diff --git a/README.en.md b/README.en.md index f046e301f4d8edcfe7b4665ef27934bfacfc1441..247c89c611c7c3c19a36c8b8352ccfb2b8216bb2 100644 --- a/README.en.md +++ b/README.en.md @@ -1,10 +1,12 @@ # capsule #### Description -Capsule is a next generation Hypervisor which is compatible with VM/container/partition ecosystem and naturally supports hot upgrade capabilities. Based on Rust programming language of memory security, Capsule supports both Type-1 and Type-2 types across various IT/OT/CT scenarios. + +Capsule is a new hypervisor fully controlled by the openEuler community. Like KVM hypervisor, the Capsule hypervisor empowers the virtualization extensions in different CPU implementations. Rust programming language is chosen to re-invent the hypervisor for security. Moreover, Capsule can support common virtual machines (for diverse business applications), micro-VMs (for container workloads), and logical partitions (for realtime applications) at the same time. #### Software Architecture -Software architecture description + +The design keys can be referenced [here](/docs/design.md). #### Installation diff --git a/README.md b/README.md index e263734800f5182f9a6831409ba29dc9dec114a5..7b2434faed3261f77ea487a9547d962780d9854a 100644 --- a/README.md +++ b/README.md @@ -1,10 +1,12 @@ # capsule #### 介绍 -Capsule is a next generation Hypervisor which is compatible with VM/container/partition ecosystem and naturally supports hot upgrade capabilities. Based on Rust programming language of memory security, Capsule supports both Type-1 and Type-2 types across various IT/OT/CT scenarios. + +Capsule是完全由openEuler社区控制的新型hypervisor项目。类似KVM,Capsule充分使能不同CPU体系的硬件辅助虚拟化能力。不同的是,Capsule采用Rust语言编写以带来更大的安全性。另外,Capsule重塑了hypervisor架构,使它既可以支持普通虚拟机(满足多种多样的企业应用),也可以支持安全容器(满足容器化负载应用),同时还可以支持逻辑分区(满足实时场景需求)。 #### 软件架构 -软件架构说明 + +软件关键设计思路参考: [设计文档](/docs/design.md)。 #### 安装教程 @@ -27,7 +29,7 @@ Capsule is a next generation Hypervisor which is compatible with VM/container/pa 4. 新建 Pull Request -#### 特技 +#### 特性 1. 使用 Readme\_XXX.md 来支持不同的语言,例如 Readme\_en.md, Readme\_zh.md 2. Gitee 官方博客 [blog.gitee.com](https://blog.gitee.com) diff --git a/docs/assets/cpu_modes.png b/docs/assets/cpu_modes.png new file mode 100644 index 0000000000000000000000000000000000000000..a89de5697c86b6f768bf605048ca35da4f80ada1 Binary files /dev/null and b/docs/assets/cpu_modes.png differ diff --git a/docs/design.md b/docs/design.md new file mode 100644 index 0000000000000000000000000000000000000000..96c2db6e8c31a964e9054e7c30852fdac219b832 --- /dev/null +++ b/docs/design.md @@ -0,0 +1,27 @@ +This document contains information about the designing of the Capsule hypervisor. + +# Functionality + +## Virtual Machines + +Supporting Virtual Machines is the basic function for the Capsule hypervisor. A virtual machine contains CPUs, Memory, IO Devices, IO Bus, and other System components just like a real computer. + +### CPU + +CPU is the central part of a VM. With the hardware assistant virtualization technology (Intel VT-x, for example), instructions inside the VM can run on the physical hardware directly to improve the execution performance. Therefore, the physical CPU needs to have different modes for the Host Machine and Guest Machines. Intel CPUs which support VT-X, use Root Mode for execution of software in Host Machine and Non-Root Mode for execution of software in Guest Machine. ARM CPUs have EL2 for Host and EL0/EL1 for Guest. Although different CPU architectures have different implementations for the hardware assistant virtualization, the basic process is common, which can be depicted as follows: + +
+ +
+ +Most common instructions can be executed in the Guest Mode directly, while some priviledge instructions need to be emulated in the Host Mode with the Capsule hypervisor. Codes for emulations are CPU implementation relative and need to be analyzed case by case accoring to the hardware specifications. + +#### X86 + +#### ARM + +# Performance + +# Security + +# Reliablility