1. Technical Field
The present invention relates generally to the field of computer architecture and, more specifically, to methods and systems for managing resources among multiple operating system images within a logically partitioned data processing system.
2. Description of Related Art
A logical partitioning (LPAR) functionality within a data processing system (platform) allows multiple copies of a single operating system (OS) or multiple heterogeneous operating systems to be simultaneously run on a single data processing system platform. A partition, within which an operating system image runs, is assigned a non-overlapping sub-set of the platform""s resources. These platform allocable resources include one or more architecturally distinct processors with their interrupt management area, regions of system memory, and I/O adapter bus slots. The partition""s resources are represented by the platform""s firmware to the OS image.
Each distinct OS or image of an OS running within the platform are protected from each other such that software errors on one logical partition cannot affect the correct operation of any of the other partitions. This is provided by allocating a disjoint set of platform resources to be directly managed by each OS image and by providing mechanisms for ensuring that the various images cannot control any resources that have not been allocated to it. Furthermore, software errors in the control of an OS""s allocated resources are prevented from affecting the resources of any other image. Thus, each image of the OS (or each different OS) directly controls a distinct set of allocable resources within the platform.
One problem with standard computer systems is that the input/output (I/O) sub-systems are designed with several I/O adapters (IOAs) sharing a single I/O bus. An OS image contains device drivers that issue commands that directly control their IOA. One of these commands contains Direct Memory Access (DMA) addresses and lengths for the I/O operation being programmed. Errors in either the address or length parameters could send or retch data to or from the memory allocated to another image. The result of such an error would be the corruption or theft of hc data of another OS image within the data processing system. Such occurrence would be a violation of the requirements of a logically partitioned data processing system. Therefore, a method, system, and apparatus for preventing the I/O used by one OS image within a logically partitioned system from corrupting or fetching data belonging to another OS image within the system is desirable.
The present invention provides a method, system, and apparatus for preventing input/output (I/O) adapters used by an operating system (OS) image, in a logically partitioned data processing system, from fetching or corrupting data from a memory location allocated to another OS image within the data processing system. In one embodiment, the data processing system includes a plurality of logical partitions, a plurality of operating systems (OSs), a plurality of memory locations, a plurality of I/O adapters (IOAs), and a hypervisor. Each of the operating system images is assigned to a different one of the logical partitions. Each of the memory locations and each of the input/output adapters is assigned to one of the logical partitions. The hypervisor prevents transmission of data between an input/output adapter in one of the logical partitions and memory locations assigned to other logical partitions during a direct memory access (DMA) operation by assigning each of the input/output adapters a range of I/O bus DMA addresses. When a request, from an OS image, to map some of its memory to for a DMA operation is received, the hypervisor checks that the memory address range and the I/O adapter are allocated to the requesting OS image and that the I/O bus DMA range is within that allocated to the I/O adapter. If these checks are passed, the hypervisor performs the requested mapping; otherwise the request is rejected.