The QHS and other QNX hypervisors (“the hypervisor”), are designed to meet
the expectations of a hypervisor specified by the Popek/Goldberg Theorem.
CAUTION:
Read this chapter and understand its contents before you attempt to use
the hypervisor. A few minutes spent with this chapter now will save you a great
deal of time in the future.
The Popek/Goldberg Theorem
The Popek/Goldberg Theorem specifies that a hypervisor should meet the following
three criteria:
- Equivalence
- Virtual machines (VMs) running in the hypervisor are essentially the same as
the underlying hardware. A guest does not need to be aware that it is
running in a VM in order to function properly.
- The above statement does not preclude the use of para-virtualized devices
(see “Para-virtualized devices”) or other
strategies that require virtualization awareness. Such strategies may be
used to provide functionality and improve performance.
- Safety
- With the exception of guest access to pass-through device memory, the
hypervisor maintains control of the hardware at all times, regardless of
what the guests are doing. It controls guests' abilities to access hardware
devices, limits guests' ability to access host-physical memory to their
assigned memory regions, has ultimate control over scheduling, manages
interrupt routing, and has the ability to terminate a guest, regardless of
what the guest may be attempting to do.
- Performance
- Execution of programs running in VMs is only minimally slower than when
running directly on the hardware.
See “The Popek/Goldberg Theorem” in Edouard Bugnion, Jason Nieh and
Dan Tsafrir, Hardware and Software Support for Virtualization (Morgan
& Claypool, 2017).