acrn : a big little hypervisor for iot development...kernel user kernel vm api keystore virtual...

ACRNTM: A Big Little Hypervisor for IoT Development

Eddie Dong, Intel Open Source Technology Center

Key contributors: Christopher Cormack, Matthew Curfman, Jeff Jackson

V0.2 Status Update

Table of Contents

PART 1: What is ACRN

PART 2: Architecture Models

PART 3: Development Status

PART 4: Call for Participation

…………………………………………….. page 3

…………………………………………….. page 5

…………………………………………….. page 10

…………………………………………….. page 17

What is ACRN

ACRN is a Big Little Hypervisor for IoT Development !

Usage Difference: From Server to IoT

Server Usage IoT Usage

Open/Close Platform Open Mostly Closed

System Software Distribution One binary for a variety of product,

and/or with add-on hardware

Customized per product

Real Time No Yes for many systems

Functional Safety No Yes for some usages

Video (including Camera) No Yes for many usages

Audio No Yes for many usages

Performance Yes Yes

Isolation Yes Yes

Security Yes Yes

Migration Very Important Yes for some usages

IoT Virtualization would be largely different with that of Server virtualization

ACRN Focus

Small Footprint

Built for IoT

Adaptability

Built for Real-Time

Safety Criticality

Truly Open Source

Sharing Mode & Partition Mode

ACRN

Instrument Cluster

Device Model

Sharing Mode

Service OS (SOS)

IVI IVI

ACRN

Partition Mode Partition Mode

Deep Learning Deep Learning

Sharing Mode SOS-Less Partition Mode

Hybrid Mode

Privileged VM, loaded by Hypervisor

Completely independent of SOS

ACRN hypervisor (IEC-61508)

Orchestration Agent

Device Model

Soft Realtime

UOS

HMIProcess Control PLC

Service OS (SOS) Preempt-RT

Privileged VM

Auto PLC IPC Robotics

Hard Realtime

SOS

Normal VM Normal VM

ACRN hypervisor (IEC-61508)

Orchestration Agent

Device Model

Soft Realtime

Partition Mode Sharing Mode

HMIAuto PLC IPC Robotics Process Control PLC

Service OS (SOS)

Hard Realtime

Preempt-RT

Privileged VM, loaded by SOS

But independent of SOS at Runtime

Trusty

World

ACRN Sharing Mode for IVI Usage

Subtext goes hereService VM

(PIT, PCI, ACPI ..)

Hypercalls

VT-d EPT

ACRN HypervisorVMX

Virtio API Trusty API vPIC/vLAPIC/

vIOAPIC/vMSI

ACRN Device

Model

(Mediators)

VM

Manager

Linux VM

virtio

FE Drivers

User

Kernel

User

Kernel

VM API

Keystore

Virtual Firmware

EnclavesEnclaves

Android

World

virtio

FE Drivers

User

Kernel

Virtual Firmware

VMX non-root

operation

VMX root

operation

Android VM

Keystore

Native Device DriverNative Device Driver

Kernel Mediators

Instrument

Cluster (IC)

Virtio & Hypercall

Module (VHM)

ACRN

Services

PM Agency

Keybox

Automotive Boot Loader (SBL, ABL or UEFI)

Apollo Lake, KSL-I PlatformCSE

ACRN Partition Mode for Industrial Usage

VT-d EPT

ACRN Hypervisor

VMX vRTCPartitioned virtual

IOAPIC

RT APP

RT VM

VMX non-root operation

VMX root operation

UEFI Firmware

Virtual PCI /

Host bridge

RT APP

Non-RT

APPNon-RT

APP

RT Kernel

GUI VM(Could be extended to run SOS)

APP

Kernel

APPAPP

CPU Core

LAPIC

CPU Core

LAPIC

CPU Core

LAPIC

CPU Core

LAPIC

RT VM uses dedicated hardware

resources (CPU/Memory/Devices)

• LAPIC Passthru for exit-less MSI

interrupt / Timer

• IOAPIC partition with global

vectoring

• Cache Partitioning

Minimal in-hypervisor devices

• Virtual RTC

• Virtual PCI controller and host

bridge

GUI VM can be extended as SOS to

support more VMs

• Hybrid model

Hypervisors Feature Comparison

Features ACRN KVM XEN

Hypervisor Type 1 Type 2 Type 1

Lines of Code (LOC) 28K 10M+ ~299K

Functional Safety Capable Yes (**) No No

MISRA Yes No No

USB Host + Device Host only Host only

Device sharing Yes Yes Yes

Virtio Yes Yes No (Xen specific PV)

Vhost WIP Yes No

VM management Yes Yes (libvirt) Yes (libvirt)

Nested virtualization No Yes Yes

VM migrations No Yes Yes

CPU hotplug No Yes Yes

Edge/ IoT Devices

Data Center/Servers

***Lines of source code is collected by running cloc to parse the hypervisor directory

ACRN: As of Sep 25 (open source V0.2 Release)

XEN: As of Oct 10 (commit: 92666fdd6e0afab989b2d89759d9b43f2c645ae7)

ACRN Lines of Code

0

5000

10000

15000

20000

25000

30000

ww19 ww21 ww23 ww25 ww27 ww29 ww31 ww33 ww35 ww37 ww39

Lin

es o

f C

od

eACRN Source Code Size

C Header Assembly

Towards MISRA-C Compliance

0

5000

10000

15000

20000

25000

Num

ber

of V

iola

tion

s

Mandatory Required Advisory

• Statistics from commercial safety-qualified checker.

• False positives and intended deviations tracked in weekly-updated sheets.

• Pull requests are scanned hunting for new violations.

80% reduction

Preliminary GPU Performance on Apollo Lake

Performance Test Cases in Android Native Guest Guest VS Native

Carchase_offscreen 12.63 10 79.18%

Manhattan_3.1_offscreen 20.73 17 82.01%

H.264_MPEG4_AVC_1080p60 60 55.4 92.33%

H.265_HEVC_4kx2kp60_10bits_playback 59.99 53.1 88.51%

12.6320.73

60 59.99

1017

55.4 53.1

0

10

20

30

40

50

60

70

fram

e p

er s

eco

nd

(fp

s)

Native

Guest

Performance tests and ratings are measured using specific computer systems and/or components and reflect the approximate performance of Intel products as measured by those tests. Any difference in system hardware or

software design or configuration may affect actual performance. Buyers should consult other sources of information to evaluate the performance of systems or components they are considering purchasing. For more information on

performance tests and on the performance of Intel products, visit Intel Performance Benchmark Limitations.

http://www.intel.com/performance/resources/limits.htm

Configuration for Real Time Latency

Common

• Dell-7050 (i7-7700), 3.6GHZ, 8MB Cache

• ACRN with hybrid mode

• Service VM uses Clearlinux, running SCP

Configuration 1

• RT-VM runs tickles Zephyr with 64KB memory

• Cyclic Test to measure the scheduler jitter & OS Tick latency

Configuration 2

• RT-Linux (4.14) with 1GB memory

• Cyclic Test to measure the scheduler jitter between native and VM

Preliminary Jitter with Zephyr





Preliminary Jitter with RT-Linux




Native Jitter

Jitter as a

VM


ACRN Roadmap

Dates below are for reference only and subject to change

Area v0.1@Q2‘18 v0.2@Q3’18 V0.5@Q4’18 V1.0@Q1‘19 V1.x@2019

HW

• APL NUC (UEFI)

• APL UP2 (UEFI)

• APL NUC (UEFI)

• APL UP2 (UEFI)

• APL NUC (UEFI)

• KBL NUC (UEFI)

• APL UP2 (UEFI)

• APL NUC (UEFI)

• KBL NUC (UEFI)

• APL UP2 (UEFI)

• APL NUC (UEFI)

• KBL NUC (UEFI)

• APL UP2 (UEFI)

• ARM

Hypervisor

• VT-x

• VT-d

• CPU static-partitioning

• memory partitioning

• Virtio (v0.95)

• VHM

• EFI boot

• Clear Linux as guest

• Virtio (v1.0)

• Power Management

(Px/Cx)

• VM management

• ACRN debugging tool

• vSBL

• Android as guest

• AliOS as guest

• Zephyr as guest

• MISRA C compliance

• Logical partitioning without

Service OS

• Trusty (Security)

• SBL boot

• vHost

• Power Management

(S3/S5)

• Real Time

• Windows as guest

• VxWorks as guest

• Functional Safety capable

• CPU sharing

• OVMF

• ARM

I/O

virtualization

• Storage

• Ethernet

• USB host controller (PT)

• USB device controller (PT)

• Audio (PT)

• WiFi (PT)*

• Touch (PT)

• GPU Sharing:

• GPU Surface Sharing

• IPU Sharing*

• GPU Prioritized Rendering

• Touch sharing

• IOC sharing*

• Audio sharing

• USB host controller Sharing

• USB DRD virtualization

• GPIO virtualization • HECI sharing (Security)

• CSME/DAL sharing (Security)

• TPM Sharing (Security)

• eAVB/TSN Sharing

• SR-IOV*

Call for Participationhttps://projectacrn.github.io/index.html

https://projectacrn.org

Joining ACRN Community Today!!!

https://projectacrn.github.io/index.html

https://projectacrn.org/

acrn : a big little hypervisor for iot development...kernel user kernel vm api keystore virtual...

Documents