Open source hypervisor exploits hardware virtualization in MIPS CPUs

June 13, 2016 // By Graham Prophet
Imagination Technologies and Kernkonzept have said that the latest release of the open source L4Re hypervisor now supports Imagination’s OmniShield-ready MIPS CPUs. The small footprint L4Re hypervisor, maintained by Kernkonzept (Dresden, Germany), can take advantage of the hardware virtualization technology in MIPS CPUs for more efficient context switching and better use of CPU cycles, leading to improved application headroom.

Hardware virtualization, Imagination says, is gaining attention beyond its traditional home in the data-centre for the benefits it provides across numerous application areas from IoT to consumer to automotive to industrial and beyond. Connected devices can be designed with numerous distinct domains in which multiple operating systems and applications can run independently at the same time on a single platform.

 

In a related statement, the company says, “Back in March 2015, the United States Federal Communications Commission (FCC) issued a security document that included a series of provisions related to the use of wireless devices. In order to comply with these security guidelines, some manufacturers of home routers and other networking equipment decided to lock down the software powering these devices. This caused an outcry from the open source community who demanded that the FCC and manufacturers would not restrict the free use of the operating system and associated software running on their devices. Imagination Technologies [presents] a proof of concept demonstration that addresses the next-generation security requirements mandated by the FCC and other similar agencies. The demo makes use of multi-domain, secure hardware virtualization in MIPS Warrior CPUs. This technology allows developers to create system-wide, hardware-enforced trusted environments that are more secure compared to current solutions; ‘security by isolation’. The platform for the demonstration runs three virtual machines (VMs) on a high-end MIPS P-class CPU integrated in a router-type evaluation kit; this approach securely separates the OpenWrt operating system from the Wi-Fi driver, allowing them to co-exist in isolation and thus comply with the FCC guidelines. The diagram above shows the outline architecture.”

 

Built in to the latest MIPS CPUs and other processor families, Imagination’s OmniShield technology makes use of hardware virtualization to enable the creation of multiple domains on a single SoC. The L4Re operating system is an ideal match: it works with systems that need to consolidate multiple applications with differing security, safety, or real-time