[ANNOUNCE] Jailhouse: A Linux-based Partitioning Hypervisor

From: Jan Kiszka
Date: Tue Nov 19 2013 - 02:47:39 EST

We are happy to announce the Jailhouse project, now also to a broader

Jailhouse is a partitioning hypervisor that can create asymmetric
multiprocessing (AMP) setups on Linux-based systems. That means it runs
bare-metal applications or non-Linux OSes aside a standard Linux kernel
on one multicore hardware platform. Jailhouse ensures isolation between
these "cells", as we call them, via hardware-assisted virtualization.
The typical workloads we expect to see in non-Linux cells are
applications with highly demanding real-time, safety or security
requirements. In contrast to comparable hypervisors, Jailhouse is loaded
and configured via Linux, not the other way around. Give it a try to see
and "feel" the difference.

The aim of Jailhouse is to keep the amount of code responsible for
establishing and maintaining cell isolation as small as possible. And
with small we mean a few thousand lines of code at the privilege level
of the hypervisor. This is obviously much less than you can achieve with
full-featured hypervisors like KVM. See also the Jailhouse presentation
at this year's KVM Forum for the differentiation between KVM and
Jailhouse, as well as possible combinations of both:


Jailhouse is clearly in an incubator stage. We currently only support
Intel x86, including a demonstration setup inside QEMU/KVM. Also, we
still lack a number features and measures in order to truly and provably
isolate cells from each other. Besides working on this, ARM support is
on our road map as well. As we would like to motivate early feedback,
including potential contributions, we already released the code under GPLv2:


Aside the master branch, you can also find a first step towards the
KVM-on-Jailhouse concept presented at KVM Forum 2013.

Looking forward to your feedback!


Siemens AG, Corporate Technology, CT RTC ITP SES-DE
Corporate Competence Center Embedded Linux
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/