Virtualization 101 - Partha Dasgupta's Workstation!

Download Report

Transcript Virtualization 101 - Partha Dasgupta's Workstation! 

Virtualization 101
Raghunathan Srinivasan, PhD
Short Introduction
Joined ASU for MS in 2005
 Joined Partha’s group in 2006
 Stuck on for PhD in 2007

◦ Was stupid enough to do it
Finshed PhD in 2011
 Contact: [email protected]

What is a virtual machine
An Isolated programming environment
 It is a complete operating system
 Does not boot directly on physical
hardware
 Usually called Guest OS
 Typically runs with the assistance of
another OS called Host OS

◦ Might run on top of software emulator also

Multiple VMs can share the hardware
Overview
VM
VM
Host OS/Virtual Machine Monitor
Hardware
Virtualization ~ Simulation of hardware
VM
Types

Old School
◦ Full virtualization
◦ Paravirtualization

New School
◦ Hardware Assisted virtualization
◦ Intel® VT
◦ AMD-VTM
Full Virtualization
Provide complete simulation of hardware
 Guest OS need not be modified in any
way

◦ IBM CP/CMS (1970s)
◦ VMware workstation,VMware server (2000s)
 Used Binary translation
Paravirtualization

The Host OS provides ABIs (hypercall)
◦ Think new system call

Guest OS is modified to call these APIs
◦ Xen prior to version 3
Binary Translation
Take every instruction and change it for
underlying hardware
 Vmware running x86 guest on x86
hardware

◦ User mode applications are executed directly
as if they were running natively
◦ Kernel code translated
◦ Privileged instructions need to be caught and
fixed
◦ Access to hardware needs to be fixed
http://www.anandtech.com/show/2480/4
Popek and Goldberg principles
3 essential characteristics for a VMM
 Fidelity: Software executing on VMM
should behave identical to executing on
hardware barring timing issues
 Performance: Most of instructions of
guest should not require VMM
moderation
 Safety: The VMM manages all hardware
resources

Intel Architecture 3 rings
Ring 0
Ring 3
Obstacles with old x86

Guest can find out its state
◦ Read 2 bits on the CS register (CPL)

Trap and emulate was difficult
◦ If the guest OS executes a privileged
instruction you want it to trap so it can be
emulated against virtual hardware
Interpreter used initially
 Software emulation affects performance
 Binary translation works better

http://www.vmware.com/pdf/asplos235_adams.pdf
http://www.hotchips.org/archives/hc17/1_Sun/HC17.T1P2.pdf
Hardware assisted Virtualization
64 bit CPUs removed segmentation
 Hypervisor memory not isolated


Software only virtualization became
difficult
Intel® VT-x
Add elements into the architecture to
support virtualization
 Processor has fields known as VMCS
 There are 2 modes of operations

◦ VMX
◦ Non VMX
VMM will run on VMX mode
 The guest OS runs in non VMX mode

VMX operations
Ring 3
Apps
Apps
Guest OS
Guest OS
Ring 0
VM Entry
VMXON
VMX root
VM Exit
VMM
VMXOFF
Standard
mode
Big picture
If you want to write your own VMM
 Check if CPU supports VT
 Execute VMXon
 Create memory for VMCS and load values
 Write code for handling exits
 Launch the VMM

◦ Well at least that is the theory
VMCS

VMCS specifies CPU behaviour
◦
◦
◦
◦
◦
What operations cause exit
Exits happen on privileged instructions
MSR accesses
CR access
Interrupts
Create one VMCS for each vCPU
 Only one VMCS is active per core at any
time

What got fixed
Guest OS runs at Ring 0, so the guest
application cannot find that it is
virtualized
 Instructions like SGDT, SIDTdon’t have to
trap as they are context switched on VM
exit
 Faulting avoided

http://www.hotchips.org/archives/hc17/1_Sun/HC17.T1P2.pdf