Service Architecture#
As part of the NVIDIA DRIVE AGX™ Platform, the NVIDIA virtualization solution provides a framework of Foundation Services that aggregate guest operating system agnostic software and firmware components for use with automotive components.
Foundation Services#
The NVIDIA virtualization solution takes advantage of microkernel technology that enables a minimal amount of software to run in the CPU supervisory mode. The following virtualization services run in this mode:
Time partitioning and scheduling.
Space partitioning for access to memory.
Inter-process communication between operating systems.
Real-time automotive AUTOSAR applications.
Real-time and deterministic GPU-sharing for graphics.
Additionally, the NVIDIA virtualization configuration solution provides:
Isolation
Parallelism
Safety
Robustness
Performance
Platform Virtualization Architecture#
The following diagram shows the platform virtualization architecture.
Each component in the architecture is explained as follows.
Component |
Description |
---|---|
Guest OS |
Allocates peripherals that Guest OS needs to control. |
Services |
Services for NVIDIA DRIVE® Update. |
Virtualized Servers |
See Virtualization Servers for details. |
Hypervisor |
Trusted Software server that separates the system into partitions. Each partition can contain an operating system or a bare-metal application. The Hypervisor manages:
Hypervisor is optimized to run on the ARMv8.2 Architecture. |
Bootloader |
Firmware that runs during boot to load firmware components, such as boot images, partition images, and other firmware. |
Trusted OS |
Trusted OS configuration in the PCT describes the configuration of the virtual Trusted OS device. |
NVIDIA DRIVE AGX Orin™ SoC |
System on a Chip hardware resources. |
Virtualized Servers#
The virtualized configurable servers are as follows. Additional information for other servers is planned for a future release.
Server Name |
Description |
---|---|
Provides high-level coordination of the System and Partition State Transitions, including:
|
|
Boot and Power Manager Processor (BPMP) Server |
Facilitates communication between Guest OS Virtual Machines (VM) and BPMP firmware. |
Virtual Machine (VM) Server |
host1X virtualizes NvHost. |
Para-virtualizes storage access to enable sharing physical storage devices among multiple Guest OS Virtual Machines (VM). |
|
Security Engine (SE) Server |
Para-virtualizes and allows multiple Guest OS Virtual Machines (VM) access to the security engine cryptographic hardware accelerator. |
Display |
Display has a Server component and a Guest component. The Display Server runs on DCE-FW and CCPLEX and handles sharing of display between multiple Guest OS Virtual Machines. The Guest component is a para-virtualized display client driver running inside of each Guest OS Virtual Machine that has display support. |
GPU |
Runs on top of the virtualization core and handles sharing of GPU between multiple client Guest OS Virtual Machines. The GPU virtualization also includes the para-virtualized GPU client driver running inside of each Guest OS Virtual Machine. |
Trusted Applications (TA) |
Through Trusted Applications, Trusted OS exposes a set of core services that use managed security assets in cryptographic operations without exposing them to non-secure guest software. |
Provides support for kernel-level debugging of Guest OS Virtual Machines (VM). |