A running hypervisor comprises the hypervisor microkernel and its virtualization library (libmod_qvm.a), and one or more instances of the virtual machine process (qvm).
In a QNX Hypervisor environment, every virtual machine (VM) is a qvm process instance. The qvm process is an OS process that runs in the hypervisor host, outside the kernel. Each instance has an identifier marking it so that the microkernel knows that it is a qvm process.
If you remember anything about VMs, remember that from the point of view of a guest OS, the VM hosting that guest is hardware. This means that, just as an OS running on a physical board expects certain hardware characteristics (architecture, board-specifics, memory and CPUs, devices, etc.) an OS running in a VM expects those characteristics: the VM in which a guest will run must match the guest's expectations.
When you configure a VM, you are assembling a hardware platform. The difference is that instead of assembling physical memory cards, CPUs, etc., you specify the virtual components of your machine, which a qvm process will create and configure according to your specifications.
The rules about where things appear are the same as for a real board:
The hardware analogy works in the other direction as well. A VM doesn't need to know what its guest is doing any more than hardware needs to know what an OS is is doing. In fact, the VM can't know what a guest is doing (the guest is a blob).
For more information about configuring VMs, see Assembling and configuring VMs in the Configuration chapter.
Each qvm process instance provides key hypervisor services.
In order to create the virtual environment in which a guest OS can run, a qvm process instance does the following when it starts:
Creates (assembles) and configures its VM, including:
During operation a qvm process instance does the following:
In a virtualized environment, it is the responsibility of the CPU virtualization extensions to recognize from a guest's actions when the guest needs to exit. When a CPU triggers a guest exit, however, it is the qvm process instance (i.e., the VM) hosting the guest that saves the guest's context. When the guest has completed its task and is ready to re-enter, the process instance restores the guest's context.
The qvm process instances manage privilege levels at guest entrances and exits, to ensure that guests can run, and that the system is protected from errant code.
On a guest entrance, the qvm process instance asks the CPU to give the guest the privilege levels it needs to run, but no more. On a guest exit, the qvm process instance asks the CPU to return to the privilege levels it requires to run in the hypervisor host.
Only the CPU hardware can change privilege levels. The qvm process performs the operations required to have the CPU change privilege levels. This mechanism (hence the operations) is architecture-specific.
Each qvm process instance manages its hosted guest's access to both virtual and physical resources.
When a guest attempts to access an address in its guest-physical memory, this access can be one of the following, and the qvm process hosting the guest checks the access attempt and responds as described:
The above are for access attempts that go through the CPU. DMA access control is managed by the SMMU manager (see DMA device containment (smmuman)).