From cb374a2c81f828c426a80d02cc0cbd79dc79b9e5 Mon Sep 17 00:00:00 2001 From: David Cerdeira Date: Wed, 4 Sep 2024 12:04:11 +0100 Subject: [PATCH] feat: About Add bao introduction to about section. Signed-off-by: David Cerdeira --- source/bao_hyp/overview.rst | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/source/bao_hyp/overview.rst b/source/bao_hyp/overview.rst index 802d341..249e699 100644 --- a/source/bao_hyp/overview.rst +++ b/source/bao_hyp/overview.rst @@ -1,2 +1,21 @@ Overview ======== + +Bao (from Mandarin Chinese “bǎohù”, meaning “to protect”) is a lightweight, +open-source embedded hypervisor which aims at providing strong isolation and +real-time guarantees. Bao provides a minimal, from-scratch implementation of +the partitioning hypervisor architecture. Designed mainly for targeting +mixed-criticality systems, Bao strongly focuses on isolation for +fault-containment and real-time behavior. Its implementation comprises only a +minimal, thin-layer of privileged software leveraging ISA virtualization +support to implement the static partitioning hypervisor architecture: resources +are statically partitioned and assigned at VM instantiation time; memory is +statically assigned using 2-stage translation; IO is pass-through only; virtual +interrupts are directly mapped to physical ones; and it implements a 1-1 +mapping of virtual to physical CPUs, with no need for a scheduler. Bao has no +external dependencies, such as on privileged VMs running untrustable, large +monolithic general-purpose operating systems (e.g., Linux), and, as such, +encompasses a much smaller TCB. Bao originally targets the Armv8-A +architecture, but there is experimental support for the RISC-V architecture. + +