CN114398145A - Method for operating non-root Linux by Jailhouse based on X86 platform - Google Patents
Method for operating non-root Linux by Jailhouse based on X86 platform Download PDFInfo
- Publication number
- CN114398145A CN114398145A CN202111511902.8A CN202111511902A CN114398145A CN 114398145 A CN114398145 A CN 114398145A CN 202111511902 A CN202111511902 A CN 202111511902A CN 114398145 A CN114398145 A CN 114398145A
- Authority
- CN
- China
- Prior art keywords
- linux
- jailhouse
- platform
- file
- root
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/448—Execution paradigms, e.g. implementations of programming paradigms
- G06F9/4482—Procedural
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/44—Arrangements for executing specific programs
- G06F9/455—Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
- G06F9/45533—Hypervisors; Virtual machine monitors
- G06F9/45558—Hypervisor-specific management and integration aspects
- G06F2009/45562—Creating, deleting, cloning virtual machine instances
Abstract
The invention relates to the technical field of computer science, in particular to a method for operating a Linux system by Jailhouse based on an X86 platform, which comprises the following steps: s1, building a QEMU virtual machine on an X86 platform based on a Jailhouse program, wherein the QEMU virtual machine is used for simulating a Linux system; s2, taking out a Linux kernel file and a Linux root system file in the construction file of the QEMU virtual machine; s3, modifying linux-x86-demo.c provided by Jailhouse, and generating new linux-x 86-demo.cell; s4, merging the Linux kernel file, the Linux root system file and the Linux-x86-demo. cell to generate a merged file; and S5, running non-root Linux on the X86 platform through the merged file. The method can realize that non-root Linux is operated by using Jailhouse on the X86 platform, and can greatly shorten the technical research time of engineers in related fields in China.
Description
Technical Field
The invention relates to the technical field of computer science, in particular to a method for operating non-root Linux by Jailhouse based on an X86 platform.
Background
Jailhouse is a Linux-based partition manager, distributed by siemens in 2013, following the GPLv2 protocol. Jailhouse is much higher in virtualization than QEMU, KVM, XEN equivalent ratio, and can be applied to the embedded field, and besides Linux, it can run bare-computer application programs or (adapted) operating systems. To this end, it configures the hardware platform's CPU and device virtualization functions in such a way that none of the domains (referred to herein as "cells") interfere with each other in an unacceptable manner. Jailhouse is optimized for simplicity rather than function enrichment, and unlike full-function virtual machine management programs such as KVM or XEN that are based on Linux, Jailhouse does not support excessive use of resources such as CPU, RAM, or devices. Virtualize only those resources in software that are essential to the platform and cannot be partitioned in hardware. Once Jailhouse is enabled, it runs on the bare metal, i.e. the hardware can be fully controlled without external support. However, in contrast to other bare metal hypervisors, it is loaded and configured by the normal Linux system. The management interface is based on Linux infrastructure. Thus, Linux is started first, then Jailhouse is enabled, and finally a portion of the system resources are split and allocated to other units.
However, the help documentation of Jailhouse is not perfect at present, the tools provided by the authorities have many errors, a method for running non-rootLinux in an X86 environment is not provided, and a systematic deployment course is not provided. The non-root Linux refers to Guest Linux running on a host machine Linux.
Therefore, it is necessary to provide a running method, so that the method can realize running non-root Linux on an X86 platform by using Jailhouse.
Disclosure of Invention
Solves the technical problem
Aiming at the defects in the prior art, the invention provides a method for operating non-root Linux by Jailhouse based on an X86 platform, which can realize that the non-root Linux is operated by the Jailhouse on the X86 platform, and can greatly shorten the technical research time of engineers in related fields in China.
Technical scheme
In order to achieve the purpose, the invention is realized by the following technical scheme:
the invention provides a method for operating non-root Linux by Jailhouse based on an X86 platform, which comprises the following steps:
s1, building a QEMU virtual machine on an X86 platform based on a Jailhouse program, wherein the QEMU virtual machine is used for simulating a Linux system;
s2, taking out a Linux kernel file and a Linux root system file in the construction file of the QEMU virtual machine;
s3, modifying linux-x86-demo.c provided by Jailhouse, and generating new linux-x 86-demo.cell;
s4, merging the Linux kernel file, the Linux root system file and the Linux-x86-demo. cell to generate a merged file;
and S5, running non-root Linux on the X86 platform through the merged file.
Further, the building of the QEMU virtual machine on the X86 platform based on the Jailhouse program specifically includes:
the Jailhouse program is run correctly: downloading and compiling official Jailhouse program source codes on an X86 platform; detecting X86 platform hardware through a Jailhouse program, and modifying the kernel parameter of the Jailhouse program after detecting the hardware without errors so as to select a serial port of a Linux system; generating a configuration file and a system cell by using a Jailhouse command;
downloading official Jailhouse-images program source codes, and constructing the QEMU virtual machine through the Jailhouse-images program.
Further, the official Jailhouse program source code is downloaded and compiled using the git tool on the X86 platform.
Further, step S3 specifically includes:
all members in the pci _ caps genus group provided by Jailhouse are included with # ifdef CONFIG _ QEMU _ E1000E _ assign, and the genus group length of the pci _ cap is modified;
modify irqchits field, keep sysconfig.c, delete PIO _ RANGE (0x3000) and modify PIO _ RANGE generic group length to generate new linux-x 86-demo.cell.
Based on the same inventive concept, the present invention also provides an electronic device comprising a processor and a memory, wherein the memory stores a computer program, and the computer program realizes the method of any one of the above items when being executed by the processor.
Based on the same inventive concept, the present invention further provides a readable storage medium, in which a computer program is stored, and the computer program, when executed by a processor, implements the method of any one of the above.
Advantageous effects
The method for operating non-root Linux by using Jailhouse based on the X86 platform can realize that the non-root Linux is operated by using Jailhouse on the X86 platform, and can greatly shorten the technical research time of engineers in related fields in China.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below. It is obvious that the drawings in the following description are only some embodiments of the invention, and that for a person skilled in the art, other drawings can be derived from them without inventive effort.
Fig. 1 is a schematic diagram illustrating steps of a method for operating non-rootLinux by Jailhouse based on an X86 platform according to an embodiment of the present invention;
fig. 2 is a schematic flow chart of a method for operating non-rootLinux by Jailhouse based on an X86 platform according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention. It is to be understood that the embodiments described are only a few embodiments of the present invention, and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Referring to fig. 1, an embodiment of the present invention provides a method for operating non-root Linux by Jailhouse based on X86 platform, including the following steps:
s1, building a QEMU virtual machine on an X86 platform based on a Jailhouse program, wherein the QEMU virtual machine is used for simulating a Linux system;
s2, taking out a Linux kernel file and a Linux root system file in the construction file of the QEMU virtual machine;
s3, modifying linux-x86-demo.c provided by Jailhouse, and generating new linux-x 86-demo.cell;
s4, merging the Linux kernel file, the Linux root system file and the Linux-x86-demo. cell to generate a merged file;
and S5, running non-rootLinux on the X86 platform through the merged file.
The target is to run a non-root Linux system through Jailhouse (Linux-based partition management program) based on an X86 platform, and the idea is as follows: firstly, the official apic-demo of Jailhouse needs to be correctly operated, then the official Jailhouse-images project is downloaded, a QEMU virtual machine is built, two files, namely a kernel file (such as vmlinux-5.10.31) and a root system file (such as rootfs. cpio), are taken out from a file folder of the QEMU virtual machine, linux-x86-demo. c provided by official codes of the Jailhouse is modified, and new linux-x86-demo. cell is created. And finally, using the Linux-X86-demo. cell, the kernel file and the root system file, and synthesizing the three files to be used as the system file of the non-root Linux on the X86 platform to start the non-root Linux.
In this embodiment, referring to fig. 2, in step S1, when downloading the official Jailhouse source code and compiling, using the git tool clone to download the source code from the Jailhouse official address, and executing the command: make-j 8; make install. Then, the X86 platform hardware is detected by the Jailhouse program, i.e. detected by the Jailhouse hardware check, the display result must be "check cleared! "indicates that the detection is error-free, and the kernel parameter of the Jailhouse program is modified after the detection is error-free so as to select the serial port of the Linux system to execute the command; if not, the CPU supporting the VMX and the Preempt timer needs to be replaced. Further, modify the kernel parameter of Jailhouse program, i.e. modify GRUB _ cmline _ LINUX variable of/etc/default/GRUB file, finally add "intel _ iommu ═ offmmmap ═ 82M \ \ $0x3a000000console ═ ttyS1, 115200" parameter, and regenerate GRUB configuration file, note that there is no need to use ttyS0, because the really available serial port is reserved for Jailhouse debugging, if there is used ttyS0, Jailhouse reports the problem of 3F8 port error in operation. Still further, generating a configuration file and a system cell: using jailhouse command, syscon fig. c configuration file is generated in the configs/x86 folder, and after success make again, the syscon fig. cell file is generated in the configs/x86 folder. And finally, downloading an official Jailhouse-images source code and constructing a QEMU virtual machine: installing git elfulls-libelf-level QEMU-kvm python3 python3-pip software, downloading a source code from an official address by using a git tool, manually downloading a container mirror image after setting a terminal agent, then operating the container, and manually constructing the QEMU virtual machine.
In this embodiment, referring to fig. 2, modifying Jailhouse heavy linux-x86-demo.c and generating a new cell includes the following specific steps: first, all members in the pci _ caps group are included with # ifdef CONFIG _ QEMU _ E1000E _ ASSIGNMENT, and the group length of the pci _ cap is modified. Then. The irqchips field is modified to transcribe sysconfig. Finally, PIO _ RANGE (0x3000) is deleted, and PIO _ RANGE generic group length is modified, generating a new linux-x86-demo. And the aim that the cell does not crash is achieved by modifying the pci _ caps field, the irqchips field and the pio _ range field.
In this embodiment, running non-root Linux on the X86 platform through the merged file may be performed according to the following steps: using the command: jailhouse cell linux-x86-demo. cellvmlinux-5.10.31-irootfs. cpio- "console ═ ttys0, 1152008250. nr _ uarts ═ 1", the aforementioned vmlinux-5.10.31 and rootfs. cpio are both generated in step 3. If one wants to use its own kernel, one can modify the configuration CONFIG _ JAILHOUSE _ check, CONFIG _ serial, CONFIG _ PM _ TRACE _ RTC, and generate a new kernel file to replace vmlinux-5.10.31. The corresponding rootfs. cpio may also use initramfs. img generated by the new kernel.
Based on the same inventive concept, the present invention further provides an electronic device, which includes a processor and a memory, where the memory stores a computer program, and the computer program, when executed by the processor, implements the method for operating non-root Linux by Jailhouse based on X86 platform.
The processor may be, in some embodiments, a Central Processing Unit (CPU), a controller, a microcontroller, a microprocessor (e.g., a GPU), or other data Processing chip. The processor is typically used to control the overall operation of the electronic device. In this embodiment, the processor is configured to execute the program code stored in the memory or process data, for example, execute the program code of the method for operating non-root Linux by Jailhouse based on the X86 platform.
The memory includes at least one type of readable storage medium including a flash memory, a hard disk, a multimedia card, a card type memory (e.g., SD or DX memory, etc.), a Random Access Memory (RAM), a Static Random Access Memory (SRAM), a Read Only Memory (ROM), an Electrically Erasable Programmable Read Only Memory (EEPROM), a Programmable Read Only Memory (PROM), a magnetic memory, a magnetic disk, an optical disk, etc. In some embodiments, the storage may be an internal storage unit of the electronic device, such as a hard disk or a memory of the electronic device. In other embodiments, the memory may also be an external storage device of the electronic device, such as a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), and the like provided on the electronic device. Of course, the memory may also include both internal and external memory units of the electronic device. In this embodiment, the memory is generally configured to store an operating method installed in the electronic device and various types of application software, for example, a program code of a method for operating non-root Linux by Jailhouse based on an X86 platform. In addition, the memory may also be used to temporarily store various types of data that have been output or are to be output.
Based on the same invention idea, the invention further provides a readable storage medium, in which a computer program is stored, and when the computer program is executed by a processor, the method for operating non-root Linux by Jailhouse based on the X86 platform is implemented.
The above examples are only intended to illustrate the technical solution of the present invention, but not to limit it; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and the modifications or the substitutions do not cause the essence of the corresponding technical solutions to depart from the scope of the technical solutions of the embodiments of the present invention.
Claims (6)
1. A method for operating non-root Linux by Jailhouse based on an X86 platform is characterized by comprising the following steps:
s1, building a QEMU virtual machine on an X86 platform based on a Jailhouse program, wherein the QEMU virtual machine is used for simulating a Linux system;
s2, taking out a Linux kernel file and a Linux root system file in the construction file of the QEMU virtual machine;
s3, modifying linux-x86-demo.c provided by Jailhouse, and generating new linux-x 86-demo.cell;
s4, merging the Linux kernel file, the Linux root system file and the Linux-x86-demo. cell to generate a merged file;
and S5, running non-root Linux on the X86 platform through the merged file.
2. The method for operating non-root Linux by Jailhouse based on X86 platform according to claim 1, wherein the building of the QEMU virtual machine on the X86 platform by the Jailhouse program specifically includes:
the Jailhouse program is run correctly: downloading and compiling official Jailhouse program source codes on an X86 platform; detecting X86 platform hardware through a Jailhouse program, and modifying the kernel parameter of the Jailhouse program after detecting the hardware without errors so as to select a serial port of a Linux system; generating a configuration file and a system cell by using a Jailhouse command;
downloading official Jailhouse-images program source codes, and constructing the QEMU virtual machine through the Jailhouse-images program.
3. The method for operating non-root Linux by Jailhouse based on X86 platform according to claim 2, wherein the official Jailhouse program source code is downloaded and compiled using git tool on X86 platform.
4. The method for Jailhouse running non-root Linux based on X86 platform as claimed in claim 1, wherein step S3 specifically includes:
all members in the pci _ caps genus group provided by Jailhouse are included with # ifdef CONFIG _ QEMU _ E1000E _ assign, and the genus group length of the pci _ cap is modified;
modify irqchits field, keep sysconfig.c, delete PIO _ RANGE (0x3000) and modify PIO _ RANGE generic group length to generate new linux-x 86-demo.cell.
5. An electronic device comprising a processor and a memory, the memory having stored thereon a computer program which, when executed by the processor, implements the method of any of claims 1 to 4.
6. A readable storage medium, in which a computer program is stored which, when being executed by a processor, carries out the method of any one of claims 1 to 4.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202111511902.8A CN114398145A (en) | 2021-12-06 | 2021-12-06 | Method for operating non-root Linux by Jailhouse based on X86 platform |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202111511902.8A CN114398145A (en) | 2021-12-06 | 2021-12-06 | Method for operating non-root Linux by Jailhouse based on X86 platform |
Publications (1)
Publication Number | Publication Date |
---|---|
CN114398145A true CN114398145A (en) | 2022-04-26 |
Family
ID=81226385
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202111511902.8A Pending CN114398145A (en) | 2021-12-06 | 2021-12-06 | Method for operating non-root Linux by Jailhouse based on X86 platform |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN114398145A (en) |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN115269057A (en) * | 2022-09-23 | 2022-11-01 | 麒麟软件有限公司 | Method for generating configuration file of isolation system based on equipment tree |
CN115543545A (en) * | 2022-11-25 | 2022-12-30 | 麒麟软件有限公司 | Method for realizing equipment isolation by Jailhouse using ACPI |
CN115599502A (en) * | 2022-10-17 | 2023-01-13 | 麒麟软件有限公司(Cn) | RTOS network sharing method based on virtual machine monitor |
CN115686889A (en) * | 2023-01-04 | 2023-02-03 | 麒麟软件有限公司 | Method for using Ivshmem by Jailhouse based on ACPI |
CN116204933A (en) * | 2023-05-05 | 2023-06-02 | 麒麟软件有限公司 | Method for isolating PCIe network card based on jailhouse under ARM64 architecture |
CN117421096A (en) * | 2023-12-19 | 2024-01-19 | 麒麟软件有限公司 | SMMU (SMMU) using method based on jailhouse virtual machine monitor |
-
2021
- 2021-12-06 CN CN202111511902.8A patent/CN114398145A/en active Pending
Cited By (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN115269057A (en) * | 2022-09-23 | 2022-11-01 | 麒麟软件有限公司 | Method for generating configuration file of isolation system based on equipment tree |
CN115269057B (en) * | 2022-09-23 | 2023-01-20 | 麒麟软件有限公司 | Method for generating configuration file of isolation system based on equipment tree |
CN115599502A (en) * | 2022-10-17 | 2023-01-13 | 麒麟软件有限公司(Cn) | RTOS network sharing method based on virtual machine monitor |
CN115543545A (en) * | 2022-11-25 | 2022-12-30 | 麒麟软件有限公司 | Method for realizing equipment isolation by Jailhouse using ACPI |
CN115543545B (en) * | 2022-11-25 | 2023-03-17 | 麒麟软件有限公司 | Method for realizing equipment isolation by using ACPI (application specific protocol) by Jailhouse |
CN115686889A (en) * | 2023-01-04 | 2023-02-03 | 麒麟软件有限公司 | Method for using Ivshmem by Jailhouse based on ACPI |
CN115686889B (en) * | 2023-01-04 | 2023-03-28 | 麒麟软件有限公司 | Method for using Ivshmem by Jailhouse based on ACPI |
CN116204933A (en) * | 2023-05-05 | 2023-06-02 | 麒麟软件有限公司 | Method for isolating PCIe network card based on jailhouse under ARM64 architecture |
CN116204933B (en) * | 2023-05-05 | 2023-09-26 | 麒麟软件有限公司 | Method for isolating PCIe network card based on jailhouse under ARM64 architecture |
CN117421096A (en) * | 2023-12-19 | 2024-01-19 | 麒麟软件有限公司 | SMMU (SMMU) using method based on jailhouse virtual machine monitor |
CN117421096B (en) * | 2023-12-19 | 2024-04-05 | 麒麟软件有限公司 | SMMU (SMMU) using method based on jailhouse virtual machine monitor |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN114398145A (en) | Method for operating non-root Linux by Jailhouse based on X86 platform | |
CN106227579B (en) | Docker container construction method and Docker management console | |
CN109478135B (en) | Computer system and method for rebooting a computer system | |
CN108847950B (en) | Electronic device, cloud system software automatic deployment method and storage medium | |
KR101856284B1 (en) | Backing up firmware during initialization of device | |
CN107807839B (en) | Method and device for modifying memory data of virtual machine and electronic equipment | |
KR20110098567A (en) | Method and apparatus for generating minimal boot image | |
CN105739961B (en) | Starting method and device of embedded system | |
US20060190933A1 (en) | Method and apparatus for quickly developing an embedded operating system through utilizing an automated building framework | |
CN107463426B (en) | Method and device for cloning virtual machine under KVM virtualization | |
US10866881B1 (en) | Firmware debug trace capture | |
US10664598B1 (en) | Firmware security patch deployment | |
US9672047B1 (en) | Systems and methods for accessing a bootable partition on a serial peripheral interface device | |
CN113238819B (en) | Dynamic loading method and system of drive file suitable for U-Boot | |
US11928489B2 (en) | Extension application mechanisms through intra-process operation systems | |
CN111124288A (en) | VPD storage management method, device, equipment and readable storage medium | |
CN110515671B (en) | Initialization method, initialization device, terminal device and readable storage medium | |
CN113868174B (en) | Verification platform building method and device and storage medium | |
CN114756296A (en) | Read-write mounting starting method and device, storage medium and electronic equipment | |
CN113867768A (en) | Operating system processing method and device, electronic equipment and storage medium | |
US10552135B1 (en) | Reducing a size of an application package | |
CN111694580B (en) | Method and device for upgrading and initializing storage device and electronic device | |
CN106557354B (en) | Method for setting attribute parameters of private image and computer equipment | |
US11106457B1 (en) | Updating firmware runtime components | |
CN114398144A (en) | Method for building Jailhouse by using QEMU based on X86 platform |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |