microsoft/openvmm
Publicmirrored fromhttps://github.com/microsoft/openvmmAvailable
Guide/src/index.md
135lines · modecode
| 1 | # Introduction |
| 2 | |
| 3 | OpenVMM is a modular, cross-platform Virtual Machine Monitor (VMM), written in |
| 4 | Rust. |
| 5 | |
| 6 | Although it can function as a traditional VMM, OpenVMM's development is |
| 7 | currently focused on its role in the [OpenHCL paravisor][paravisor]. |
| 8 | |
| 9 | The project is open-source, MIT Licensed, and developed publicly at |
| 10 | [microsoft/openvmm](https://github.com/microsoft/openvmm) on GitHub. |
| 11 | |
| 12 | ## Cross-Platform |
| 13 | |
| 14 | OpenVMM supports a variety of host operating systems, architectures, and |
| 15 | virtualization backends: |
| 16 | |
| 17 | | Host OS | Architecture | Virtualization API | |
| 18 | | ------------------- | ------------- | -------------------------------------- | |
| 19 | | Linux ([paravisor]) | x64 / Aarch64 | MSHV (using [VSM] / [TDX] / [SEV-SNP]) | |
| 20 | | Windows | x64 / Aarch64 | WHP (Windows Hypervisor Platform) | |
| 21 | | Linux | x64 / Aarch64 | KVM | |
| 22 | | | x64 / Aarch64 | MSHV (Microsoft Hypervisor) | |
| 23 | | macOS | Aarch64 | Hypervisor.framework | |
| 24 | |
| 25 | ## Running in the OpenHCL paravisor |
| 26 | |
| 27 | OpenVMM is the VMM that runs in the [OpenHCL paravisor][paravisor]. |
| 28 | |
| 29 | Unlike in traditional virtualization, where a VMM runs in a privileged host/root |
| 30 | partition and provides virtualization services to a unprivileged guest |
| 31 | partition, the "paravisor" model enables a VMM to provide virtualization |
| 32 | services from _within_ the guest partition itself. |
| 33 | |
| 34 | It can be considered a form of "virtual firmware", running at a higher privilege |
| 35 | level than the primary guest OS. |
| 36 | |
| 37 | Paravisors are quite exciting, as they enable a wide variety of useful and novel |
| 38 | virtualization scenarios! For example: at Microsoft, OpenHCL plays a key role in |
| 39 | enabling several important Azure scenarios: |
| 40 | |
| 41 | - Enabling existing workloads to seamlessly leverage [Azure Boost] (Azure's |
| 42 | next-generation hardware accelerator), without requiring any modifications to |
| 43 | the guest VM image. |
| 44 | |
| 45 | - Enabling existing guest operating systems to run inside [Confidential VMs]. |
| 46 | |
| 47 | - Powering [Trusted Launch VMs] - VMs that support Secure Boot, and include a |
| 48 | vTPM. |
| 49 | |
| 50 | ## Standalone VMM |
| 51 | |
| 52 | OpenVMM can also run as a general-purpose VMM on a Windows, Linux, or macOS |
| 53 | host. At the moment, this is primarily a development vehicle: most of the same |
| 54 | code runs in OpenVMM on a host and OpenVMM in a paravisor, and it is often |
| 55 | easier to test it on a host. |
| 56 | |
| 57 | We will continue to build and test OpenVMM in this configuration, but currently |
| 58 | we are not focused on the goal of supporting this for production workloads. It |
| 59 | is missing many of the features and interface stability that are required for |
| 60 | general-purpose use. We recommend you consider other Rust-based VMMs such as |
| 61 | [Cloud Hypervisor](https://github.com/cloud-hypervisor/cloud-hypervisor) for |
| 62 | such use cases. |
| 63 | |
| 64 | ## Relationship to other Rust-based VMMs |
| 65 | |
| 66 | OpenVMM's core security principles are aligned with those of the Rust-based |
| 67 | Cloud Hypervisor, Firecracker, and crosvm projects, which is why we also chose |
| 68 | to write OpenVMM in Rust. However, OpenVMM's unique goal of running efficiently |
| 69 | in a paravisor environment made it difficult to leverage existing projects. |
| 70 | OpenVMM requires fine-grained control over thread and task scheduling in order |
| 71 | to avoid introducing jitter and other performance issues into guest VMs. It is |
| 72 | difficult to achieve these requirements with traditional, thread-based |
| 73 | designs. |
| 74 | |
| 75 | Instead, OpenVMM uses Rust's `async` support throughout its codebase, decoupling |
| 76 | the policy details of _where_ code runs (which OS threads) from the mechanism of |
| 77 | _what_ runs (device-specific emulators). In a paravisor or resource-constrained |
| 78 | environment, OpenVMM can run with one thread per guest CPU and ensure that |
| 79 | device work is cooperatively scheduled along with the guest OS. In more |
| 80 | traditional virtualization host, OpenVMM can run with one thread per device to |
| 81 | use host CPUs to fully parallelize guest CPU and IO processing. |
| 82 | |
| 83 | This approach has a significant impact on the design and implementation of the |
| 84 | codebase, and bringing this model to an existing VMM would be a major |
| 85 | undertaking. We came to the conclusion that a new project was the best way to |
| 86 | achieve this goal. |
| 87 | |
| 88 | We are indebted to the Rust VMM community for their trailblazing work. Now that |
| 89 | the OpenVMM project is open source, we hope to find ways to collaborate on |
| 90 | shared code while maintaining the benefits of the OpenVMM architecture. |
| 91 | |
| 92 | ## Guest Compatibility |
| 93 | |
| 94 | Similar to other general-purpose VMMs (such as Hyper-V, QEMU, VirtualBox), |
| 95 | OpenVMM is able to host a wide variety of both modern and legacy guest operating |
| 96 | systems on-top of its flexible virtual hardware platform. |
| 97 | |
| 98 | - Modern operating systems can boot via UEFI, and interface with a wide |
| 99 | selection of paravirtualized devices for services like networking, storage, and |
| 100 | graphics. |
| 101 | |
| 102 | - Legacy x86 operating systems can boot via BIOS, and are presented with a |
| 103 | PC-compatible emulated device platform which includes legacy hardware such as |
| 104 | IDE hard-disk/optical drives, floppy disk drives, and VGA graphics cards. |
| 105 | |
| 106 | OpenVMM is regularly tested to ensure compatibility with popular operating |
| 107 | systems (such as Windows, Linux, and FreeBSD), and strives to maintain |
| 108 | reasonable compatibility with other, more niche/legacy operating systems as |
| 109 | well. |
| 110 | |
| 111 | * * * |
| 112 | |
| 113 | To learn more about different facets of the OpenVMM project, check out the |
| 114 | following links: |
| 115 | |
| 116 | | | | |
| 117 | | ----------------------------------------------------------------------------- | ----------------------------------------- | |
| 118 | | [Getting Started: OpenVMM](./user_guide/openvmm.md) | Running OpenVMM as traditional host VMM | |
| 119 | | [Getting Started: OpenHCL](./user_guide/openhcl.md) | Running OpenVMM as a paravisor (OpenHCL) | |
| 120 | | [Developer Guide: Getting Started](./dev_guide/getting_started.md) | Building OpenVMM / OpenHCL locally | |
| 121 | | [[Github] microsoft/openvmm](https://github.com/microsoft/openvmm) | Viewing / Downloading OpenVMM source code | |
| 122 | | [[Github] OpenVMM issue tracker](https://github.com/microsoft/openvmm/issues) | Reporting OpenVMM issues | |
| 123 | |
| 124 | [paravisor]: ./user_guide/openhcl.md |
| 125 | [VSM]: |
| 126 | https://learn.microsoft.com/en-us/virtualization/hyper-v-on-windows/tlfs/vsm |
| 127 | [Azure Boost]: https://learn.microsoft.com/en-us/azure/azure-boost/overview |
| 128 | [Confidential VMs]: |
| 129 | https://azure.microsoft.com/en-us/solutions/confidential-compute |
| 130 | [Trusted Launch VMs]: |
| 131 | https://learn.microsoft.com/en-us/azure/virtual-machines/trusted-launch |
| 132 | [TDX]: |
| 133 | https://www.intel.com/content/www/us/en/developer/tools/trust-domain-extensions/overview.html |
| 134 | [SEV-SNP]: |
| 135 | https://www.amd.com/content/dam/amd/en/documents/epyc-business-docs/white-papers/SEV-SNP-strengthening-vm-isolation-with-integrity-protection-and-more.pdf |
| 136 | |