Does MiniVisor virtualize any of the hardware like network card?

[lonnietc]

Hello,

I am interested in UEFI level hypervisors for parapass-throgh approaches such that some of the hardware is virtualized and was wondering if MiniVisor has this ability?

If not, then how hard do you think that it would be to implement?

Thanks, and have a great day

[tandasat]

MiniVisor does not virtualize any device.

I have never attempted to emulate devices so hard to say, but my impression is that it is a substantial amount or work, but perfectly doable even for dedicated hobbyists. Complexity heavily varies depending on which a device you want to emulate for the guest. For example, this paper explained their ATA device emulation was 1.4 KLOC. https://dl.acm.org/doi/10.1145/1508293.1508311 Your hypervisor may need actual driver(s) for the target hardware too. I have an impression that this part is more challenging as you likely need to target modern, complex hardware.

[lonnietc]

Thanks for our input on this and I was thinking to look into the EDK2 project as well as some other bare metal libraries to see hwat might be needed on the network side.

I also just tried to follow your "Building and Debug" docs using prebuilt efi images. Actually I download the shell.efi as well as your 20200308 NOOPT release and made a boot USB so that I could just see it run.

It booted into the shell just fine and I found my USB at FS0: and loaded the MiniVisor without any problems.

After that I typed "exit" as your documentation says but it did not go back an try to boot the system into my Ubuntu 22.04 in this case on real hardware (Intel NUC 7) it just left me at the "shell> prompt. Did I miss something?

You mentioned that when the current MiniVisor is loaded and then Windows or Linux boots you then you can run the hypercall application to see it return the virtualized CPU's in this case. I am wondering if you are able to utilize one or two of the core independently in the MiniVisor or possible Threads.

The reason that I ask is that I was under the impression that the UEFI application only runs in a single core single thread and for the project that I am trying to work on (i,e. To embed a vSwitch or vRouter at the UEFI level in its own core for high performance) and in a Parapass-through hypervisor for a type of P2P Routing Mesh VPN network system.

With that in mind, then does MiniVisor actually virtualize all of the CPU core or basically just report on them?

On a side note, I was wondering if maybe you might like to discuss the possibilities of working on this project as well since you have great familiarity with MiniVisor that could be the core as I am looking at it as well as BitVisor as a possible core to build from and either have great potential for an eventual online community that will offer P2P services which we can talk about more if you are interested.

Thanks again and have a great day

[tandasat]

MiniVisor virtualizes logical cores reported by UEFI.

On booting the system, are you saying after the exit command, the system froze? Please try the same operations without loading MiniVisor to make sure your system does work with that way. One of my Dell device does not like to go back to the boot menu with exit. Otherwise, it may be a compatibility issue.

[lonnietc]

Hello,

Sorry for the late reply and I did a bit of testing on the Intel NUC7.

1. Loading just the "shell.efi" --- Then if I exit 2 times then it boots into Ubuntu 22.04

2. Start shell.efi then load MiniVisor.efi --- It gives me a message that the load was successful at which time I exit from FS0: then exit from shell. The screen goes blank and then after some time I seem a message stating "ExitBootServices ..." called and then after some more time, I see it trying to load with a number of messages but mostly saying "Do boot CPU failed" and some messages stating "Watchdog BUGS Soft Lockup ..." for the number of CPU's which seem to be 3 in this case of the NUC7.

I am guessing that this is a compatibility issue for some reason.

Thanks again

[tandasat]

Thank you for the details. I might know that issue.

Please try specifying the init_cpu_udelay= kernel parameter when booting ubuntu (under the hypervisor). 1000 reliably resolved the similar issue in my case. If it does, I will post details somewhere discoverable.

[lonnietc]

I'll have to try an figure out how to get that inserted since if I go to the shell.efi and then load the minivisor and exit then it does not seem to go back to the grub menu and goes right into the problems that I mentioned.

It my just be going through grub quickly and I will see about adjusting, if possible.

Will let you know.

[lonnietc]

Hello,

I have not had much luck in getting things to boot but will keep trying.

Also, recently I have been reading that Secure Boot is used on many systems.

Doesn't that really prevent UEFI hypervisors like MiniVisor from being utilized?

I was actually searching the Internet trying to locate some statistics on about how many systems or what percentage actually use Secure Boot but have not found any information on this yet.

Do you have any ideas on this? Thanks

[tandasat]

If you are struggling to insert the kernel command line, you can specify that in some file. IIRC, /etc/default/grub.

Whether secure boot becomes issue depends on your use cases. You may sign your hypervisor proper, or ask the system owner to disable secure boot, or modify the policy to allow your hypervisor (say, its hash, or your cert). I would assume secure boot is turned on for Windows environment. Linux, not so much, though I cannot provide data.