Shulou(Shulou.com)05/31 Report--

This article mainly analyzes the relevant knowledge points of how to carry out StratoVirt code analysis, the content is detailed and easy to understand, the operation details are reasonable, and has a certain reference value. If you are interested, you might as well follow the editor to take a look, and follow the editor to learn more about "how to analyze StratoVirt code".

StratoVirt code analysis function

The current main function of StraoVirt is the ability to create a microVM. The virtual machine provides a sandbox function that provides a layer of security isolation for other applications running on it. It makes up for the deficiency of docker in security.

Code parsing

The following figure shows the main flow of the current StratoVirt. Mainly divided into the following steps:

Create a virtual machine configuration based on command line parameters

Create LightMachine objects based on virtual machine configuration

Instantiate virtual machines based on virtual machine configuration

Specifically instantiate the device objects contained in the virtual machine

Load virtual machine kernel

Generate device tree

Start the vCPU of the virtual machine

Start the virtual machine main thread loop

The five steps for creating a virtual machine are briefly described above, and the key steps are analyzed in detail below:

LightMachine object construction

Here is a brief introduction to the Rust language, Rust is a system-level language, the main features come from C and Cellular languages, so it can also be very efficient use of memory. It is a strongly typed language, and the compiler will clearly know the specific type of data when compiling, so it can make a clear judgment on whether the memory operation of the type is legal or not. Therefore, it provides strict security checks when compiling, and illegal use of memory will lead to compilation failure. Therefore, it is a relatively safe system development language.

LightMachine is a class wrapper for lightweight virtual machine objects. The new function is equivalent to the constructor of the class, but the call is displayed.

The first step is to open the device descriptor for / dev/kvm.

The second step is to create an empty virtual machine, kvm.create_vm (). The actual package here is ioctl (fd, KVM_CREATE_VM, param). An empty virtual machine is created by calling the API interface of kvm. The virtual machine currently has no memory and CPU.

The third step is to create virtual machine memory. The virtual machine memory object is encapsulated in the AddressSpace class.

The data structure of AddressSpace is somewhat complex. First, its root object points to a Region, and the Region initially created is of type region_container, which is used to manage the "virtual memory strips" added later.

The fourth step is to create the physical memory used by the guest virtual machine. Call mmap to map a section of memory space to the process space of the virtual machine. Sys_mem.root (). Add_subregion is used to add the mapped real-memory region area to the AddressSpace object created in the previous step and save it in subregions.

The fifth step is to create the cpu, where vm_fd.create_vcpu is called to create the vcpu object. The actual underlying encapsulation is ioctl (fd, KVM_CREATE_VCPU) to tell kvm to create a vcpu object.

The sixth step is to create an interrupt control device. What is called here is the gic library to create a V3 interrupt controller.

At this point, the virtual machine object has basically been created, including the vcpu and memory that the virtual machine needs to use.

Instantiate a virtual machine

This step is mainly completed is 1. Realization of the equipment 2. Kernel load 3. Device tree generation

Equipment realization

It iterates over which devices are configured by the virtual machine, and then calls the specific realize function for that device. Currently only one mmio device has been implemented.

The implementation of the device is also relatively simple, adding command line parameters to the kernel.

Load kernel

The main way to load the kernel is to open the kernel img file, read the image file data into memory, and set the starting position of bootloader execution.

Create a device tree

The creation of the device mainly depends on the device tree creation interface in the kernel C library.

Start the virtual machine

Iterate through the previously created vCPU in turn. Then call CPU::start to start the CPU. The main thing start does is create a user-space thread and then call cpu.set_task to put the thread on CPU to execute. The thread contains a loop, where cpu.kvm_vcpu_exec handles the return of the kvm. For example, VcpuExit::IoIn, this is the exit value encapsulated by the rust library kvm-ioctls. There are actually many exit types defined in kvm.

There is an example of a virtual machine in kvm-ioctls, the code is less than 100 lines, and the main function is similar to the current function of StratoVirt. What StraoVirt does is encapsulate a large number of class structures and bus device models on it in an object-oriented way, so that later device modules can be added on the bus. At present, StratoVirt is only a code framework with simple virtual machine function, and the gap between qemu and qemu is that qemu can simulate almost all mainstream devices. What StratoVirt currently lacks is this part of the code.

This is the end of the introduction on "how to analyze StratoVirt code". More related content can be searched for previous articles, hoping to help you answer questions and questions, please support the website!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.