Two days later, Mike managed to get seabios booting in vmm for the first time: http://pastebin.com/00FSvEWA
(This is work in progress and not committed yet.)
It was a requirement in high-assurance security for admin access. You start with idea of a management port like what’s common in servers. Then, you need it to be DMA free, easy to TEMPEST shield, have drivers simple enough to bulletproof, and diverse suppliers to reduce interception risk. Serial port it is.
Actually, the thought occurred to me that you could create a synthetic framebuffer in emulated firmware - probably via EFI to keep it sane. Basically, the EFI framebuffer and HID the OS uses to would be routed over VNC. Then the hypervisor could be kept clean, but instead offloaded to optional emulated firmware.
OpenBSD got or will get a lot of improvements that I need, hypervisor, dynamic tracing (unfortunately using CTF), better SMP. The only thing lacking is an improved filesystem.
From my “user but not OpenBSD developer” perspective, HAMMER looks like a reasonable option worth considering. Unfortunately it’s in a bit of a no-man’s land at the moment as HAMMER2 is under development but not yet ready for prime time. Some work has been done on porting NetBSD’s WAPBL (I believe it works, but there are some issues and it’s therefore not in-tree yet).
There was a little mention of it in the a2k17 hackathon report from Martin Pieuchot, which references the earlier commit message for amd64 Dynamic Profiling support.
I’m assuming DTrace would be a no go because of the CDDL (yes, I know FreeBSD has it but their approach to the CDDL is different from OpenBSD’s)?
Two days later, Mike managed to get seabios booting in vmm for the first time: http://pastebin.com/00FSvEWA (This is work in progress and not committed yet.)
My personal itch for vmm/vmd would for it to be able to run Windows, seeing as we can’t cope with Wine.
I believe a serial console in the guest is going to be required for a long time, perhaps forever. Mike isn’t keen on adding graphics.
IIRC, you can install Windows with nothing but serial nowadays. RDP can be used afterwards.
It was a requirement in high-assurance security for admin access. You start with idea of a management port like what’s common in servers. Then, you need it to be DMA free, easy to TEMPEST shield, have drivers simple enough to bulletproof, and diverse suppliers to reduce interception risk. Serial port it is.
Actually, the thought occurred to me that you could create a synthetic framebuffer in emulated firmware - probably via EFI to keep it sane. Basically, the EFI framebuffer and HID the OS uses to would be routed over VNC. Then the hypervisor could be kept clean, but instead offloaded to optional emulated firmware.
Would support for PCIe pass-through of GPUs require vmd support for graphics?
If you pass through the PCI device (sounds like a lot of work) then the VM would have a graphics device instead of having to use an emulated one.
OpenBSD got or will get a lot of improvements that I need, hypervisor, dynamic tracing (unfortunately using CTF), better SMP. The only thing lacking is an improved filesystem.
From my “user but not OpenBSD developer” perspective, HAMMER looks like a reasonable option worth considering. Unfortunately it’s in a bit of a no-man’s land at the moment as HAMMER2 is under development but not yet ready for prime time. Some work has been done on porting NetBSD’s WAPBL (I believe it works, but there are some issues and it’s therefore not in-tree yet).
Pity ZFS has so much against it, as @tedu noted.
I’m having a bit of a hard time finding anything regarding OpenBSD and CTF. Last I heard, a serious attempt at DTrace was being made.
There was a little mention of it in the a2k17 hackathon report from Martin Pieuchot, which references the earlier commit message for amd64 Dynamic Profiling support.
I’m assuming DTrace would be a no go because of the CDDL (yes, I know FreeBSD has it but their approach to the CDDL is different from OpenBSD’s)?