Mastodawn

Matthew Garrett May 8, 2024

My annual plea for a thing: I want a type 1 hypervisor that just has a small isolated VM and then passes through the rest of the hardware to the main VM which runs Linux. The small VM is intended to be used to run small pieces of code that the main OS should not be able to interfere with. Does such a thing exist? (Think Xen, but with a Dom0 that can't see into DomUs)

Show thread

Stephen Crane May 8, 2024

@mjg59 you’ve looked at halfnium for this? https://hafnium.googlesource.com/hafnium/+/HEAD/docs/Architecture.md

Hafnium - Hafnium architecture

Show thread

Stephen Crane

@mjg59 AVF with pKVM is also effectively this but the hypervisor is a split off part of the Linux kernel, so not exactly type 1.

Show thread

Zimmie May 8, 2024

@rinon @mjg59 It’s not like “type 1” versus “type 2” is a real technical distinction.

Show thread

Дамјан Георгиевски May 14, 2024

@rinon @mjg59
how about this qualcomm gunyah thing?
https://github.com/quic/gunyah-hypervisor

GitHub - quic/gunyah-hypervisor: Gunyah is a Type-1 hypervisor designed for strong security, performance and modularity.

Gunyah is a Type-1 hypervisor designed for strong security, performance and modularity. - quic/gunyah-hypervisor

GitHub