en.Wedoany.com Reported - BlueRock has released the latest open-source version of the NOVA Microhypervisor, adding DMA remapping support for AMD platforms equipped with IOMMU hardware virtualization capabilities. This feature is enabled by default, extending hardware-level isolation across virtual machines, devices, and memory within a shared execution environment.

NOVA integrates microkernel and hypervisor functionalities within a small Trusted Computing Base, employing a capability-based authorization model to provide virtualization, spatial and temporal isolation, scheduling, communication, and platform resource management. Multiple unmodified guest operating systems can run concurrently on machines supporting hardware virtualization. The codebase is almost entirely written in C++, with approximately 3.7% assembly language, supporting ARMv8-A (aarch64) and x86_64 processors, including Intel VT-x (VMX, EPT) and AMD-V (SVM, NPT). The aarch64 build design supports boards from Allwinner, Amlogic, Broadcom, HiSilicon, NVIDIA, NXP, Qualcomm, Renesas, Rockchip, Texas Instruments, and Xilinx.

AMD IOMMU integration is a core execution mechanism within the NOVA platform. NOVA can prevent hardware devices assigned to one virtual machine from accessing the memory of adjacent workloads, enforcing memory access control at per-device and per-memory-page granularity. It aborts unauthorized memory transactions via the IOMMU and can optionally log DMA remapping faults for diagnostic analysis. BlueRock CEO Harold Byun noted that while many security vulnerabilities are exploited through the CPU, the chipset side also presents a large attack surface due to flawed device drivers; without IOMMU protection, a compromised device driver can perform DMA reads or writes to any memory region, compromising confidentiality and integrity. Device drivers constitute a significant portion of operating systems and are often the lowest-quality software component.

NOVA supports virtual machines with up to 256TB of physical memory and 128PB of virtual address space per workload. According to Byun, maintaining such a large address space requires page tables using a depth-5 radix tree; NOVA can maintain its page tables completely lock-free, with no lock primitives limiting the scalability of concurrent updates to disjoint memory regions. In terms of predictability for AI workload execution, Protection Domains are configurable to isolate specific core sets, with the configuration effectively serving as an allocation mechanism. NOVA can coordinate with the virtual machine manager to allocate resources based on performance requirements; CPU caches can also be partitioned for different quality-of-service levels, providing additional optimization and prioritization.

On x86 platforms, NOVA can be built with optional Control-flow Enforcement Technology support, including Indirect Branch Tracking and Supervisor Shadow Stacks. Due to CPU requirements and runtime overhead, control flow protection is omitted in the default build. On platforms supporting TXT, when a matching SINIT Authenticated Code Module is present in TXT memory, NOVA performs a measured launch to establish a Dynamic Root of Trust for Measurement.

NOVA's formal specifications and proofs are maintained in a separate GitLab branch under the BlueRock security group. The source code is licensed under GPL v2, with copyright covering 2009 to 2026, involving Technische Universitaet Dresden, Intel, FireEye, and BlueRock Security. The project is currently still in the experimental stage.

BlueRock stated that AI systems are transitioning from experimental workloads to continuously running production infrastructure, with rising inference costs and increasing operational pressure. Future AI infrastructure architectures require isolation, predictability, reduced trusted complexity, and streamlined execution at scale. The DMA remapping feature enforces protection beneath guest operating systems, aiming to maintain isolation when workloads are compromised. The source code for the NOVA Microhypervisor is freely available on GitHub.

This article is compiled by Wedoany. All AI citations must indicate the source as "Wedoany". If there is any infringement or other issues, please notify us promptly, and we will modify or delete it accordingly. Email: news@wedoany.com