1. Field of Invention
The present invention relates to virtualization technology, and, more particularly to a thin hypervisor for native execution of an unsafe code.
2. Background Art
With Virtual Machine (VM) technology, a user can create and run multiple operating environments on a Host server at the same time. Each Virtual Machine requires its own guest operating system (GOS) and can run applications independently.
Each VM acts as a separate execution environment, which reduces the risk and allows developers to quickly re-create different operating system (OS) configurations or compare versions of applications designed for different OS's for as long as the integrity of data used by each of the VMs is provided. Generally, a Virtual Machine is an environment that is launched on a particular processor (a host) that is running a host operating system (HOS) and the VM runs the Guest OS.
A hypervisor provides a layer between the computing, storage, and networking hardware and the software that runs on it. Using hypervisor-assisted virtualization requires a privileged hypervisor kernel module running on a protected mode ring 0, managing root mode and handling virtual machine control structures (VMCS) for VMs. However, applications sold through Mac App Store, App Store, Google Play, Windows Market are not allowed to have protected mode ring 0 and root privileges and to use personal drivers. These limitations prevent publishing of virtualization applications.
Many users would like to have products that support virtualization to have the benefit of multiple guest OSs running in parallel on the same host computer. The processor privileges for entering into root mode required for hardware assisted virtualization are not allowed by software distribution rules. Applications deployed from online stores (such Mac App Store, App Store, Google Play, Windows Market) run in an isolated environment (so called “sandbox”) having very limited system functions access. System API calls are controlled by a host operating system. Only limited standardized API functions calls (frameworks), which are explicitly declared as compatible with sandboxed environment, are allowed in applications deployed from the stores. The applications must be registered and distributed without the drivers and using ring 0 and root privileges.
Accordingly, there is a need in the art for special standardized thin hypervisor for using hardware virtualization capabilities of modern processors with Mac App Store, App Store, Google Play, Windows Market and similar products.