CN112099914B - Virtual machine multi-core starting method, virtual machine and processor chip - Google Patents
Virtual machine multi-core starting method, virtual machine and processor chip Download PDFInfo
- Publication number
- CN112099914B CN112099914B CN202010919963.7A CN202010919963A CN112099914B CN 112099914 B CN112099914 B CN 112099914B CN 202010919963 A CN202010919963 A CN 202010919963A CN 112099914 B CN112099914 B CN 112099914B
- Authority
- CN
- China
- Prior art keywords
- virtual machine
- starting
- processor
- address
- operating system
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
- G06F2009/45575—Starting, stopping, suspending or resuming virtual machine instances
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
- G06F2009/45587—Isolation or security of virtual machine instances
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D10/00—Energy efficient computing, e.g. low power processors, power management or thermal management
Abstract
The embodiment of the invention discloses a virtual machine multi-core starting method, a virtual machine and a processor chip, and relates to the technical field of secure virtual machines. The virtual machine multi-core starting method comprises the following steps: the method comprises the steps that a starting processor of a virtual machine runs an operating system, and an operating system starting execution address of an application processor of the virtual machine is written into a preset jump table; the jump table can only be read and written by the virtual machine; the starting processor sends an operating system starting signal to the application processor; and after receiving the operating system starting signal, the application processor reads an operating system starting execution address of the application processor recorded in the jump table and starts an operating system. According to the invention, the related information of the AP starting address is stored by adding the MSR register which can only be read and written by the virtual machine, so that the whole read-write process of the AP starting address is ensured to be completely controllable for the virtual machine, and the security risk that the VMM sets a malicious AP OS instruction address to attack the virtual machine is avoided.
Description
Technical Field
The present invention relates to the field of secure virtual machines, and in particular, to a virtual machine multi-core startup method, a virtual machine, and a processor chip.
Background
A Virtual Machine (VM) refers to a complete computer system that runs in a completely isolated environment with complete hardware system functionality through software emulation. When the virtual machine is a multi-core processor, an application processor (Application Processor, AP) of the virtual machine wants to start a basic input output System (Basic Input Output System, BIOS), or transitions from a BIOS phase to an Operating System (OS) phase, the start processor (BootStrap Processor, BSP) of the virtual machine is required to send a start signal to the AP, and the AP obtains its BIOS start address or OS start address according to the start signal.
As shown in FIG. 1, the conventional multi-core starting method of a virtual machine mainly comprises the following steps when the virtual machine operates in a multiprocessor mode:
s101: the VMM sets a starting processor of the virtual machine;
s102: the BSP of the virtual machine firstly enters a Basic Input Output System (BIOS) stage, and BIOS codes are executed according to addresses in VMSA of the BSP;
s103: the BSP sends a first starting signal to an application processor of the virtual machine to inform the AP to start the BIOS; the first starting signal comprises a BIOS starting address of the AP; herein, the start address is a storage address of the first instruction;
s104: the VMM intercepts a first starting signal sent by the BSP to the AP, and sets a BIOS starting address of the AP to VMSA of the AP;
s105: the AP executes BIOS codes from BIOS starting addresses of the AP recorded in VMSA of the AP;
s106: the AP completes the tasks of the BIOS stage, stops running and stays in the BIOS stage. At this point, the BSP of the virtual machine transitions from the BIOS phase to an Operating System (OS) phase.
S107: the BSP runs OS start codes;
s108: the BSP sends a second starting signal to the AP; wherein, the second start signal contains the OS start address of the AP;
s109: the VMM intercepts a second starting signal sent by the BSP to the AP, and sets an OS starting address of the AP to a VMSA of the AP;
s110: the AP executes the OS code from the AP's OS start address recorded in the AP's VMSA.
In this step, the AP takes the first instruction address of the OS stage of the AP from its own VMSA, and jumps to this target instruction, and the AP smoothly enters the OS stage because the target instruction that jumps belongs to the OS code range.
In the starting manner of the virtual machine shown in fig. 1, when the AP is started, the VMM needs to transmit the AP execution address to the virtual machine, and the VMM can achieve the purpose of attacking the virtual machine by setting a malicious instruction address to the VMSA, so that the safe operation of the virtual machine cannot be ensured.
Disclosure of Invention
In view of the above, the embodiment of the invention provides a virtual machine and a starting method thereof, which can solve the problem of low security caused by the fact that the existing virtual machine cannot avoid a VMM when being started.
In a first aspect, an embodiment of the present invention provides a method for starting a virtual machine by multiple cores, including:
the method comprises the steps that a starting processor of a virtual machine runs an operating system, and an operating system starting execution address of an application processor of the virtual machine is written into a preset jump table; the jump table can only be read and written by the virtual machine;
the starting processor sends an operating system starting signal to the application processor;
and after receiving the operating system starting signal, the application processor reads an operating system starting execution address of the application processor recorded in the jump table and starts an operating system.
With reference to the first aspect, in a first implementation manner of the first aspect, before writing, by the start processor of the virtual machine, an operating system start execution address of an application processor of the virtual machine into a preset jump table when the start processor runs the operating system, the method further includes:
setting a Model-dependent register (Model-Specific Register, MSR) in the virtual machine; the MSR is only accessible to the virtual machine, and the reading and writing of the MSR cannot be intercepted by a Virtual Machine Monitor (VMM);
the starting processor writes the address of the preset jump table into the MSR when the basic input/output system is operated;
when the starting processor of the virtual machine runs the operating system, writing an operating system starting execution address of an application processor of the virtual machine into a preset jump table, wherein the method specifically comprises the following steps:
when the starting processor of the virtual machine runs an operating system, reading a value stored in the MSR;
the starting processor takes the read value as a jump table address;
and the starting processor writes an operating system starting execution address of an application processor of the virtual machine into a jump table corresponding to the jump table address.
With reference to the first aspect, in a second implementation manner of the first aspect, before the starting processor of the virtual machine writes an operating system start execution address of the application processor into the preset jump table when running the operating system, the method further includes:
and when the starting processor runs the basic input and output system, applying for a memory space as a jump table which can only be read and written by the virtual machine.
With reference to the first aspect, the first implementation manner of the first aspect, or the second implementation manner of the first aspect, in a third implementation manner of the first aspect, before the starting processor of the virtual machine runs the operating system, the method further includes:
the starting processor starts a basic input output system according to a first address of a virtual machine monitor VMM, which is arranged in a virtual machine state storage area VMSA of the starting processor, and sends a basic input output system starting signal to the application processor; the first address is a basic input/output system starting address corresponding to the starting processor;
after receiving the starting signal of the basic input/output system, the application processor starts the basic input/output system according to a second address set in a virtual machine state storage area VMSA of the application processor by a virtual machine monitor VMM; the second address is a basic input/output system starting address corresponding to the application processor;
after the application processor completes the basic input/output system starting task, the application processor pauses in the basic input/output system mode under the control of a Virtual Machine Monitor (VMM).
In a second aspect, an embodiment of the present invention provides a virtual machine, including: a startup processor and an application processor;
the starting processor is used for writing an operating system starting execution address of the application processor into a preset jump table when the operating system is operated, and then sending an operating system starting signal to the application processor; the jump table can only be read and written by the virtual machine;
and the application processor is used for reading the operating system starting execution address of the application processor recorded in the jump table after receiving the operating system starting signal, and starting the operating system.
With reference to the second aspect, in a first implementation manner of the second aspect, the virtual machine further includes a model-related register MSR;
the starting processor is further used for writing the address of the jump table into the MSR when the basic input/output system is operated; the method is also used for reading the value stored in the MSR when the operating system is operated, taking the read value as a jump table address, and writing the operating system start execution address of the application processor of the virtual machine into a jump table corresponding to the jump table address;
wherein, only the virtual machine can be accessed by the MSR, and the read-write of the MSR is not intercepted by a virtual machine monitor VMM.
With reference to the second aspect, in a second implementation manner of the second aspect, the boot processor is further configured to apply for a memory space as a jump table that can only be read and written by the virtual machine when running the bios.
With reference to the second aspect, the first possible implementation manner of the second aspect, or the second possible implementation manner of the second aspect, in a third possible implementation manner of the second aspect,
the starting processor is further configured to start the basic input/output system according to a first address set in a virtual machine state storage area VMSA of the starting processor by a virtual machine monitor VMM before running the operating system, and send a basic input/output system starting signal to the application processor; the first address is a basic input/output system starting address corresponding to the starting processor;
the application processor is further configured to start the bios according to a second address of the virtual machine monitor VMM set in the virtual machine state storage area VMSA of the application processor after receiving the bios start signal, and suspend in the bios mode under the control of the virtual machine monitor VMM after completing the bios start task; and the second address is a basic input/output system starting address corresponding to the application processor.
In a third aspect, an embodiment of the present invention provides a processor chip, including: a processor core;
the processor core is configured to run a virtual machine to execute the following procedures:
when a starting processor of a virtual machine runs an operating system, writing an operating system starting execution address of an application processor of the virtual machine into a preset jump table; the jump table can only be read and written by the virtual machine;
the starting processor sends an operating system starting signal to the application processor;
and after receiving the operating system starting signal, the application processor reads an operating system starting execution address of the application processor recorded in the jump table and starts an operating system.
With reference to the third aspect, in a first possible implementation manner of the third aspect, the processor core is further configured to perform:
setting a model related register MSR in the virtual machine before an operating system start execution address of an application processor of the virtual machine is written into a preset jump table when a start processor of the virtual machine runs the operating system; the MSR is only accessible to the virtual machine, and the reading and writing of the MSR cannot be intercepted by a Virtual Machine Monitor (VMM);
the starting processor writes the address of the jump table into the MSR when the basic input/output system is operated;
when the starting processor of the virtual machine runs the operating system, writing an operating system starting execution address of an application processor of the virtual machine into a preset jump table, wherein the method specifically comprises the following steps:
reading a value stored in the MSR when the virtual machine starts a processor to run an operating system;
the starting processor takes the read value as a jump table address;
and the starting processor writes an operating system starting execution address of an application processor of the virtual machine into a jump table corresponding to the jump table address.
With reference to the third aspect, in a second possible implementation manner of the third aspect, the processor core is further configured to perform:
and the starting processor applies a memory space as a jump table which can only be read and written by the virtual machine when the basic input/output system is operated before the starting processor of the virtual machine writes the starting execution address of the operating system of the application processor into a preset jump table when the starting processor of the virtual machine is operated.
With reference to the third aspect, the first implementation manner of the third aspect, or the second implementation manner of the third aspect, in a third implementation manner of the third aspect, the processor core is further configured to perform:
before a starting processor of the virtual machine runs an operating system, the starting processor starts a basic input output system according to a first address of a virtual machine monitor VMM (virtual machine monitor) arranged in a virtual machine state storage area VMSA of the starting processor and sends a basic input output system starting signal to the application processor; the first address is a basic input/output system starting address corresponding to the starting processor;
after receiving the starting signal of the basic input/output system, the application processor starts the basic input/output system according to a second address set in a virtual machine state storage area VMSA of the application processor by a virtual machine monitor VMM; the second address is a basic input/output system starting address corresponding to the application processor;
after the application processor completes the basic input/output system starting task, the application processor pauses in the basic input/output system mode under the control of a Virtual Machine Monitor (VMM).
According to the virtual machine multi-core starting method, the virtual machine and the processor chip, the jump table is managed by adding the MSR which can only be read and written in the virtual machine, the jump table address is stored by writing the value into the MSR, the MSR is read to obtain the jump table address, the whole process is completely carried out under the control of the virtual machine, the VMM cannot set a malicious instruction address to the VMSA, the VMM cannot maliciously control the jump table for recording the OS starting address of the AP, and therefore the process of operating the whole jump table is guaranteed to be completely controllable for the virtual machine, and the security risk brought by the VMM participating in the AP starting address management is avoided.
Drawings
In order to more clearly illustrate the embodiments of the invention or the technical solutions in the prior art, the drawings that are required in the embodiments or the description of the prior art will be briefly described, it being obvious that the drawings in the following description are only some embodiments of the invention, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a flow chart of a multi-core starting method of a virtual machine in the prior art;
FIG. 2 is a flowchart of a virtual machine multi-core startup method according to a first embodiment of the present invention;
FIG. 3 is a schematic flow chart of a second embodiment of a method for starting a virtual machine;
FIG. 4 is a schematic diagram of a virtual machine according to a first embodiment of the present invention;
fig. 5 is a schematic structural diagram of a virtual machine according to a second embodiment of the present invention.
Detailed Description
The invention provides a new virtual machine multi-core starting scheme, which adds an encryption function in VMSA, a VMM can only set the VMSA before starting a virtual machine, in the running process of the following virtual machine, the VMM cannot set the VMSA, and the OS starting address of an AP is written into a jump table which can only be read and written by the virtual machine but cannot be participated by the VMM, thereby solving the problems in the prior art. Embodiments of the present invention will be described in detail below with reference to the accompanying drawings.
It should be understood that the described embodiments are merely some, but not all, embodiments of the invention. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
Fig. 2 is a flowchart of a virtual machine multi-core startup method according to a first embodiment of the present invention. Referring to fig. 2, an embodiment of the message task scheduling method of the present invention includes the following steps:
s201, a starting processor BSP of the virtual machine runs an operating system, and an operating system starting execution address of an application processor AP of the virtual machine is written into a preset jump table;
wherein the jump table can only be read and written by the virtual machine.
In this embodiment, by setting a jump table that can only be read and written by the virtual machine, the jump table is used to store the OS start execution address of the AP of the virtual machine, so that the situation that the VMM maliciously modifies the operating system start execution address of the application processor, resulting in malicious attack of the virtual machine can be effectively avoided.
In this embodiment, as an optional manner, before step S201, the method further includes: when the starting processor BSP runs the basic input and output system, a memory space is applied and used as a jump table which can only be read and written by the virtual machine.
Preferably, the address of the jump table may be recorded by a model-related register disposed in the virtual machine, the BSP has at least a read-write authority for the MSR, and the AP has at least a read authority for the MSR. Namely: before the step of applying for a memory space when the boot processor runs the bios, the method provided by the present invention may further include: setting a model related register MSR in the virtual machine; wherein, only the virtual machine can be accessed by the MSR, and the read-write of the MSR is not intercepted by a virtual machine monitor VMM.
S202, the BSP sends an operating system starting signal to the AP;
in this embodiment, the BSP sends a start signal (SIPI signal) to the AP to trigger the AP to start the operating system.
And S203, after receiving a starting signal sent by the BSP, the AP reads an operating system starting execution address of the AP recorded in the jump table and starts the operating system.
In the virtual machine multi-core starting method provided by the embodiment of the invention, by setting the jump table which can only be read and written by the virtual machine, in the stage of starting the operating system by the BSP, firstly, the starting execution address of the operating system of the AP is stored in the jump table which is preset, then the BSP sends a starting operating system signal to the AP, and then the AP reads the recorded starting execution address of the operating system of the AP in the jump table and starts to start the operating system. The method can effectively avoid the problem that the VMM maliciously modifies the starting execution address of the operating system of the AP to cause the malicious attack of the virtual machine.
Fig. 3 is a schematic flow chart of a second embodiment of a virtual machine multi-core starting method according to the present invention. This embodiment details a method of recording an address of a jump table for storing an operating system start execution address of an AP using an MSR. Before the method of this embodiment is executed, a model-related register MSR needs to be set in the virtual machine in advance; the MSR is only accessible to the virtual machine and the MSR's read and write are not intercepted by the virtual machine monitor VMM.
In this embodiment, an MSR register is added in the virtual machine, where only the virtual machine can access the register, and the read and write of the MSR is not intercepted by the VMM. And then the read-write of the MSR is managed through the virtual machine, so that on one hand, the situation that a malicious instruction address is set to the VSMA in advance by the VMM is avoided, and on the other hand, the VMM cannot modify a jump table required by the AP.
As shown in fig. 3, the method provided in this embodiment may include the following steps:
s301: the VMM sets a BSP of the virtual machine and a VMSA of the AP;
s302: the BSP of the virtual machine starts the basic input and output system according to the first address set in the VMSA of the BSP by the VMM.
The first address is a basic input/output system starting address corresponding to the starting processor, and after the BSP obtains the first address recorded in the VMSA of the BSP, the BIOS code in the address is executed, the BIOS system is started, and the BIOS stage is entered.
S303: the BSP sends a basic input/output system starting signal to the AP;
in this step, the BSP sends a start signal carrying the start address of the BIOS of the AP to the AP, and the VMM intercepts the BIOS start signal sent by the BSP, but the VMM does not set the VSMA of the virtual machine AP.
S304: after receiving the basic input/output system starting signal sent by the BSP, the AP starts the basic input/output system according to a second address set in the VMSA of the AP by the VMM;
the second address is a basic input/output system starting address corresponding to the AP; because the second address is already set by the VMM before the virtual machine is started, after the AP directly obtains the second address in this step, the AP executes the BIOS code in the address, starts the BIOS system, and enters the BIOS phase.
S305: after the AP completes the starting task of the basic input output system, the AP pauses in the basic input output system mode under the control of the VMM and waits for the next operation.
S306: the BSP applies for a memory space as a jump table which can only be read and written by the virtual machine.
In this embodiment, the BSP completes some initialization tasks during the stage of starting the BIOS of the processor, including: storage space application, etc., e.g., BSP applies for a memory space as a jump table.
In this embodiment, the memory space of the application is used as a jump table, where the jump table can only be read and written by the virtual machine, and the jump table is used to store the operating system start address of the AP.
S307: the BSP writes the address of the jump table into a preset MSR;
in this embodiment, in the BIOS stage of the virtual machine, the BSP writes the address of the jump table into the MSR preset in the virtual machine through the MSR write instruction (wrmsr instruction). After receiving the signal for starting the operating system, the AP can obtain the starting address of the operating system through the MSR and the jump table in sequence.
S308: the BSP runs an operating system and reads the value stored in the current MSR.
In this embodiment, the steps S302 and S306-407 are all completed by the BSP in the BIOS stage, and in this step, the BSP runs the OS boot code to perform the OS stage, and then reads the value stored in the current MSR, i.e. the preset jump table address. The specific address, e.g., the address of the jump table, is obtained by reading the value of the MSR via an MSR read instruction (rdmsr).
S309: the BSP takes the read value as a jump table address.
In this embodiment, since the skip list is defined by the BIOS phase, the BSP of the OS phase does not know where the skip list is located at the beginning, so after the BSP enters the OS phase, the BSP does not know the address of the skip list, and the BSP needs to access the MSR to obtain the address of the skip list.
S310: the BSP writes the starting execution address of the operating system of the AP into the jump table according to the jump table address;
s311: the BSP sends an operating system starting signal to the AP;
in this embodiment, the BSP sends an operating system start signal including the OS start address of the AP to the AP, and the VMM intercepts the operating system start signal sent by the BSP, but the VMM does not set the VSMA of the virtual machine AP.
S312: after receiving the operating system starting signal, the AP reads an operating system starting execution address of the AP stored in a jump table;
in this embodiment, since the jump table is defined in the BIOS stage, when the AP receives the os start signal, the AP is currently in the BIOS stage, so that the AP knows how to access the jump table, and directly accesses the system start execution address of the AP that reads the jump table.
S313: the AP jumps to the OS code at the operating system start execution address of the AP saved in the jump table.
In this step, the AP jumps to the OS start execution address recorded in the address of the jump table to execute the OS code, starts the operating system, and enters the OS phase.
According to the virtual machine multi-core starting method, the MSR register is added in the virtual machine to record the jump table address, and since the MSR can only be read and written in the virtual machine and cannot be intercepted by the VMM, the whole jump table operation process is guaranteed to be completely controllable for the virtual machine, and the security risk brought by the VMM for managing the jump table is avoided.
Corresponding to the method for starting the multiple cores of the virtual machine provided by the embodiment of the present invention, the embodiment of the present invention further provides a virtual machine, as shown in fig. 4, where the virtual machine provided by the embodiment of the present invention includes: a boot processor 1 and an application processor 2; the starting processor 1 is configured to write an operating system starting execution address of the application processor 2 into a preset jump table when the operating system is running, and then send an operating system starting signal to the application processor 2; the jump table can only be read and written by the virtual machine; and the application processor 2 is used for reading the operating system starting execution address of the application processor recorded in the jump table after receiving the operating system starting signal and starting the operating system.
The virtual machine shown in fig. 4 may be used to implement the technical solution of the method embodiment shown in fig. 2, and its implementation principle and technical effects are similar, and are not described herein again.
In an alternative embodiment, the boot processor 1 is further configured to apply for a memory space as a jump table that can only be read and written by the virtual machine when running the bios before running the OS, where the jump table is used to store an execution instruction address of the application processor 2 of the virtual machine in the OS stage, and a first instruction of the OS stage recorded in the jump table is an OS boot execution address of the Application Processor (AP) 2.
FIG. 5 is a schematic diagram of a second embodiment of a virtual machine according to the present invention, as shown in FIG. 5, where the virtual machine according to the present embodiment further includes a model-dependent register (MSR) 3 based on the device structure shown in FIG. 4; the starting processor 1 is further used for writing the address of the jump table into the MSR3 when the basic input/output system is operated; the method is also used for reading the value stored in the MSR3 when the operating system is operated, taking the read value as a jump table address, and writing the operating system starting execution address of the application processor 2 into a jump table corresponding to the jump table address; wherein, only the virtual machine can be accessed by the MSR, and the read-write of the MSR is not intercepted by a virtual machine monitor VMM.
The virtual machine shown in fig. 5 may be used to implement the technical solution of the method embodiment shown in fig. 3, and its implementation principle and technical effects are similar, and are not described herein again.
In an alternative embodiment, in the BIOS stage, the boot processor 1 in fig. 5 is further configured to, before running the operating system, boot the BIOS according to a first address set in the virtual machine state storage area VMSA of the boot processor 1 by the virtual machine monitor VMM, and send a BIOS boot signal to the application processor 2; the first address is a basic input/output system starting address corresponding to the starting processor;
the application processor 2 is further configured to start the basic input/output system according to a second address set in the virtual machine state storage area VMSA of the application processor 2 by the virtual machine monitor VMM after receiving the basic input/output system start signal, and suspend in the basic input/output system mode under the control of the virtual machine monitor VMM after completing the basic input/output system start task; and the second address is a basic input/output system starting address corresponding to the application processor.
Corresponding to the virtual machine multi-core starting method provided by the invention, the embodiment of the invention also provides a processor chip, which comprises the following steps: a processor core;
the processor core is configured to run a virtual machine to execute the following procedures:
when a starting processor of a virtual machine runs an operating system, writing an operating system starting execution address of an application processor of the virtual machine into a preset jump table; the jump table can only be read and written by the virtual machine;
the starting processor sends an operating system starting signal to the application processor;
and after receiving the operating system starting signal, the application processor reads an operating system starting execution address of the application processor recorded in the jump table and starts an operating system.
In an alternative embodiment, the processor core is further configured to perform:
setting a model related register MSR in the virtual machine before an operating system start execution address of an application processor of the virtual machine is written into a preset jump table when a start processor of the virtual machine runs the operating system; the MSR is only accessible to the virtual machine, and the reading and writing of the MSR cannot be intercepted by a Virtual Machine Monitor (VMM);
the starting processor writes the address of the jump table into the MSR when the basic input/output system is operated;
when the starting processor of the virtual machine runs the operating system, writing an operating system starting execution address of an application processor of the virtual machine into a preset jump table, wherein the method specifically comprises the following steps:
reading a value stored in the MSR when the virtual machine starts a processor to run an operating system;
the starting processor takes the read value as a jump table address;
and the starting processor writes an operating system starting execution address of an application processor of the virtual machine into a jump table corresponding to the jump table address.
In an alternative embodiment, the processor core is further configured to perform:
and the starting processor applies a memory space as a jump table which can only be read and written by the virtual machine when the basic input/output system is operated before the starting processor of the virtual machine writes the starting execution address of the operating system of the application processor into a preset jump table when the starting processor of the virtual machine is operated.
Any of the above processor chips, further comprising:
before a starting processor of the virtual machine runs an operating system, the starting processor starts a basic input output system according to a first address of a virtual machine monitor VMM (virtual machine monitor) arranged in a virtual machine state storage area VMSA of the starting processor and sends a basic input output system starting signal to the application processor; the first address is a basic input/output system starting address corresponding to the starting processor;
after receiving the starting signal of the basic input/output system, the application processor starts the basic input/output system according to a second address set in a virtual machine state storage area VMSA of the application processor by a virtual machine monitor VMM; the second address is a basic input/output system starting address corresponding to the application processor;
after the application processor completes the basic input/output system starting task, the application processor pauses in the basic input/output system mode under the control of a Virtual Machine Monitor (VMM).
In this specification, each embodiment is described in a related manner, and identical and similar parts of each embodiment are all referred to each other, and each embodiment mainly describes differences from other embodiments. In particular, for the device embodiments, since they are substantially similar to the method embodiments, the description is relatively simple, and reference is made to the description of the method embodiments in part.
For convenience of description, the above apparatus is described as being functionally divided into various units/modules, respectively. Of course, the functions of the various elements/modules may be implemented in the same piece or pieces of software and/or hardware when implementing the present invention.
Those skilled in the art will appreciate that implementing all or part of the above-described methods in accordance with the embodiments may be accomplished by way of a computer program stored on a computer readable storage medium, which when executed may comprise the steps of the embodiments of the methods described above. The storage medium may be a magnetic disk, an optical disk, a Read-Only Memory (ROM), a random access Memory (Random Access Memory, RAM), or the like.
The foregoing is merely illustrative of the present invention, and the present invention is not limited thereto, and any changes or substitutions easily contemplated by those skilled in the art within the scope of the present invention should be included in the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.
Claims (12)
1. The virtual machine multi-core starting method is characterized by comprising the following steps of:
when a starting processor of a virtual machine runs an operating system, writing an operating system starting execution address of an application processor of the virtual machine into a preset jump table; the jump table can only be read and written by the virtual machine;
the starting processor sends an operating system starting signal to the application processor;
after receiving the operating system starting signal, the application processor reads an operating system starting execution address of the application processor recorded in the jump table and starts an operating system;
before writing the operating system start execution address of the application processor of the virtual machine into a preset jump table when the start processor of the virtual machine runs the operating system, the method further comprises the following steps:
setting a model related register MSR in the virtual machine; the MSR is only accessible to the virtual machine, and the reading and writing of the MSR cannot be intercepted by a Virtual Machine Monitor (VMM); and when the starting processor runs the basic input/output system, writing the address of the preset jump table into the MSR.
2. The method for starting up a virtual machine according to claim 1, wherein the starting up processor of the virtual machine writes an operating system starting up execution address of an application processor of the virtual machine into a preset jump table when running the operating system, specifically comprising:
when the starting processor of the virtual machine runs an operating system, reading a value stored in the MSR;
the starting processor takes the read value as a jump table address;
and the starting processor writes an operating system starting execution address of an application processor of the virtual machine into a jump table corresponding to the jump table address.
3. The method for starting up a virtual machine according to claim 1, wherein before writing an operating system start-up execution address of an application processor into a preset jump table when a start-up processor of the virtual machine runs the operating system, further comprising:
and when the starting processor runs the basic input and output system, applying for a memory space as a jump table which can only be read and written by the virtual machine.
4. A virtual machine multi-core boot method according to any of claims 1-3, further comprising, before the boot processor of the virtual machine runs an operating system:
the starting processor starts a basic input output system according to a first address of a virtual machine monitor VMM, which is arranged in a virtual machine state storage area VMSA of the starting processor, and sends a basic input output system starting signal to the application processor; the first address is a basic input/output system starting address corresponding to the starting processor;
after receiving the starting signal of the basic input/output system, the application processor starts the basic input/output system according to a second address set in a virtual machine state storage area VMSA of the application processor by a virtual machine monitor VMM; the second address is a basic input/output system starting address corresponding to the application processor;
after the application processor completes the basic input/output system starting task, the application processor pauses in the basic input/output system mode under the control of a Virtual Machine Monitor (VMM).
5. A virtual machine, comprising: a startup processor and an application processor;
the starting processor is used for writing an operating system starting execution address of the application processor into a preset jump table when the operating system is operated, and then sending an operating system starting signal to the application processor; the jump table can only be read and written by the virtual machine;
the application processor is used for reading the operating system starting execution address of the application processor recorded in the jump table after receiving the operating system starting signal, and starting the operating system;
the virtual machine also comprises a model related register MSR;
the starting processor is further used for writing the address of the jump table into the MSR when the basic input/output system is operated; wherein, only the virtual machine can be accessed by the MSR, and the read-write of the MSR is not intercepted by a virtual machine monitor VMM.
6. The virtual machine of claim 5, wherein the boot processor is further configured to read a value stored in the MSR when running an operating system, take the read value as a jump table address, and write an operating system boot execution address of an application processor of the virtual machine into a jump table corresponding to the jump table address.
7. The virtual machine of claim 5, wherein the boot processor is further configured to apply for a memory space as a jump table that can only be read and written by the virtual machine when running the bios.
8. A virtual machine as recited in any one of claims 5-7, wherein,
the starting processor is further configured to start the basic input/output system according to a first address set in a virtual machine state storage area VMSA of the starting processor by a virtual machine monitor VMM before running the operating system, and send a basic input/output system starting signal to the application processor; the first address is a basic input/output system starting address corresponding to the starting processor;
the application processor is further configured to start the bios according to a second address of the virtual machine monitor VMM set in the virtual machine state storage area VMSA of the application processor after receiving the bios start signal, and suspend in the bios mode under the control of the virtual machine monitor VMM after completing the bios start task; and the second address is a basic input/output system starting address corresponding to the application processor.
9. A processor chip, comprising: a processor core;
the processor core is configured to run a virtual machine to execute the following procedures:
when a starting processor of a virtual machine runs an operating system, writing an operating system starting execution address of an application processor of the virtual machine into a preset jump table; the jump table can only be read and written by the virtual machine; the processor core is further configured to perform: setting a model related register MSR in the virtual machine before an operating system start execution address of an application processor of the virtual machine is written into a preset jump table when a start processor of the virtual machine runs the operating system; the MSR is only accessible to the virtual machine, and the reading and writing of the MSR cannot be intercepted by a Virtual Machine Monitor (VMM); the starting processor writes the address of the jump table into the MSR when the basic input/output system is operated;
the starting processor sends an operating system starting signal to the application processor;
and after receiving the operating system starting signal, the application processor reads an operating system starting execution address of the application processor recorded in the jump table and starts an operating system.
10. The processor chip of claim 9, wherein the boot processor of the virtual machine writes an operating system boot execution address of an application processor of the virtual machine into a preset jump table when running the operating system, specifically comprising:
when a starting processor of the virtual machine runs an operating system, reading a value stored in the MSR;
the starting processor takes the read value as a jump table address;
and the starting processor writes an operating system starting execution address of an application processor of the virtual machine into a jump table corresponding to the jump table address.
11. The processor chip of claim 9, wherein the processor core is further configured to perform:
and the starting processor applies a memory space as a jump table which can only be read and written by the virtual machine when the basic input/output system is operated before the starting processor of the virtual machine writes the starting execution address of the operating system of the application processor into a preset jump table when the starting processor of the virtual machine is operated.
12. The processor chip of any one of claims 9-11, wherein the processor core is further configured to perform:
before a starting processor of the virtual machine runs an operating system, the starting processor starts a basic input output system according to a first address of a virtual machine monitor VMM (virtual machine monitor) arranged in a virtual machine state storage area VMSA of the starting processor and sends a basic input output system starting signal to the application processor; the first address is a basic input/output system starting address corresponding to the starting processor;
after receiving the starting signal of the basic input/output system, the application processor starts the basic input/output system according to a second address set in a virtual machine state storage area VMSA of the application processor by a virtual machine monitor VMM; the second address is a basic input/output system starting address corresponding to the application processor;
after the application processor completes the basic input/output system starting task, the application processor pauses in the basic input/output system mode under the control of a Virtual Machine Monitor (VMM).
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010919963.7A CN112099914B (en) | 2020-09-03 | 2020-09-03 | Virtual machine multi-core starting method, virtual machine and processor chip |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010919963.7A CN112099914B (en) | 2020-09-03 | 2020-09-03 | Virtual machine multi-core starting method, virtual machine and processor chip |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112099914A CN112099914A (en) | 2020-12-18 |
| CN112099914B true CN112099914B (en) | 2023-07-21 |
Family
ID=73757292
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010919963.7A Active CN112099914B (en) | 2020-09-03 | 2020-09-03 | Virtual machine multi-core starting method, virtual machine and processor chip |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112099914B (en) |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101477496A (en) * | 2008-12-29 | 2009-07-08 | 北京航空航天大学 | NUMA structure implementing method based on distributed internal memory virtualization |
| CN101477495A (en) * | 2008-10-28 | 2009-07-08 | 北京航空航天大学 | Implementing method for distributed internal memory virtualization technology |
| CN108292233A (en) * | 2015-12-21 | 2018-07-17 | 英特尔公司 | Open the application processor of virtual machine |
-
2020
- 2020-09-03 CN CN202010919963.7A patent/CN112099914B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101477495A (en) * | 2008-10-28 | 2009-07-08 | 北京航空航天大学 | Implementing method for distributed internal memory virtualization technology |
| CN101477496A (en) * | 2008-12-29 | 2009-07-08 | 北京航空航天大学 | NUMA structure implementing method based on distributed internal memory virtualization |
| CN108292233A (en) * | 2015-12-21 | 2018-07-17 | 英特尔公司 | Open the application processor of virtual machine |
Also Published As
| Publication number | Publication date |
|---|---|
| CN112099914A (en) | 2020-12-18 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US7904914B2 (en) | On-the-fly replacement of physical hardware with emulation | |
| JP4843013B2 (en) | System and method for preventing user OS in VMM system from turning off device used by service OS | |
| KR101920980B1 (en) | Access isolation for multi-operating system devices | |
| JP6111181B2 (en) | Computer control method and computer | |
| JP2009176213A (en) | Network boot system | |
| CN101697134A (en) | Method for supporting quick start of similar virtual machine | |
| CN112286823A (en) | Method and device for testing kernel of operating system | |
| CN110716845B (en) | Log information reading method of Android system | |
| JP2015038644A (en) | Computer and method of updating virtual machine | |
| CN112541166A (en) | Method, system and computer readable storage medium | |
| CN112596950A (en) | Virtual machine data backup method, device, equipment and storage medium | |
| CN107193633A (en) | A kind of batch creates the method and device of virtual machine | |
| CN112099914B (en) | Virtual machine multi-core starting method, virtual machine and processor chip | |
| CN105808440A (en) | Application low memory test method, apparatus and system | |
| EP3341834B1 (en) | Exception handling | |
| WO2020177567A1 (en) | Method, apparatus, and system for migrating data | |
| CN116028129B (en) | UEFI (unified extensible firmware interface) quick starting method based on Feiteng platform and Feiteng platform | |
| US7752030B2 (en) | Virtualization as emulation support | |
| US11526358B2 (en) | Deterministic execution replay for multicore systems | |
| CN114528141A (en) | Method and device for repairing program defects in embedded system kernel mode | |
| CN115408064A (en) | Method, server and related equipment for supporting kernel online update | |
| CN103870748B (en) | The security processing and device of virtual machine | |
| JP2009181373A (en) | Method of storing/reproducing network reception history, and information processor | |
| CN112416536A (en) | Method for extracting processor execution context and processor | |
| CN116661879A (en) | Processor, starting method and starting device of processor |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |