Jump to navigation Jump to search

Configuration checker for Jailhouse Hypervisor

Summary: Validate Jailhouse configurations against a set of consistency rules

The Jailhouse hypervisor uses low-level configuration files in order to describe the partitioning of a system. These files are currently not checked for consistency and are rather easy to get wrong. Not all errors that the system designer may make can be identified, but at least a good part of them can.

The goal of this task is to enhance the existing Python-based tooling around Jailhouse to take a set of configurations (system+root-cell configuration and all at simultaneously active non-root cell configs), run a predefined list of checks against them and report any findings. This could look like that:

  # jailhouse config check ROOT.cell NON-ROOT-A.cell NON-ROOT-B.cell ...
  Error: MSI-X region of PCI device 00:01.2 directly mapped into NON-ROOT-A

The input to the checker shall be binary config files for which Jailhouse already has a parsing module that translate them into Python objects.

Rules that should at least be validated are:

  • memory region overlaps
  • invalid pass-through of critical resources (MSI-X, irq controllers, PCI config ports etc.)
  • inconsistencies between root and non-root configs (e.g duplicate assignments of resources, missing root-cell access to loadable memory regions of non-root cells etc.)
  • fully zero-initialized entries in configuration array (indicates missing elements)
  • invalid PCI capability or shared-memory region indices

The rules will be further detailed as the project starts. A bonus task can be the definition of additional rules, based on the analysis of the configuration format and its semantics.



  • Skill level: intermediate
  • Language: Python, C
  • Mentor: Jan Kiszka <>