Post on 02-Jan-2016
transcript
System Virtualization 1System Virtualization 1
Learning Objective:
– To understand the implementation choices and details of System Virtualization
COMP25212 1
Aims and DefinitionsAims and Definitions
COMP25212 2
ApplicationApplication
Operating SystemOperating System
HardwareHardware
ApplicationsApplications
Guest AOperating System
Guest AOperating System
Virtual Machine Monitor/HypervisorVirtual Machine Monitor/Hypervisor
ApplicationsApplications
Host HardwareHost Hardware
Guest BOperating System
Guest BOperating System
Unvirtualized Virtualized
Host:Guest:
Hosted VirtualizationHosted Virtualization
COMP25212 3
ApplicationsApplications
Guest AOperating System
Guest AOperating System
ApplicationsApplications
Host HardwareHost Hardware
Guest BOperating System
Guest BOperating System
ApplicationApplication
Host Operating SystemHost Operating System
Virtual Machine Monitor/HypervisorVirtual Machine Monitor/Hypervisor
Advantages?Disadvantages?
Xen Guest 0 Xen Guest 0 VirtualizationVirtualization
COMP25212 4
ApplicationsApplications
Guest 0Operating System
Guest 0Operating System
ApplicationsApplications
Host HardwareHost Hardware
Guest BOperating System
Guest BOperating System
ApplicationApplication
Virtual Machine Monitor/HypervisorVirtual Machine Monitor/Hypervisor
Advantages?Disadvantages?
Guest AOperating System
Guest AOperating System
RevisionRevision: OS : OS Protection/PrivilegeProtection/Privilege
OS handles physical resources:– Privileged
• Application isolated from resources:– Non-privileged
COMP25212 5
ApplicationApplication
Operating SystemOperating System
HardwareHardware
Unvirtualized
Virtualization: Virtualization: Protection/PrivilegeProtection/Privilege
• VMM handles physical resources:– Privileged
• Guest OS isolated from resources– non-
(less-)privileged
COMP25212 6
ApplicationsApplications
Guest AOperating System
Guest AOperating System
Virtual Machine Monitor/HypervisorVirtual Machine Monitor/Hypervisor
ApplicationsApplications
Host HardwareHost Hardware
Guest BOperating System
Guest BOperating System
Virtualized
VMM gets control on every guest OS access to physical resource
What Physical Resources What Physical Resources are Guarded?are Guarded?
• Timers• CPU registers:
– Interrupt Enable– Page Table Base
• Device Control Registers– Programmed I/O?– Interrupt I/O?– DMA I/O?
• Interrupts (may be for different Guest?)• Memory Mapping (page tables)
COMP25212 7
How does Guest Cause How does Guest Cause VMM Entry?VMM Entry?
• VMM designers are (a bit) lucky:– Many Guest accesses to physical resources
cause trap in non-privileged mode– So, running the OS in non-privileged mode
suffices
• BUT some instructions behave differently (without trapping) in privileged and non-priv mode
• e.g. Intel “Store into Flags”
COMP25212 8
Memory Accessing in Memory Accessing in VirtualizationVirtualization
COMP25212 9
Virtual AddressVirtual
Address
VMMPage Tables
VMMPage Tables
Physical AddressPhysical Address
Virtualized
Virtual AddressVirtual Address
OS Page Tables(+ TLBs for efficiency)
OS Page Tables(+ TLBs for efficiency) Physical AddressPhysical Address
UnvirtualizedUnvirtualized
OS Page Tables
OS Page Tables
TLBs ??TLBs ??
Interfacing Guest OS Interfacing Guest OS and VMMand VMM
• Three solutions today:
a) Software (static)
b) Software (dynamic)
c) Hardware (dynamic)
COMP25212 10
ParaVirtualizationParaVirtualization
Modify Guest OS to be Virtualization-aware:
a)call VMM for all privileged operations
b)cooperate with VMM over shared page tables
c)call VMM for input-output
Advantages? Disadvantages?
COMP25212 11
Detect and Fix Detect and Fix Interfaces in VMMInterfaces in VMM
• Detection:– Write-protect Guest OS page tables– Code-scan (Dynamic Binary Translation?)
Guest OS for unsafe instructions – plant traps
• Fixing:– Use write-error trap to detect guest page-table
writes– Provide “shadow page tables” for hardware
TLBs– Use “illegal instruction” and “trap” traps
COMP25212 12
Detect and Fix Interfaces Detect and Fix Interfaces in Hardware in Hardware
• Requirement:– VMM runs more-privileged than Guest OS
• Hardware provides Application/OS and VMM modes
• When Virtualization is active, all OS accesses to physical resources trap to VMM
Advantages? Disadvantages?
COMP25212 13