Dear Jailhouse community, Over the last days I have been trying to get Jailhouse running on real hardware. I ran into quite some issues, but managed to get it running eventually. For some issues, I was able to find a solution somewhere in the mailing archives, but not for all of them. So I thought I'd share my experiences here for future references. There's also some solutions which are not entirely clear. If you have any reference on that it would be welcome, but I understand these might be very system specific as well.
** Installing Jailhouse ** * Installing Jailhouse on generic Ubuntu (2.10) gives the following error: > ERROR: modpost: "lapic_timer_period" > [/data/ecseqm/jailhouse/510_siemens_jailhouse/driver/jailhouse.ko] undefined! > ERROR: modpost: "__get_vm_area_caller" > [/data/ecseqm/jailhouse/510_siemens_jailhouse/driver/jailhouse.ko] undefined! > ERROR: modpost: "ioremap_page_range" > [/data/ecseqm/jailhouse/510_siemens_jailhouse/driver/jailhouse.ko] undefined! I believe some of the kernel symbols have been renamed in I believe 5.8. As a solution, I switched to 2.04 LTS (Kernel 5.4), where it installed without issues. ** Enabling Jailhouse * enabling a compiled sysconfig.cell results in: > JAILHOUSE_ENABLE: Invalid argument with dmesg listing: > jailhouse: Not a system configuration This issue was already reported on the mailing list, but I'd like to note that it was not a singular case. Switching from GCC-9 to GCC-7 solved the issue for me too. I guess GCC-9 takes the freedom to move the header away from the initial memory location, which results in Jailhouse failing to verify the .cell to be a system configuration description. * enabling results in: > FATAL: Unhandled MSR write: c8f Ubuntu distributions have CONFIG_X86_CPU_RESCTRL=y kernel config set by default. I do not know how widespread this is. Apparently, this conflicts with jailhouse, as such a Linux kernel tends to write to 0xc8f: IA32_PQR_ASSOC. Disabling rdt over the kernel commandline does not solve the issue. Perhaps it might be useful to extend the hardware check to check for this flag? Rebuilding the kernel without RESCTRL fixed the issue. * enabling results in: > FATAL: Invalid MMIO/RAM read, addr: 0x0000000087a6e070 size: 8 > FATAL: Invalid MMIO/RAM write, addr: 0x0000000087a6e018 size: 0 These memory accesses are > 86dff000-924fefff : Reserved > 89f5b018-89f5b06f : APEI ERST > 89f5b070-89f5d017 : APEI ERST The APEI ERST are included by jailhouse by default, however the remainder of the reserved region is not. Passing this to jailhouse solves the issue. Does anybody have any idea where this region could be used for? I expect some bios driver? Is there a way to detect which driver is interfering here? * Similarly, a violation was found while destroying a non-root cell: > FATAL: Invalid PIO read, port: 500 size: 2 Which jailhouse identifies as: > /* Port I/O: 0510-0515 : ACPI CPU throttle */ > PIO_RANGE(0x510, 0x6), Again, passing the port solves the issue. Does anybody have a clue why the CPU throttle is required to destroy a non-root cell? Is it an idea to include these PIO ports by default in the config creation? The last issues were described to some extend in Jan's ELCE talk in 2016, "Tutorial: Bootstrapping the Partitioning Hypervisor Jailhouse". I really liked the introduction and think it is an excellent talk to get started with Jailhouse. However, it is not linked in e.g. the readme or the FAQ. This might be beneficial. If anyone has any ideas about the PIO/Memory requirements, that would be really welcome. Thanks for all the efforts put in Jailhouse. Kind regards, Bram Hooimeijer Disclaimer: The content of this e-mail is intended solely for the use of the Individual or entity to whom it is addressed. If you have received this communication in error, be aware that forwarding it, copying it, or in any way disclosing its content to any other person, is strictly prohibited. If you have received this communication in error, please notify the author by replying to this e-mail immediately. -- You received this message because you are subscribed to the Google Groups "Jailhouse" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/jailhouse-dev/AS8PR02MB6663A103382B6B698EB2B7EBB6CB0%40AS8PR02MB6663.eurprd02.prod.outlook.com.
