Contributed by rueda on from the this isn't your Queen's bhyve dept.
Dave Voutila (
a change which brings a multi-process model to
enhancing both security and performance:
CVSROOT: /cvs Module name: src Changes by: email@example.com 2023/04/27 16:47:27 Modified files: usr.sbin/vmd : Makefile dhcp.c vioqcow2.c vioraw.c virtio.c virtio.h vm.c vmd.c vmd.h vmm.c Added files: usr.sbin/vmd : vioblk.c vionet.c Log message: vmd(8): introduce multi-process model for virtio devices. Isolate virtio network and block device emulation in dedicated processes, forked and exec'd from the vm process. This allows for tightening pledge promises to just "stdio". Communication between the vcpu's and these devices now occurs via imsg channels, which adds the benefit of not always blocking the vcpu thread while emulating the device.
With this commit, it's possible that vmd is the first open source hypervisor that *defaults* to a multi-process device emulation model without requiring any additional configuration from the operator. Testing help from phessler@ and Mischa Peters. ok mlarkin@
(Comments are closed)
By brynet (Brynet) firstname.lastname@example.org on https://brynet.ca/
vmd(8) already was multi-process from the very beginning, fork+exec was added subsequently by reyk@ in 2016 . This was extended to vm processes earlier this month .
More specifically, this moves to a multi-process model for _device emulation_., splitting out virtio network/disk emulation into separate processes. This has a lot of benefits, not just in improving the security model, but also perhaps in the long term improved performance.