowerPoint PPT Presentation

Jan 20, 2024 •310 likes •1.32k views

Implementation of Xen PVHVM drivers in OpenBSD Mike Belopuhov Esdenera Networks GmbH mike@esdenera.com Tokyo, March 12 2016 The goal Produce a minimal well-written and well-understood code base to be able to run in Amazon EC2 and fix

  1. Implementation of Xen PVHVM drivers in OpenBSD Mike Belopuhov Esdenera Networks GmbH mike@esdenera.com Tokyo, March 12 2016

  2. The goal Produce a minimal well-written and well-understood code base to be able to run in Amazon EC2 and fix potential problems for our customers.

  3. The challenge Produce a minimal well-written and well-understood code base to be able to run in Amazon EC2 and fix potential problems for our customers .

  4. Requirements Need to be able to: ◮ boot

  5. Requirements Need to be able to: ◮ boot: already works!

  6. Requirements Need to be able to: ◮ boot: already works! ◮ mount root partition

  7. Requirements Need to be able to: ◮ boot: already works! ◮ mount root partition: already works!

  8. Requirements Need to be able to: ◮ boot: already works! ◮ mount root partition: already works! ◮ support SMP

  9. Requirements Need to be able to: ◮ boot: already works! ◮ mount root partition: already works! ◮ support SMP: didn’t work on amd64

  10. Requirements Need to be able to: ◮ boot: already works! ◮ mount root partition: already works! ◮ support SMP: fixed shortly

  11. Requirements Need to be able to: ◮ boot: already works! ◮ mount root partition: already works! ◮ support SMP: fixed shortly ◮ perform “cloud init”

  12. Requirements Need to be able to: ◮ boot: already works! ◮ mount root partition: already works! ◮ support SMP: fixed shortly ◮ perform “cloud init”: requires PV networking driver. Snap!

  13. Requirements Need to be able to: ◮ boot: already works! ◮ mount root partition: already works! ◮ support SMP: fixed shortly ◮ perform “cloud init”: requires PV networking driver ◮ login into the system via SSH...

  14. Requirements Need to be able to: ◮ boot: already works! ◮ mount root partition: already works! ◮ support SMP: fixed shortly ◮ perform “cloud init”: requires PV networking driver ◮ login into the system via SSH... Same thing.

  15. Outlook on the FreeBSD implementation ◮ Huge in size

  16. Outlook on the FreeBSD implementation ◮ Huge in size “ du -csh ” reports 1.5MB vs. 124KB in OpenBSD as of 5.9 35 C files and 83 header files vs. 4 C files and 2 headers

  17. Outlook on the FreeBSD implementation ◮ Huge in size ◮ Needlessly complex Overblown XenStore API, interrupt handling, . . . Guest initialization, while technically simple, makes you chase functions all over the place.

  18. Outlook on the FreeBSD implementation ◮ Huge in size ◮ Needlessly complex ◮ Clash of coding practices

  19. Outlook on the FreeBSD implementation ◮ Huge in size ◮ Needlessly complex ◮ Clash of coding practices Lots of code has been taken verbatim from Linux (where license allows)

  20. Outlook on the FreeBSD implementation ◮ Huge in size ◮ Needlessly complex ◮ Clash of coding practices ◮ Questionable abstractions

  21. Outlook on the FreeBSD implementation ◮ Huge in size ◮ Needlessly complex ◮ Clash of coding practices ◮ Questionable abstractions Code-generating macros, e.g. DEFINE RING TYPES . Macros to “facilitate” simple producer/consumer arithmetics, e.g. RING PUSH REQUESTS AND CHECK NOTIFY and friends. A whole bunch of things in the XenStore: xs directory dealing with an array of strings, use of sscanf to parse single digit numbers, etc.

  22. Porting plans. . . . . . were scrapped in their infancy.

  23. Single device driver model In OpenBSD a pvbus(4) driver performs early hypervisor detection and can set up some parameters before attaching the guest nexus device: xen0 at pvbus? The xen(4) driver performs HVM guest initialization and serves as an attachment point for PVHVM device drivers, such as the Netfront, xnf(4): xnf* at xen?

  24. HVM guest initialization ◮ The hypercall interface

  25. Hypercalls Instead of defining a macro for every type of a hypercall we use a single function with variable arguments: xen hypercall(struct xen softc *, int op, int argc, ...) Xen provides an ABI for amd64, i386 and arm that we need to adhere to when preparing arguments for the hypercall.

  26. The hypercall page Statically allocated in the kernel code segment: .text .align NBPG .globl C LABEL(xen hypercall page) C LABEL(xen hypercall page): .skip 0x1000, 0x90

  27. The hypercall page (gdb) disassemble xen hypercall page <xen hypercall page+0>: mov $0x0,%eax <xen hypercall page+5>: sgdt <xen hypercall page+6>: add %eax,%ecx <xen hypercall page+8>: retq <xen hypercall page+9>: int3 ... <xen hypercall page+32>: mov $0x1,%eax <xen hypercall page+37>: sgdt <xen hypercall page+38>: add %eax,%ecx <xen hypercall page+40>: retq <xen hypercall page+41>: int3 ...

  28. HVM guest initialization ◮ The hypercall interface ◮ The shared info page

  29. HVM guest initialization ◮ The hypercall interface ◮ The shared info page ◮ Interrupt subsystem

  30. Interrupts ◮ Allocate an IDT slot Pre-defined value of 0x70 (start of an IPL NET section) is used at the moment.

  31. Interrupts ◮ Allocate an IDT slot ◮ Prepare interrupt, resume and recurse vectors Xen upcall interrupt is executing with an IPL NET priority. Xintr xen upcall is hooked to the IDT gate. Xrecurse xen upcall and Xresume xen upcall are hooked to the interrupt source structure to handle pending Xen interrupts.

  32. Interrupts ◮ Allocate an IDT slot ◮ Prepare interrupt, resume and recurse vectors ◮ Communicate the slot number with the hypervisor A XenSource Platform PCI Device driver, xspd(4), serves as a backup option for delivering Xen upcall interrupts if setting up an IDT callback vector fails.

  33. Interrupts ◮ Allocate an IDT slot ◮ Prepare interrupt, resume and recurse vectors ◮ Communicate the slot number with the hypervisor ◮ Implement API to ( dis- )establish device interrupt handlers and mask/unmask associated event ports. int xen intr establish( evtchn port t , xen intr handle t *, void (*handler)(void *), void *arg, char *name); int xen intr disestablish( xen intr handle t ); void xen intr mask( xen intr handle t ); int xen intr unmask( xen intr handle t );

  34. Interrupts ◮ Allocate an IDT slot ◮ Prepare interrupt, resume and recurse vectors ◮ Communicate the slot number with the hypervisor ◮ Implement API to ( dis- )establish device interrupt handlers and mask/unmask associated event ports. ◮ Implement events fan out Xintr xen upcall(xen intr()): while( pending events? ) xi = xen lookup intsrc( event bitmask ) xi->xi handler(xi->xi arg)

  35. Almost there: XenStore ◮ Shared ring with a producer/consumer interface

  36. Almost there: XenStore ◮ Shared ring with a producer/consumer interface ◮ Driven by interrupts

  37. Almost there: XenStore ◮ Shared ring with a producer/consumer interface ◮ Driven by interrupts ◮ Exchanges ASCII NUL-terminated strings

  38. Almost there: XenStore ◮ Shared ring with a producer/consumer interface ◮ Driven by interrupts ◮ Exchanges ASCII NUL-terminated strings ◮ Exposes a hierarchical filesystem-like structure

  39. Almost there: XenStore ◮ Shared ring with a producer/consumer interface ◮ Driven by interrupts ◮ Exchanges ASCII NUL-terminated strings ◮ Exposes a hierarchical filesystem-like structure device/ device/vif device/vif/0 device/vif/0/mac = ‘‘06:b1:98:b1:2c:6b’’ device/vif/0/backend = ‘‘/local/domain/0/backend/vif/569/0’’

  40. Almost there: XenStore References to other parts of the tree, for example, the backend /local/domain/0/backend/vif/569/0 : domain handle uuid script state frontend mac online frontend-id type feature-sg feature-gso-tcpv4 feature-rx-copy feature-rx-flip hotplug-status

  41. Almost there: Device discovery and attachment

  42. Enter Netfront ...or not!

  43. Enter Netfront Grant Tables are required to implement receive and transmit rings.

  44. What’s in a ring? Consumer Producer Descriptor 1 Descriptor 2 Descriptor 3 Descriptor 4 Descriptor 5

  45. What’s in a ring? Consumer Buffer 1 Descriptor 1 Producer Descriptor 2 Descriptor 3 Descriptor 4 Descriptor 5

  46. What’s in a ring? Consumer Buffer 1 Descriptor 1 Buffer 2 Descriptor 2 Producer Descriptor 3 Descriptor 4 Descriptor 5

  47. What’s in a ring? Buffer 1 Descriptor 1 Buffer 2 Consumer Descriptor 2 Buffer 3 Descriptor 3 Producer Descriptor 4 Descriptor 5

  48. What’s in a ring? Descriptor 1 Consumer Descriptor 2 Buffer 3 Descriptor 3 Buffer 4 Descriptor 4 Producer Descriptor 5

  49. What’s in a ring? Producer Descriptor 1 Consumer Descriptor 2 Buffer 3 Descriptor 3 Buffer 4 Descriptor 4 Buffer 5 Descriptor 5 Producer

  50. What’s in a ring? Consumer Producer Descriptor 1 Descriptor 2 Buffer 3 Descriptor 3 Buffer 4 Descriptor 4 Consumer Buffer 5 Descriptor 5

  51. What’s in a ring? Consumer Producer Descriptor 1 Descriptor 2 Descriptor 3 Descriptor 4 Descriptor 5

  52. What’s in a ring?

  53. bus dma(9) Since its inception, bus dma(9) interface has unified different approaches to DMA memory management across different architectures.

Recommend

Porting OpenBSD Niall OHiggins &lt;niallo@openbsd.org&gt; Uwe Sthler &lt;uwe@openbsd.org&gt;

Porting OpenBSD Niall OHiggins &lt;niallo@openbsd.org&gt; Uwe Sthler &lt;uwe@openbsd.org&gt;

Porting OpenBSD Niall OHiggins &lt;niallo@openbsd.org&gt; Uwe Sthler &lt;uwe@openbsd.org&gt; OpenCON, 2005 Outline 1 Porting OpenBSD What It Takes Preparation Cross-Development The Boot Loader Building The Kernel Adapting Startup

1.59k views • 88 slides
Supporting Radio Clocks in OpenBSD Marc Balmer &lt; mbalmer@openbsd.org &gt; micro systems/OpenBSD

Supporting Radio Clocks in OpenBSD Marc Balmer &lt; mbalmer@openbsd.org &gt; micro systems/OpenBSD

Supporting Radio Clocks in OpenBSD Marc Balmer &lt; mbalmer@openbsd.org &gt; micro systems/OpenBSD BSDConTr, Istanbul, Turkey Agenda 1 Introduction 2 Radio Clocks 3 Architectural Overview 4 Support for GPS-Receivers 5 Support for Time Signal

745 views • 35 slides
Using OpenBSD Security Features to Find Software Bugs Peter Valchev pvalchev@openbsd.org

Using OpenBSD Security Features to Find Software Bugs Peter Valchev pvalchev@openbsd.org

Reflections|Projections 2007 Using OpenBSD Security Features to Find Software Bugs Peter Valchev pvalchev@openbsd.org Overview of OpenBSD History Berkeley Software Distribution (BSD) First freely distributable BSD was released in June

810 views • 24 slides
Fuzzing the OpenBSD Kernel Part 1/N Anton Lindqvist &lt;anton@openbsd.org&gt; Introduction

Fuzzing the OpenBSD Kernel Part 1/N Anton Lindqvist &lt;anton@openbsd.org&gt; Introduction

Fuzzing the OpenBSD Kernel Part 1/N Anton Lindqvist &lt;anton@openbsd.org&gt; Introduction Fuzzing the OpenBSD kernel using the syzkaller kernel fuzzer. Heard about first on the BSD Now podcast back in April 2018. Ongoing effort, hence 1/N in

668 views • 15 slides
the Consolidated Framework for Implementation Research to identify drivers of implementation

the Consolidated Framework for Implementation Research to identify drivers of implementation

HPV vaccine demonstration project in Mozambique: Applying the Consolidated Framework for Implementation Research to identify drivers of implementation performance Caroline Soi, Sarah Gimbel, Baltazar Chilundo, Vasco Muchanga, Luisa Matsinhe,

399 views • 28 slides
History of the OpenBSD Hardware Sensors Framework Constantine A. Murenin University of W

History of the OpenBSD Hardware Sensors Framework Constantine A. Murenin University of W

History of the OpenBSD Hardware Sensors Framework Constantine A. Murenin University of W aterloo AsiaBSDCon 2009 12/15 March 2009 Tokyo, Japan Outline Introduction Framework API and utilities Drivers I C Bus Scan

693 views • 31 slides
Light Regional Council ADAC Implementation Overview Drivers for electronic processing

Light Regional Council ADAC Implementation Overview Drivers for electronic processing

Light Regional Council ADAC Implementation Overview Drivers for electronic processing LGA R&amp;D Funded Pilot Experiences to Date Challenges for Implementation Drivers Drivers 1,000 Lots per year? 30 Lots per year LGA

353 views • 12 slides
Using BGP for realtime import and export of OpenBSD spamd entries Peter Hessler

Using BGP for realtime import and export of OpenBSD spamd entries Peter Hessler

Using BGP for realtime import and export of OpenBSD spamd entries Peter Hessler phessler@openbsd.org OpenBSD 17 March, 2013 1 / 27 what is this spamd uses IP host entries, to whitelist, blacklist or greylist hosts spamd can import and

412 views • 27 slides
Mininet on OpenBSD Using rdomains for Interactive SDN Testing and Development Ayaka Koshibe

Mininet on OpenBSD Using rdomains for Interactive SDN Testing and Development Ayaka Koshibe

Mininet on OpenBSD Using rdomains for Interactive SDN Testing and Development Ayaka Koshibe akoshibe@openbsd.org AsiaBSDCon 2018 SDN? Network split into programmable nodes that handle traffic and entities that program them

372 views • 26 slides
LSE Summer Week 2016 16 July, 2016 Antoine Jacoutot &lt;ajacoutot@openbsd.org&gt; whoami(1)

LSE Summer Week 2016 16 July, 2016 Antoine Jacoutot &lt;ajacoutot@openbsd.org&gt; whoami(1)

OpenBSD rc.d(8) LSE Summer Week 2016 16 July, 2016 Antoine Jacoutot &lt;ajacoutot@openbsd.org&gt; whoami(1) OpenBSD developer since 2006 ajacoutot@ aka aja@ sysmerge, rc.d, rcctl, libtool, stuff, other stuff &gt;400 ports,

1.19k views • 64 slides
OpenBSD: add VMM to packer The red pill taken to develop a Go plugin for packer.io to

OpenBSD: add VMM to packer The red pill taken to develop a Go plugin for packer.io to

OpenBSD: add VMM to packer The red pill taken to develop a Go plugin for packer.io to be able to create VM images on OpenBSD for VMM and many other virtualizers. Philipp Bhler &lt;pb@sysfive.com&gt; @pb_double sysfive.com portfolio

510 views • 20 slides
OpenSMTPD over the clouds the story of an HA setup Giovanni Bechis &lt;giovanni@openbsd.org&gt;

OpenSMTPD over the clouds the story of an HA setup Giovanni Bechis &lt;giovanni@openbsd.org&gt;

OpenSMTPD over the clouds the story of an HA setup Giovanni Bechis &lt;giovanni@openbsd.org&gt; Fosdem 2020, Brussels Historical setup some OpenBSD mail servers Postfix + Apache SpamAssassin + Amavisd-new + Courier Imap no shared

310 views • 20 slides
Removing ROP Gadgets from OpenBSD AsiaBSDCon 2019 Todd Mortimer mortimer@openbsd.org Overview

Removing ROP Gadgets from OpenBSD AsiaBSDCon 2019 Todd Mortimer mortimer@openbsd.org Overview

Removing ROP Gadgets from OpenBSD AsiaBSDCon 2019 Todd Mortimer mortimer@openbsd.org Overview Return Oriented Programming Removing ROP Gadgets Unaligned / Polymorphic Gadget Reduction Aligned Gadget Reduction Results Return

1.99k views • 99 slides
Design and Performance of the OpenBSD Stateful Packet Filter (pf) Daniel Hartmeier

Design and Performance of the OpenBSD Stateful Packet Filter (pf) Daniel Hartmeier

Design and Performance of the OpenBSD Stateful Packet Filter (pf) Daniel Hartmeier dhartmei@openbsd.org Systor AG Usenix 2002 p.1/22 Introduction part of a firewall, working on IP packet level (vs. application level proxies or ethernet

455 views • 33 slides
Measuring Performance on OpenBSD Alexander Bluhm bluhm@openbsd.org EuroBSDCon, September 2019

Measuring Performance on OpenBSD Alexander Bluhm bluhm@openbsd.org EuroBSDCon, September 2019

What did exist before? How does it work? What are the findings? What is the Conclusion? Measuring Performance on OpenBSD Alexander Bluhm bluhm@openbsd.org EuroBSDCon, September 2019 What did exist before? How does it work? What are the

491 views • 48 slides
OpenBSDs new httpd AsiaBSDCon 2015 Reyk Flter (reyk@openbsd.org)

OpenBSDs new httpd AsiaBSDCon 2015 Reyk Flter (reyk@openbsd.org)

I n t ro d u c i n g OpenBSDs new httpd AsiaBSDCon 2015 Reyk Flter (reyk@openbsd.org) ESDENERA NETWORKS GmbH Why do we need a web server in base? Serve the OpenBSD page. Why do we need a web server

264 views • 22 slides
Game of Trees Stefan Sperling &lt; stsp@openbsd.org &gt; EuroBSDcon 2019 What is Game of Trees?

Game of Trees Stefan Sperling &lt; stsp@openbsd.org &gt; EuroBSDcon 2019 What is Game of Trees?

Game of Trees Stefan Sperling &lt; stsp@openbsd.org &gt; EuroBSDcon 2019 What is Game of Trees? Game of Trees is a work-in-progress version control system which attempts to be appealing to OpenBSD developers. designed and written from scratch

1.08k views • 72 slides
Recent work in OpenBSD relayd AsiaBSDCon 2013 Reyk

Recent work in OpenBSD relayd AsiaBSDCon 2013 Reyk

Recent work in OpenBSD relayd AsiaBSDCon 2013 Reyk Flter (reyk@openbsd.org) Agenda History &amp; Background Recent work SSL Interception Socket

533 views • 19 slides
OpenBSD vmm/vmd Update Mike Larkin bhyvecon 2018 09 Mar 2018 Tokyo, Japan Agenda Where

OpenBSD vmm/vmd Update Mike Larkin bhyvecon 2018 09 Mar 2018 Tokyo, Japan Agenda Where

OpenBSD vmm/vmd Update Mike Larkin bhyvecon 2018 09 Mar 2018 Tokyo, Japan Agenda Where we were a year ago Current status Future plans Q&amp;A One Year Ago ... Limited guest VM choices Decent support for OpenBSD

852 views • 33 slides
Measuring Performance on OpenBSD Alexander Bluhm bluhm@openbsd.org BSDCan, May 2019 What did

Measuring Performance on OpenBSD Alexander Bluhm bluhm@openbsd.org BSDCan, May 2019 What did

What did exist before? How does it work? What are the findings? What is the Conclusion? Measuring Performance on OpenBSD Alexander Bluhm bluhm@openbsd.org BSDCan, May 2019 What did exist before? How does it work? What are the findings?

475 views • 43 slides
OpenBSD vmm/vmd Update Mike Larkin bhyvecon 2019 20 Mar 2019 Tokyo, Japan Agenda Where

OpenBSD vmm/vmd Update Mike Larkin bhyvecon 2019 20 Mar 2019 Tokyo, Japan Agenda Where

OpenBSD vmm/vmd Update Mike Larkin bhyvecon 2019 20 Mar 2019 Tokyo, Japan Agenda Where we were a year ago Current status Future plans Q&amp;A One Year Ago ... Reasonably complete support for OpenBSD and Linux guests

729 views • 47 slides
Pillar 2 report Extract from the 2-page summary Physics drivers and implementation (through

Pillar 2 report Extract from the 2-page summary Physics drivers and implementation (through

Pillar 2 report Extract from the 2-page summary Physics drivers and implementation (through infrastructures) Neutrino oscillations (CP violation, hierarchy): DUNE, Hyper-K, IceCube Neutrino nature (Majorana/Dirac): Gerda/Legend Ties

335 views • 6 slides
Why are we here? Purpose Understand drivers that generate the need for innovation

Why are we here? Purpose Understand drivers that generate the need for innovation

Why are we here? Purpose Understand drivers that generate the need for innovation Understand key barriers preventing creation, adoption and implementation of innovation Identify how to facilitate the implementation of new

176 views • 14 slides
JUSTICE REINVESTMENT IN WEST VIRGINIA: POPULATION DRIVERS, IMPLEMENTATION, AND PERFORMANCE

JUSTICE REINVESTMENT IN WEST VIRGINIA: POPULATION DRIVERS, IMPLEMENTATION, AND PERFORMANCE

JUSTICE REINVESTMENT IN WEST VIRGINIA: POPULATION DRIVERS, IMPLEMENTATION, AND PERFORMANCE MEASUREMENT Maria Orsini, Research Specialist Office of Research and Strategic Planning WV Division of Justice and Community Services National Forum on

417 views • 19 slides

More recommend