Hardware accelerated virtualization in the ARM Cortex ... - Xen
Hardware accelerated virtualization in the ARM Cortex ... - Xen
Hardware accelerated virtualization in the ARM Cortex ... - Xen
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
<strong>Hardware</strong> <strong>accelerated</strong><br />
Virtualization <strong>in</strong> <strong>the</strong><br />
<strong>ARM</strong> <strong>Cortex</strong> Processors<br />
John Goodacre<br />
Director, Program Management<br />
<strong>ARM</strong> Processor Division<br />
<strong>ARM</strong> Ltd. Cambridge UK<br />
2nd November 2010<br />
Sponsored by:<br />
& &
New Capabilities <strong>in</strong> <strong>the</strong> <strong>Cortex</strong>-A15<br />
� Full compatibility with <strong>the</strong> <strong>Cortex</strong>-A9<br />
� Support<strong>in</strong>g <strong>the</strong> <strong>ARM</strong>v7 Architecture<br />
� Addition of Virtualization Extension (VE)<br />
� Run multiple OS b<strong>in</strong>ary <strong>in</strong>stances simultaneously<br />
� Isolates multiple work environments and data<br />
� Support<strong>in</strong>g Large Physical Address<strong>in</strong>g Extensions (LPAE)<br />
� Ability to use up to 1TB of physical memory<br />
� With AMBA 4 System Coherency (AMBA-ACE)<br />
� O<strong>the</strong>r cached devices can be coherent with processor<br />
� Many core multiprocessor scalability<br />
� Basis of concurrent big.LITTLE Process<strong>in</strong>g<br />
2
Large Physical Address<strong>in</strong>g<br />
� <strong>Cortex</strong>-A15 <strong>in</strong>troduces 40-bit physical address<strong>in</strong>g<br />
� Virtual memory (apps and OS) still has 32bit address space<br />
� Offer<strong>in</strong>g up to 1 TB of physical address space<br />
� Traditional 32bit <strong>ARM</strong> devices limited to 4GB<br />
� What does this mean for <strong>ARM</strong> based systems?<br />
� Reduced address-map congestion<br />
� More applications at <strong>the</strong> same time<br />
� Multiple resident virtualized operat<strong>in</strong>g systems<br />
� Common global physical address <strong>in</strong> many-core<br />
3
Virtualization Extensions: The Basics<br />
� New Non-secure level of privilege to hold Hypervisor<br />
� Hyp mode<br />
� New mechanisms avoid <strong>the</strong> need Hypervisor <strong>in</strong>tervention for:<br />
� Guest OS Interrupt mask<strong>in</strong>g bits<br />
� Guest OS page table management<br />
� Guest OS Device Drivers due to Hypervisor memory relocation<br />
� Guest OS communication with <strong>the</strong> <strong>in</strong>terrupt controller (GIC)<br />
� New traps <strong>in</strong>to Hyp mode for:<br />
� ID register accesses and idl<strong>in</strong>g (WFI/WFE)<br />
� Miscellaneous “difficult” System Control Register cases<br />
� New mechanisms to improve:<br />
� Guest OS Load/Store emulation by <strong>the</strong> Hypervisor<br />
� Emulation of trapped <strong>in</strong>structions through syndromes<br />
4
How does <strong>ARM</strong> do Virtualization<br />
� Extensions to <strong>the</strong> v7-A Architecture, available on <strong>the</strong><br />
<strong>Cortex</strong>-A15 and <strong>Cortex</strong>-A7 CPUs<br />
� Second stage of address translation (separate page tables)<br />
Functionality for virtualiz<strong>in</strong>g <strong>in</strong>terrupts <strong>in</strong>side <strong>the</strong> Interrupt Controller<br />
� Functionality for virtualiz<strong>in</strong>g all CPU features, <strong>in</strong>clud<strong>in</strong>g CP15<br />
� Option of a MMU with<strong>in</strong> <strong>the</strong> system to help virtualize IO<br />
� Hypervisor runs <strong>in</strong> new “Hyp” exception mode / privilege<br />
� HVC (Hypervisor Call) <strong>in</strong>struction to enter Hyp mode<br />
� Uses previously unused entry (0X14 offset) <strong>in</strong> vector table for<br />
hypervisor traps<br />
� Hyp mode exception l<strong>in</strong>k register, SPSR, stack po<strong>in</strong>ter<br />
� Hypervisor Control Register (HCR) marks virtualized resources<br />
� Hypervisor Syndrome Register (HSR) for Hyp mode entry reason<br />
5
Virtualization: Third Privilege<br />
� Guest OS same kernel/user privilege structure<br />
� HYP mode higher privilege than OS kernel level<br />
� VMM controls wide range of OS accesses<br />
� <strong>Hardware</strong> ma<strong>in</strong>ta<strong>in</strong>s TZ security (4 th privilege)<br />
6<br />
App1<br />
App2<br />
Guest Operat<strong>in</strong>g System1<br />
App1<br />
Virtual Mach<strong>in</strong>e Monitor / Hypervisor<br />
Non-secure State Secure State<br />
App2<br />
Guest Operat<strong>in</strong>g System2<br />
User Mode<br />
(Non-privileged)<br />
Supervisor Mode<br />
(Privileged)<br />
Hyp Mode<br />
(More Privileged)<br />
TrustZone Secure Monitor (Highest Privilege)<br />
1<br />
2<br />
3<br />
Secure<br />
Apps<br />
Secure<br />
Operat<strong>in</strong>g System<br />
Exceptions<br />
Exception Returns
Memory – <strong>the</strong> Classic Resource<br />
� Before virtualisation – <strong>the</strong> OS owns <strong>the</strong> memory<br />
� Allocates areas of memory to <strong>the</strong> different applications<br />
� Virtual Memory commonly used <strong>in</strong> “rich” operat<strong>in</strong>g systems<br />
7<br />
Virtual address map of<br />
each application<br />
Translations<br />
from<br />
translation<br />
table (owned<br />
by <strong>the</strong> OS)<br />
Physical Address Map
Virtual Memory <strong>in</strong> Two Stages<br />
Stage 1 translation owned<br />
by each Guest OS<br />
Virtual address (VA) map of<br />
each App on each Guest OS<br />
8<br />
Stage 2 translation owned by <strong>the</strong> VMM<br />
“Intermediate Physical” address<br />
map of each Guest OS (IPA)<br />
<strong>Hardware</strong> has 2-stage<br />
memory translation<br />
Tables from Guest OS<br />
translate VA to IPA<br />
Second set of tables from<br />
VMM translate IPA to PA<br />
Allows aborts to be routed to<br />
appropriate software layer<br />
Physical Address (PA) Map
Classic Issue: Interrupts<br />
� An Interrupt might need to be routed to one of:<br />
� Current or different GuestOS<br />
� Hypervisor<br />
� OS/RTOS runn<strong>in</strong>g <strong>in</strong> <strong>the</strong> secure TrustZone environment<br />
� Basic model of <strong>the</strong> <strong>ARM</strong> virtualisation extensions:<br />
� Physical <strong>in</strong>terrupts are taken <strong>in</strong>itially <strong>in</strong> <strong>the</strong> Hypervisor<br />
� If <strong>the</strong> Interrupt should go to a GuestOS :<br />
� Hypervisor maps a “virtual” <strong>in</strong>terrupt for that GuestOS<br />
Operat<strong>in</strong>g System<br />
9<br />
App1<br />
App2<br />
Physical<br />
Interrupt<br />
Virtual<br />
Interrupt<br />
Physical<br />
Interrupt<br />
App1<br />
Guest OS 1<br />
VMM<br />
App2<br />
System without virtualisation System with virtualisation<br />
App1<br />
Guest OS 2<br />
App2
Interrupt Virtualization<br />
� Virtualisation Extensions provides :<br />
� Registers to hold <strong>the</strong> Virtual Interrupt<br />
� CPSR.{I,A,F} bits <strong>in</strong> <strong>the</strong> GuestOS only appl<strong>in</strong>g to that OS<br />
� Physical Interrupts are not masked by <strong>the</strong> CPSR.{I.A.F} bits<br />
� GuestOS changes to I,A,F no longer need to be trapped<br />
10<br />
� Mechanism to route all physical <strong>in</strong>terrupts to Monitor Mode<br />
� Already utilized <strong>in</strong> TrustZone technology based devices<br />
� Virtual Interrupts are routed to <strong>the</strong> Non-secure IRQ/FIQ/Abort<br />
� Guest OS manipulates a virtualized <strong>in</strong>terrupt controller<br />
� Actually available <strong>in</strong> <strong>the</strong> <strong>Cortex</strong>-A9 to aid para<strong>virtualization</strong><br />
support for <strong>in</strong>terrupts
Virtual Interrupt Controller<br />
� New “Virtual” GIC Interface has been Architected<br />
� ISR of GuestOS <strong>in</strong>teracts with <strong>the</strong> virtual controller<br />
� Pend<strong>in</strong>g and Active <strong>in</strong>terrupt lists for each GuestOS<br />
� Interacts with <strong>the</strong> physical GIC <strong>in</strong> hardware<br />
� Creates Virtual Interrupts only when priority <strong>in</strong>dicates it is necessary<br />
� GuestOS ISRs <strong>the</strong>refore<br />
do not need calls for:<br />
� Determ<strong>in</strong><strong>in</strong>g <strong>in</strong>terrupt to<br />
take [Read of <strong>the</strong><br />
Interrupt Acknowledge]<br />
� Mark<strong>in</strong>g <strong>the</strong> end of an<br />
<strong>in</strong>terrupt [Send<strong>in</strong>g EOI]<br />
� Chang<strong>in</strong>g CPU Interrupt<br />
Priority Mask [Current Priority]<br />
11
Virtual GIC<br />
� GIC now has separate sets of <strong>in</strong>ternal registers:<br />
� Physical registers and virtual registers<br />
� Non-virtualized system and hypervisor access <strong>the</strong> physical registers<br />
� Virtual mach<strong>in</strong>es access <strong>the</strong> virtual registers<br />
� Guest OS functionality does not change when access<strong>in</strong>g <strong>the</strong> vGIC<br />
� Virtual registers are remapped by hypervisor so that <strong>the</strong> Guest<br />
OS th<strong>in</strong>ks it is access<strong>in</strong>g <strong>the</strong> physical registers<br />
� GIC registers and functionality are identical<br />
� Hypervisor can set IRQs as virtual <strong>in</strong> <strong>the</strong> HCR<br />
� Interrupts are configured to generate a Hypervisor trap<br />
� Hypervisor can deliver an <strong>in</strong>terrupt to a CPU runn<strong>in</strong>g a virtual process<br />
us<strong>in</strong>g “register lists” of <strong>in</strong>terrupts<br />
12
Virtual <strong>in</strong>terrupt example<br />
� External IRQ (configured as virtual by <strong>the</strong> hypervisor) arrives at <strong>the</strong> GIC<br />
� GIC Distributor signals a Physical IRQ to <strong>the</strong> CPU<br />
� CPU takes HYP trap, and Hypervisor reads <strong>the</strong> <strong>in</strong>terrupt status from <strong>the</strong> Physical<br />
CPU Interface<br />
� Hypervisor makes an entry <strong>in</strong> register list <strong>in</strong> <strong>the</strong> GIC<br />
� GIC Distributor signals a Virtual IRQ to <strong>the</strong> CPU<br />
� CPU takes an IRQ exception, and Guest OS runn<strong>in</strong>g on <strong>the</strong> virtual mach<strong>in</strong>e reads<br />
<strong>the</strong> <strong>in</strong>terrupt status from <strong>the</strong> Virtual CPU Interface<br />
External<br />
Interrupt<br />
source<br />
13<br />
Distributor<br />
Virtual<br />
CPU<br />
Interface<br />
Physical<br />
CPU<br />
Interface<br />
Virtual IRQ<br />
Physical IRQ<br />
Guest OS<br />
CPU<br />
Hypervisor
Resource Ownership<br />
� Software-only approaches<br />
� Access to resources by GuestOS <strong>in</strong>tercepted by <strong>the</strong> VMM<br />
� VMM <strong>in</strong>terprets <strong>the</strong> GuestOS‟s <strong>in</strong>tent<br />
� Provides its own mechanism to meet that <strong>in</strong>tent<br />
� Mechanism of <strong>in</strong>terception varies<br />
� Paravirtualisation adds a hypercall to <strong>the</strong> source code<br />
� B<strong>in</strong>ary translation adds a hypercall to <strong>the</strong> b<strong>in</strong>ary<br />
� Exceptions <strong>in</strong> <strong>Hardware</strong> provide an trapp<strong>in</strong>g of operations<br />
� Hypercalls can be more efficient<br />
� More of <strong>the</strong> <strong>in</strong>tent to be expressed <strong>in</strong> a s<strong>in</strong>gle VMM entry<br />
� <strong>Hardware</strong> assisted approaches:<br />
� Provide fur<strong>the</strong>r <strong>in</strong>direction to resources<br />
� Accelerat<strong>in</strong>g trapped operations by syndrome <strong>in</strong>formation<br />
14
Help<strong>in</strong>g with Virtual Devices<br />
� <strong>ARM</strong> I/O handl<strong>in</strong>g uses memory mapped devices<br />
� Reads and Writes to <strong>the</strong> Device registers have specific side-effects<br />
� Creat<strong>in</strong>g “Virtual Devices” requires emulation:<br />
� Typically reads/writes to devices have to trap to <strong>the</strong> VMM<br />
� VMM <strong>in</strong>terprets <strong>the</strong> operation and performs emulation<br />
� Perfect <strong>virtualization</strong> means all possible devices loads/stores emulated<br />
� Fetch<strong>in</strong>g and <strong>in</strong>terpret<strong>in</strong>g emulated load/store is performance <strong>in</strong>tensive<br />
15<br />
� “Syndrome” <strong>in</strong>formation on aborts available for some loads/stores<br />
� Syndrome unpacks key <strong>in</strong>formation about <strong>the</strong> <strong>in</strong>struction<br />
� Source/Dest<strong>in</strong>ation register, Size of data transfer, Size of <strong>the</strong><br />
<strong>in</strong>struction, SignExtension etc<br />
� If syndrome not available, <strong>the</strong>n fetch<strong>in</strong>g of <strong>the</strong> <strong>in</strong>struction for<br />
emulation still required
Devices and Memory<br />
� Provid<strong>in</strong>g address translation for devices is important<br />
� Allows unmodified device drivers <strong>in</strong> <strong>the</strong> GuestOS<br />
� If <strong>the</strong> device can access memory, GuestOS will program it <strong>in</strong> IPA<br />
� <strong>ARM</strong> virtualisation adds option for a “System MMU”<br />
� Enables second stage memory translations <strong>in</strong> <strong>the</strong> system<br />
� A System MMU could also provide stage 1 translations<br />
� Allows devices to be programmed <strong>in</strong>to guest‟s VA space<br />
� System MMU natural fit for <strong>the</strong> processor ACP port<br />
� <strong>ARM</strong> def<strong>in</strong><strong>in</strong>g a common programm<strong>in</strong>g model<br />
� Intent is for <strong>the</strong> system MMU to be hardware managed us<strong>in</strong>g<br />
Distributed Virtual Messages found <strong>in</strong> AMBA 4 ACE<br />
16
Potential of System MMU<br />
17
Partition<strong>in</strong>g <strong>in</strong> a Secure <strong>ARM</strong> System<br />
� <strong>ARM</strong> TrustZone technology def<strong>in</strong>e two worlds<br />
� Everyth<strong>in</strong>g must live <strong>in</strong> Normal World or Secure World<br />
� TrustZone-Enhanced processor exports World Information<br />
� Via NS bit (Not Secure) on system bus s<strong>in</strong>ce AMBA 3 AXI<br />
� TrustZone-Aware devices can partition across both worlds<br />
� Only AMBA AXI compatible devices can be TrustZone-aware<br />
� AMBA 3 AXI Interconnect decodes TZ like an address l<strong>in</strong>e<br />
� AMBA AHB and APB do not conta<strong>in</strong> TrustZone <strong>in</strong>formation<br />
� AHB and APB devices live <strong>in</strong> only one World<br />
� Groups of peripherals can be managed from bus <strong>in</strong>terface<br />
� Inclusion of TrustZone Peripheral Controller gives more control<br />
18
Base Secure System<br />
� M<strong>in</strong>imal TrustZone System required for payment solutions<br />
� Protects On-Chip Secure Ram area via TrustZone Memory Adaptor<br />
� Keyboard and screen secured dynamically to protect PIN entry<br />
� Master Key and Random Number Generators for daughter-keys<br />
permanently secures. Non-volatile counters required for state<br />
management & anti-rollback (fuse based not non-volatile memory due<br />
to process geometry limitations)<br />
19
Extended Secure System<br />
� Extended TrustZone system enables complex content<br />
management<br />
� Builds on Base Secure System<br />
� + TrustZone ASC to protect media <strong>in</strong> RAM and off-chip decode<br />
� + On-chip Crypto, Media Accelerators & DMA Controller for media<br />
handl<strong>in</strong>g<br />
20
Propagat<strong>in</strong>g System Security<br />
NS : Not Secure - treated like an address l<strong>in</strong>e<br />
21
Multi-Cluster Virtualization<br />
� Works just like with a s<strong>in</strong>gle cluster MPCore system<br />
� Guest OS (like threads) can migrate from CPU to CPU across clusters<br />
� External (virtual) GIC used to handle <strong>in</strong>terrupts<br />
� Functions <strong>the</strong> same as <strong>in</strong>ternal GIC, but accessed by multiple CPUs<br />
� AMBA Coherency Extensions (ACE)<br />
� Manages coherency across clusters<br />
� System MMU allows o<strong>the</strong>r bus masters to map from IPA to PA<br />
� Hypervisor needs to be aware of different clusters and CPUs<br />
� But aga<strong>in</strong>: it is just like a s<strong>in</strong>gle cluster system<br />
� <strong>Hardware</strong> requirements are <strong>the</strong> same as non-virtualized multi-cluster<br />
� Just make sure <strong>the</strong>re‟s enough memory<br />
22
ig.LITTLE Multi-Process<strong>in</strong>g<br />
� “Big” processor is paired with a “little” processor<br />
� Processors share exact same ISA and feature set<br />
� High performance tasks run on <strong>the</strong> Big processor<br />
� Lightweight/non-time-critical tasks run on <strong>the</strong> little processor<br />
� Best of both worlds solution for high performance and low power<br />
� big.LITTLE Use Models<br />
� big.LITTLE Switch (Swapp<strong>in</strong>g) – one CPU cluster active at a time<br />
� big.LITTLE MP – both CPUs can be active, loads dynamically balanced<br />
23<br />
Tags<br />
<strong>Cortex</strong>-<br />
A15<br />
SCU<br />
L2<br />
Tags<br />
K<strong>in</strong>gfisher<br />
SCU<br />
Cache Coherent Interconnect<br />
L2<br />
Auxiliary<br />
Interfaces
PERFORMANCE<br />
System Characteristics of big.LITTLE<br />
24<br />
SMS & Voice do<br />
not need a 1GHz<br />
processor<br />
You do not know what<br />
comb<strong>in</strong>ation of apps <strong>the</strong><br />
user will use, but <strong>the</strong><br />
Smartphone must<br />
cont<strong>in</strong>ue to be responsive<br />
Browser needs full<br />
performance for complex<br />
render<strong>in</strong>g but very little if<br />
<strong>the</strong> page is just be<strong>in</strong>g read
ig.LITTLE Process<strong>in</strong>g<br />
� Right sized Core for <strong>the</strong> Right Task<br />
� <strong>Cortex</strong>-A7 enabled by default with sufficient<br />
performance for common usage scenarios<br />
� <strong>Cortex</strong>-A15 performance for best user experience<br />
� Software alignment allows execution to migrate between cores<br />
� Transparent to user, application and OS<br />
� Optimizes system workload based on application requirements<br />
� Extend<strong>in</strong>g exist<strong>in</strong>g power management<br />
� Additional benefit though OS Power Management Policy tun<strong>in</strong>g<br />
� End-product delivers longer battery life and richer user<br />
experience at <strong>the</strong> same time<br />
25
Putt<strong>in</strong>g toge<strong>the</strong>r a big.LITTLE System<br />
� <strong>Cortex</strong>-A15 and <strong>Cortex</strong>-A7 clusters are cache coherent<br />
� CCI-400 ma<strong>in</strong>ta<strong>in</strong>s cache-coherency between clusters<br />
� GIC-400 provides transparent virtualized Interrupt control<br />
� Supports all big.LITTLE usage models<br />
128-bit AMBA 4<br />
26<br />
<strong>Cortex</strong>-A15<br />
A15<br />
A15<br />
SCU + L2 Cache<br />
GIC-400<br />
128-bit AMBA 4<br />
Virtual GIC<br />
<strong>Cortex</strong>-A7<br />
A7<br />
A7<br />
SCU + L2 Cache<br />
CoreL<strong>in</strong>k CCI-400 Cache Coherent Interconnect<br />
System Memory<br />
• Full task migration (active<br />
to active) <strong>in</strong> less than<br />
20K cycles<br />
• Cache coherency managed<br />
<strong>in</strong> hardware<br />
• 128-bit system transactions<br />
• Virtualization manager can<br />
map OS ei<strong>the</strong>r across or<br />
between clusters
Forms of big.LITTLE<br />
� big.LITTLE cluster switch<strong>in</strong>g<br />
� OS sees big cores or little cores at any one time<br />
� Eases deployment of software on big.LITTLE platforms<br />
� M<strong>in</strong>imizes OS changes by extend<strong>in</strong>g DVFS framework<br />
� Symmetric big/little clusters currently preferred<br />
� Concurrent big.LITTLE<br />
� OS sees all CPUs all <strong>the</strong> time; better energy and<br />
performance match<strong>in</strong>g of compute to workload<br />
� Asymmetric clusters supported<br />
� Expected to be <strong>the</strong> preferred use model eventually<br />
27<br />
A15 A15<br />
� Requires OS improvements and changes for efficient operation<br />
� Co-ord<strong>in</strong>ation of MP schedul<strong>in</strong>g, power policies, environmental<br />
conditions<br />
L2$<br />
A15 A15<br />
L2$<br />
OS Switched<br />
OS Spans<br />
Clusters<br />
KF KF<br />
L2$<br />
KF KF<br />
L2$
Virtualization and TrustZone<br />
� TrustZone coexists alongside a VMM<br />
Normal<br />
World<br />
� TrustZone offers a specialised type of Virtualisation<br />
� Only 2 „Worlds‟ – not extendable (except through para<strong>virtualization</strong>)<br />
� Although VMM can also span both worlds<br />
� Fourth privilege level is provided by CPU‟s secure monitor mode<br />
� Non-symmetrical - The two „Worlds‟ are not equal<br />
� Secure world can access both worlds (33bit address<strong>in</strong>g)<br />
28<br />
App1 (EPG)<br />
App2<br />
Guest Operat<strong>in</strong>g System1<br />
App1 (Flash)<br />
Guest Operat<strong>in</strong>g System2<br />
Virtual Mach<strong>in</strong>e Monitor (VMM) or<br />
Hypervisor<br />
App2<br />
HARDWARE (Memory, <strong>ARM</strong> CPU, I/O Devices)<br />
Secure<br />
Monitor<br />
Secure<br />
Apps<br />
Secure<br />
RTOS<br />
Secure<br />
World
Spann<strong>in</strong>g Hypervisor Framework<br />
29<br />
<strong>ARM</strong> Non-Secure Execution Environment <strong>ARM</strong> Secure Execution Environment<br />
User<br />
Exception Level<br />
(Application Layer)<br />
Kernel/Supervisor<br />
Exception Level<br />
HYP(ervisor)<br />
Exception Level<br />
Accelerators<br />
(eg DSP / GPU)<br />
TZ Monitor<br />
Exception Level<br />
A<br />
P<br />
P<br />
API<br />
Open OS<br />
& Drivers<br />
Driver<br />
(OpenMP RT)<br />
Open Platform Hypervisor<br />
Full Virtualization<br />
Virtualized<br />
Heterogeneous<br />
A<br />
P<br />
P<br />
(KVM)<br />
A<br />
P<br />
P<br />
A<br />
P<br />
P<br />
Open OS<br />
(L<strong>in</strong>ux)<br />
API<br />
Resource Driver<br />
Virtualized TZ Call<br />
Secured<br />
Services<br />
Doma<strong>in</strong><br />
TrustZone Monitor<br />
SoC SoC<br />
Management<br />
Doma<strong>in</strong>s Doma<strong>in</strong><br />
(ST/TEI)<br />
Resource API<br />
RTOS/uKernel<br />
Para-<strong>virtualization</strong><br />
with platform service API‟s<br />
Virtualized TZ Call<br />
Platform<br />
Resources<br />
NoC<br />
sMMU<br />
Coherence<br />
Secured hw<br />
timer (tick)<br />
This project <strong>in</strong> <strong>ARM</strong> is <strong>in</strong> part<br />
funded by ICT-Virtical, a European<br />
project supported under <strong>the</strong><br />
Seventh Framework Programme<br />
(7FP) for research and<br />
technological development<br />
Project website<br />
http://www.virtical.eu
Summary<br />
� <strong>Hardware</strong> based Virtualization Extensions were <strong>in</strong>troduced <strong>in</strong><br />
<strong>the</strong> soon-available <strong>Cortex</strong>-A15<br />
� Also found <strong>the</strong> <strong>in</strong> <strong>the</strong> recently announce <strong>Cortex</strong>-A7<br />
� Enables full b<strong>in</strong>ary compatible <strong>virtualization</strong> of <strong>the</strong> CPU<br />
� Support<strong>in</strong>g both exist<strong>in</strong>g and new market scenarios<br />
� Extended <strong>in</strong>to <strong>the</strong> system and IO through <strong>the</strong> system MMU<br />
� Independent of <strong>the</strong> TrustZone environment<br />
� Provid<strong>in</strong>g both a secure environment, and a virtualizable non-secured<br />
environment<br />
� Software models available now, first silicon 2H2012<br />
30