Hypervisor [Jailhouse]

In 2014, the development of the open source hypervisor Jailhouse was started. Jailhouse is specifically designed for the use of isolated real-time applications, be it bare-metal or RTOS based, or certifiable software.

Jailhouse uses asymmetric multi-processing (AMP) to achieve its goals. With Jailhouse, hardware is statically partitioned with strict separation between each CPU and device. A new configuration file allows the partitioning to be adjusted at any time.

The overall design target is simplicity. As little code as possible should be used in order to fulfill the two most important requirements for Jailhouse: Realtime capability and certifiability (verifiability).

Therefore, Jailhouse is a type 1 hypervisor. The first initialization of the hardware is done by Linux, so the hypervisor can remain extremely lean. Right from the beginning, a large number of supported (and supportable) hardware is therefore available. And it should become an open source solution (GPLv2), so that it is visible for everyone what is done and how it is done.

The result is convincing - Jailhouse now supports x86 and ARM (v7 and v8) processors. A precondition is that the CPUs support a virtualization solution in hardware (e.g. Intel VT-x; ARM VE). This supports code that is significantly smaller than 10,000 LoC each, and the realtime capability is provided or maintained with an additional latency of the order of about 1 µsec, which is due to the hypervisor.