- preemption timer
- Intel IOMMU (VT-d) with interrupt remapping support
(except when running inside QEMU)
+ or
+ - AMD x86 processor with support for 64-bit and SVM (AMD-V), and also
+ - NPT (nested page tables); required
+ - Decode Assists; recommended
+ - AMD IOMMU (AMD-Vi) is unsupported now but will be required in future
- at least 2 logical CPUs
- x86-64 Linux kernel (tested against >= 3.9)
- VT-d IOMMU usage (DMAR) has to be disabled in the Linux kernel, e.g. via
-------------------------
The included system configuration qemu-vm.c can be used to run Jailhouse in
-QEMU/KVM virtual machine on Intel x86 hosts. Currently it requires kvm.git,
-next branch on the host. 3.17 is expected to include all necessary features
-for this setup. QEMU is required in a recent version (2.1) as well if you want
-to use the configuration file included in the source tree.
+QEMU/KVM virtual machine on x86 hosts (Intel and AMD are supported). Currently
+it requires Linux 3.18 or newer on the host side (Intel is fine with 3.17).
+QEMU is required in a recent version (2.1) as well if you want to use the
+configuration file included in the source tree.
You also need a Linux guest image with a recent kernel (tested with >= 3.9) and
-the ability to build a module for this kernel. Make sure the kvm-intel module
-was loaded with nested=1 to enable nested VMX support. Start the virtual
-machine as follows:
+the ability to build a module for this kernel. Further steps depend on the type
+of CPU you have on your system.
+
+For Intel CPUs: Make sure the kvm-intel module was loaded with nested=1 to
+enable nested VMX support. Start the virtual machine as follows:
qemu-system-x86_64 -machine q35 -m 1G -enable-kvm -smp 4 \
-cpu kvm64,-kvm_pv_eoi,-kvm_steal_time,-kvm_asyncpf,-kvmclock,+vmx,+x2apic \
-device ide-hd,drive=disk -serial stdio -serial vc \
-device intel-hda,addr=1b.0 -device hda-duplex
-Inside the VM, make sure that jailhouse.bin, generated by the build process,
-is available for firmware loading (typically /lib/firmware), see above for
+For AMD CPUs: Make sure the kvm-amd module was loaded with nested=1 to enable
+nested SVM support. Start the virtual machine as follows:
+
+ qemu-system-x86_64 -machine q35 -m 1G -enable-kvm -smp 4 \
+ -cpu host,-kvm_pv_eoi,-kvm_steal_time,-kvm_asyncpf,-kvmclock,+svm,+x2apic \
+ -drive file=LinuxInstallation.img,id=disk,if=none \
+ -device ide-hd,drive=disk -serial stdio -serial vc \
+ -device intel-hda,addr=1b.0 -device hda-duplex
+
+Inside the VM, make sure that jailhouse-*.bin, generated by the build process,
+are available for firmware loading (typically /lib/firmware), see above for
installation steps.
The hypervisor requires a contiguous piece of RAM for itself and each
*
* Test configuration for QEMU Q35 VM, 1 GB RAM, 64 MB hypervisor (-192K ACPI)
* Command line:
+ *
+ * For Intel-based setup:
* qemu-system-x86_64 -machine q35 -m 1G -enable-kvm -smp 4 \
* -drive file=/path/to/image,id=disk,if=none -device ide-hd,drive=disk \
* -virtfs local,path=/local/path,security_model=passthrough,mount_tag=host \
* -cpu kvm64,-kvm_pv_eoi,-kvm_steal_time,-kvm_asyncpf,-kvmclock,+vmx,+x2apic
*
+ * For AMD-based setups:
+ * qemu-system-x86_64 /path/to/image -m 1G -enable-kvm -smp 4 \
+ * -virtfs local,path=/local/path,security_model=passthrough,mount_tag=host \
+ * -cpu host,-kvm_pv_eoi,-kvm_steal_time,-kvm_asyncpf,-kvmclock,+svm,+x2apic
+ *
* Copyright (c) Siemens AG, 2013
*
* Authors: