06 Sep 2018

Hypervisor

With the advent of complex and advanced embedded processors providing an array of resourceful features, there has been a key feature that has stood out amongst the others. That feature is the ability to concurrently run multiple operating systems or execution threads on a single processing unit (like a SoC or a SoM). This provides the end user the power to harness the best features of various operating systems for a particular scenario simultaneously. For example, in an automotive environment, real-time operating system can best handle the signals from CAN, MODBUS and other sensor inputs from the car control system since they have to be handled in real time. The infotainment system, on the other hand, can run any other complex and feature-rich non-real-time operating system like Linux or Android for providing the necessary features for infotainment. This simultaneous operation of multiple operating systems is possible only if hypervisor software is running on the SoC/SoM.

Hypervisor is software which launches even before the bootloader and unlike the bootloader, keeps on running throughout the system power cycle providing:

1.Device virtualization
2.Arbitration of resources
3.Support for running multiple operating systems at the same time
4.Inter-operating system communication

A hypervisor runs at a higher privilege level than the operating system and bootloaders. It runs at EL2 privilege level or the HYP mode which allows it to perform many virtualization functions as mentioned above. It is only available in processors which are ARM v8 and above.

Qualcomm chips also support a basic hypervisor. Here are some of the capabilities of Qualcomm Hypervisor on Snapdragon 820 chipsets on automotive development platform:

1. Access control of various peripherals
2. Secure configuration of various peripherals
3. Supports two-level address translation
4. Efficiently handling various memory and access faults

Qualcomm Hypervisor is loaded after the primary bootloader boots up. It performs many basic functions related to memory mappings and peripheral access. The hypervisor maintains a two-level address translation. The operating system addresses are first translated into intermediate physical addresses (IPA) via page tables and MMU supported by the operating system. Then, these intermediate physical addresses are translated to actual physical addresses again with the help of page tables and MMU done by the hypervisor. With increasing system complexity there is a possibility that IPA’s generated may overlap leading to problems in accessing shared resources simultaneously. The two-level address translation with the second level governed by the hypervisor helps in avoiding issues due to overlapping addresses and arbitrates sharing of physical resources.

Secure configuration of various peripherals ensures that all the peripherals are accessed in a controlled and monitored the environment and only valid peripheral access requests would be allowed by the hypervisor.  This provides protection against operating threads not meant for accessing any particular peripheral for security both against malicious and errant software on impacting critical systems.

Advantages of having a Qualcomm hypervisor running are:

1.Using the hypervisor, memory and access faults can be easily captured in real time in an efficient manner
2.Configuration and access requests for various peripherals that are shared can be controlled.

In theory, a device or a peripheral can be shared between multiple operating systems like Linux/Android/other. A hypervisor is a way to avoid contentions and ensure smooth access for various devices or peripherals.

The hypervisor also provides interoperability with Trust Zone capabilities, which also uses privilege levels to provide secure, protected access to some peripherals.

simplified picture of a hypervisor based embedded system:

Figure 1 : Sample Hypervisor Architecture

Role of Hypervisor in the Qualcomm eco-system:

Having a Hypervisor based embedded system opens up a range of possibilities for peripheral sharing and data exchange across various execution domains. Currently, on Qualcomm Snapdragon based systems like 820, the hypervisor can manage the IO operations for various operating threads. As of now, the hypervisor does not have full support for running two different full-fledged operating systems simultaneously but it does support simultaneous operating threads. Examples of multiple threads working in parallel which can leverage hypervisor today:

  1. The IO requests coming from Android. These requests could be data read-write onto the memory, screen IO, etc.
  2. IO requests coming from multiple proprietary threads running on other co-processing units or the main processing unit. These co-processing units are responsible for managing various connectivity (GPS, WLAN) tasks, sensing tasks (Accelerometer, Gyroscope) and other security tasks if enabled.

All these operating threads run simultaneously as mentioned above along with Android to provide us with a seamless user experience!

Intrinsyc Technologies has complete access to Qualcomm Hypervisor’s proprietary source code and can provide help in working with the hypervisor or customizing it for particular applications.

Author: Chaitanya Dhere

Chaitanya Dhere is an Embedded Software Developer at Intrinsyc Technologies and has experience in Linux kernel, device drivers, UEFI, board bring up and system software development on various Embedded platforms.


Comments are closed.

Show Buttons
Hide Buttons

Job Id*

Your Name*

Your Email*

How did you find us?*

Location*

Resume