geohot/kvm-kext geohot/kvm-kext

  • Stars
    star
    108
  • Rank 313,746 (Top 7 %)
  • Language
    C
  • Created over 9 years ago
  • Updated about 9 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
geohot/kvm-kext
github

geohot

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

An implementation of /dev/kvm for Mac OS X

kvm-kext

An implementation of the kvm interface on OS X. Exposes /dev/kvm in almost the same way Linux does(see below for differences).

Project for 15-412 by George Hotz. Released under GPLv2. Helper functions borrowed from the Linux Kernel. Currently capable of booting the virtual Linux system in bintest/bootfd.img.

Do not rely on this for any sort of secure virtualization. /dev/kvm is currently world owned.

Description

kvm (for Kernel-based Virtual Machine) is an interface to run virtual machines with acceleration by the hardware. kvm-kext implements enough of the kvm API to run 32-bit Linux accelerated by Intel VMX on OS X and put a console on a serial port.

Usage

Installing KEXT

  • ./build.sh should build and install the kext
  • See Homebrew/legacy-homebrew#31164 for cause of issues with 10.10
  • Use "nvram boot-args=kext-dev-mode=1" to fix. This is a dangerous command.
  • Currently doesn't codesign since the above fix doesn't require it.

Using homebrew to fetch QEMU build prerequisites

  • Install homebrew and run "brew doctor"
  • "brew install apple-gcc42"
  • "for i in $(brew deps qemu); do brew install $i; done"

Building QEMU with kvm support

  • ./get-qemu.sh should just work, doesn't install
  • Based on qemu-2.2.0 and makes two minor patches

Booting Test Linux

  • ./test.sh

Differences from Linux API

  • OS X's ioctl cannot return numbers other than 0 or -1, so we look in errno
  • The FD functions do not create new FDs, so you have to set the return value to the current fd in userspace. Consequently, only one VM and CPU are allowed per open of /dev/kvm.
  • The ioctl's with a 0 length array as the last parameter have to also pass in their user space address.
  • KVM_SET_PIT and KVM_SET_IRQCHIP incorrectly used IOR in the Linux header, so the numbers don't match Linux.

mmaping of drivers is not allowed in OS X, so we add an ioctl KVM_MMAP_VCPU to behave like mmaping the VCPU.

See include/kvm-kext-fixes.h for fixes to these issues

Known Issues

  • The timer interrupt is generated using the host timer. Is this correct behavior?
  • There's still a bug causing a kernel panic sometimes, mitigated somewhat by a big mutex and disabling interrupts in kvm_irq_line. Don't know why this fixes it.
  • All memory passed into KVM_SET_USER_MEMORY_REGION is wired in when that ioctl is run.
  • The FPU is unimplemented, might leak state between host and guest?
  • APICs and DRs don't work at all.
  • Much of the API is still unimplemented.
  • QEMU VGA doesn't seem to work, unsure why. MMIO?

More Repositories

1

qira

QEMU Interactive Runtime Analyser
C
3,806
star
2

fromthetransistor

From the Transistor to the Web Browser, a rough outline for a 12 week course
3,512
star
3

minikeyvalue

A distributed key value store in under 1000 lines. Used in production at comma.ai
Go
2,791
star
4

corona

Reverse engineering SARS-CoV-2
Python
2,450
star
5

ai-notebooks

Some ipython notebooks implementing AI algorithms
Jupyter Notebook
959
star
6

twitchslam

A toy implementation of monocular SLAM written while livestreaming
Python
941
star
7

configuration

Like some files bro
Haskell
379
star
8

tinyvoice

Letting computers listen to you and really care
Jupyter Notebook
361
star
9

twitchchess

like twitchslam, for chess
Python
349
star
10

lolrecaptcha

We try to break the recaptcha for the Merry Christmas for all!
Go
292
star
11

mergesorts

mergesort in many languages
Shell
254
star
12

twitchcore

It's a core. Made on Twitch.
Verilog
229
star
13

cuda_ioctl_sniffer

Sniff CUDA ioctls
C
147
star
14

eda-reversing

The Embedded Disassembler
C++
110
star
15

twitchcoq

It's a poorly named metamath verifier
Prolog
104
star
16

twitchtactoe

Tic Tac Toe in React because it is Simple Skills Sunday
JavaScript
102
star
17

battlechess

A distributed decentralized chess tournament
Python
99
star
18

tinyxxx

tiny corporation website
HTML
96
star
19

hammer-website

HTML
71
star
20

edgetpuxray

Enabling tinygrad compatibility with the Google Edge TPU
C++
68
star
21

pie

Computing digits of pi for the people
JavaScript
68
star
22

eda-2

Even better than eda-reversing...I hope
C++
61
star
23

haskell-scheme

Writing Scheme in Haskell
Haskell
58
star
24

twitchctw

compression = AI
Python
53
star
25

coq-hardy

Formalizing the Theorems from Hardy's "An Introduction to the Theory of Numbers" in coq
Coq
52
star
26

freethedsp

For winners only. Are you a winner?
C
40
star
27

twitchcoins

Python
36
star
28

openhexagon

An attempt at an open source toolchain for the Hexagon DSP
Shell
35
star
29

crappycase

So many shitty coders: Adobe, Blizzard, Valve. This is a case insensitivity emulator.
C
29
star
30

body_loop

comma body does a loop around the office
Python
28
star
31

amdgpu-dkms

Unpacking AMD's dkms packages
C
25
star
32

jenkyiphonetools

iPhone Tools of the lowest quality
Python
25
star
33

lowqualityraytracer

ever wonder how to raytrace? me too. i love america
Python
25
star
34

commaled

comma.ai LED controller cause the car needs some lights bro. SWAG!
Assembly
25
star
35

trinity-osxnew

C
22
star
36

aes_serial

There is so much swag in the world, just some of it is hidden -- Gandalf
C
17
star
37

eda-3

eda-3 from many years ago
JavaScript
13
star
38

collfun

It's Christmas time, you know what it is
Python
11
star
39

nnweights

6
star
40

7900xtx

5
star
41

gpysieve

ghetto sieves in python that don't work
Python
4
star
42

angr-travis

Run travis-ci testing on release version of angr
Shell
4
star
43

tt06-fp4-mac

FP4 MAC Array
Tcl
3
star
44

tt-twitch

tenstorrent kernel from twitch
C++
2
star