SVM Hypervisor in Rust, Part 0
Introduction#
Hypervisors are simple, but deceptively simple. From a distance, a Hypervisor (or a Virtual Machine Manager) is more or less a small operating system used to manage, well, virtual machines. Of course, we don’t live in a world where there is a universal standard for every processor. Most people in the world have Intel processors, which uses a different implementation of managing virtual machines.
Differences between SVM and VMX#
The most glaring and obvious difference between the Secure Virtual Machine (AMD) and the Virtual Machine Extension (Intel) is AMD’s use of the “Global Interrupt Flag”. The Global Interrupt Flag (or GIF, for short) is a bit that controls, to put it simply, if certain interrupts are taken by the processor, this does wonders for virtual machines, as, unlike Intel, you basically are given an easy way of isolating your host operating system from your guest operating system. Here’s a table of the effect of the GIF on certain interrupts:
| Interrupt Source | GIF == 0 | GIF == 1 |
|---|---|---|
| Debug trace trap due to EFLAGS | Normal operation | Normal operation |
| NMI | Held pending | Normal operation |
| INTR | Held pending | Normal operation |
Wow! So that means you can block things such as Nonmaskable Interrupts without having to set up your own VMM IDT! That makes it easier for the programmer and adds another layer of security.
In terms of other differences, it is mainly the same song and dance between Intel and AMD. Intel has a Virtual Machine Control Structure and AMD has a Virtual Machine Control Block. (VMCB), etc. We will get to the specifics later.
Let’s create one!#
I will take you through a step-by-step guide of writing your own hypervisor in Rust, from booting it to having a full operating system to manage… your other operating system! You should have a basic understanding of the x86 architecture.