Hypervisor makes efficient use of Imagination’s MIPS CPUs
The latest release of the open source L4Re hypervisor, maintained by Kernkonzept, now supports Imagination’s OmniShield ready MIPS CPUs. The small footprint L4Re hypervisor can take advantage of the hardware virtualisation technology in MIPS CPUs for more efficient context switching and better use of CPU cycles, leading to improved application headroom.
Hardware virtualisation is quickly gaining attention beyond its traditional home in the datacentre for the benefits it provides across numerous application areas from IoT to consumer to automotive to industrial and beyond. With this technology, connected devices can be designed with numerous distinct domains in which multiple operating systems and applications can run independently at the same time on a single platform.
Built in to the latest MIPS CPUs and other processor families, Imagination’s OmniShield technology leverages hardware virtualisation to enable the creation of multiple domains on a single SoC. The L4Re operating system is an ideal match: it works with systems that need to consolidate multiple applications with differing security, safety or real-time requirements. With OmniShield-enabled MIPS CPUs, the L4Re hypervisor makes it possible for multiple isolated tenants or guests to run on the same host, authorising access to on-chip resources, prioritising use of shared resources, allocating and managing service interrupts from external sources and peripherals, and more.
Jim Nicholas, Executive Vice President, MIPS Processor IP, Imagination, commented: “As Imagination continues to expand its MIPS ecosystem and OmniShield security offerings, we are delighted to work with Kernkonzept to bring the proven, highly efficient L4Re hypervisor to MIPS. Open source technologies like L4Re, where entire communities are responsible for developing and maintaining the code, can lead to inherently more reliable systems. We’re seeing a great deal of interest in L4Re for MIPS.”
“Our engagement with Imagination is extremely collaborative and has already led to great value for both companies. The collaboration is enabling us to take the L4Re operating system into new areas. This technology is already quite strong in areas including government and military. Now it’s making its way into embedded markets such as WiFi routers, cable set-top boxes, home gateways and automotive where MIPS CPUs have a strong presence,” added Michael Hohmuth, CEO, Kernkonzept.
New demonstration vehicle highlights the benefits of hardware virtualisation
The open source prpl Foundation, with its members Imagination and Kernkonzept, worked to create a demonstration vehicle that enables companies to see and try out the capabilities of hardware virtualisation for themselves. It illustrates the power of a separation-based architecture in providing reliability and ease-of development for next-gen connected devices.
The demonstration builds on prpl’s proof-of-concept demonstration earlier this year of its prplSecurity framework - a comprehensive collection of open source APIs providing hardware-level security controls. That was one of the first public demonstrations of hardware enforced multi-tenant OpenWrt, the Linux distribution at the heart of most of the world’s home gateways.
The new demonstration features several domains including two instances of OpenWrt - one that isolates the WiFi radio and another that enables access to networking devices. With evolving WiFi channel and frequency regulations, it’s important to ensure the radio is completely isolated, while letting users update their OS and install their own applications on the system. Additional domains can be used for provisioning of third party services such as those from operators and service providers.
The L4Re operating system is an open-source system framework for building applications with real-time, security, safety and virtualisation requirements. The L4Re system is built on the principle of a minimal Trusted Computing Base: minimise an application’s attack area by modularisation and by reducing its dependencies. It consists of the L4Re hypervisor/microkernel, user-level infrastructure for building trusted native L4Re microapps and virtual-machine support for running various standard OSes in isolated compartments.
The L4Re hypervisor for MIPS is available now at www.kernkonzept.com/download.html. Kernkonzept also provides a supported version of the L4Re hypervisor.