Hypervisors

HypervisorsInzemamul Haque

02 March 2015

Motivation

• In some situations, organizations need different computers but actually do not want it.

Motivation


• E.g. a company has e-mail server, web server, FTP server, etc.

Motivation



• Due to reliability, use separate machines

Motivation



• Due to reliability, use separate machines

Solution is virtualization

Virtualization

• Allows a single computer to run different virtual systems (Virtual Machines).

Virtualization


• Abstracts the hardware of a single computer into different execution environments

Virtualization



• Creates illusion that each execution environment is running on its own private computer

Virtualization



• Creates illusion that each execution environment is running on its own private computer

• Failure in one virtual machine do not affect other virtual machines

Types of Hypervisors

• Type 1 hypervisor



Type 1 Hypervisor

Hardware

Windows Linux




Type 1 Hypervisor

Hardware

Windows Linux




Type 1 Hypervisor

Hardware

Windows Linux Type 2 Hypervisor

Hardware

Guest OS

Host Operating System

Other OS processes

Type 1 Hypervisor Type 2 Hypervisor

Requirements for Virtualization

• CPU has some instructions which can only be executed in kernel mode e.g. perform I/O, changing MMU settings, etc.



• These instructions are called sensitive instructions




• Some instructions cause a trap if executed in user mode





• These instructions are called privileged instructions





• These instructions are called privileged instructions

• A machine is virtualizable if sensitive instructions are subset of privileged instructions.

Popek and Goldberg, Formal Requirements for Virtualizable Third Generation Architectures, Commun. OfACM, 1974

Different Techniques of Implementation

• Binary translation

• Paravirtualization

• Hardware support

Binary Translation

….….

Sensitive instruction

….….

Basic Block in code of guest OS

Binary Translation

….….

Sensitive instruction

….….

Basic Block in code of guest OS

….….

VMware procedure

….….

Paravirtualization

• Modifies guest OS source code, and directly executes hypervisor calls

Hardware Support – Bird’s-eye View

• In 2006, Intel introduced VT-x

Hardware

OS

User Applications

VMM

Hardware Support – Bird’s-eye View

• In 2006, Intel introduced VT-x

Hardware

OS

User Applications

VMMVMX Root Mode

VMX Non-Root Mode

VT-x Operating Modes

• Set of processor operations called VMX operations



• Two kinds of VMX operation



• Two kinds of VMX operation• VMX root operation

• Fully privileged, generally for VMM



• Two kinds of VMX operation• VMX root operation

• Fully privileged, generally for VMM

• VMX non-root operation• Not fully privileged, generally for guest

• Reduces the privilege of guest software developed to operate in ring 0

VM Entry and Exit

• Two types of transitions

VM Entry and Exit

• Two types of transitions• VM entry

• Transition from VM root operation to VM non root operation

• Loads guest state from VMCS

• Stores VMM state to VMCS

VM Entry and Exit

• Two types of transitions• VM entry

• Transition from VM root operation to VM non root operation

• Loads guest state from VMCS

• Stores VMM state to VMCS

• VM exit• Transition from VM non-root operation to VM root operation

• Stores guest state to VMCS

• Loads VMM state from VMCS

VM Entry and Exit

Guest 0 Guest 1

VMMVMXON VMXOFF

VM EntryVM Exit VM Exit

Picture: Copied from Intel Manual Sept 2014

Virtual Machine Control Structure

• Control Structures stored in memory



• One VMCS active per virtual processor at a time



• One VMCS active per virtual processor at a time

• Stores guest state, host state, VMX controls and VM-exit information

VM Exits in VMX Non-Root Operation

• Some instructions cause VM-exit unconditionally• e.g. CPUID, INVD, XSETBV, INVEPT, VMCLEAR, VMLAUNCH, etc.



• Some instructions cause VM-exit conditionally based on VM-execution control settings in VMCS• e.g. HLT, INVLPG, MONITOR, VMREAD, etc.




• Exceptions




• Exceptions

• Triple Faults




• Exceptions

• Triple Faults

• External Interrupts




• Exceptions

• Triple Faults


• Non-Maskable Interrupts




• Exceptions

• Triple Faults


• Non-Maskable Interruptsand more…

References

• A.S.Tanenbaum, Modern Operating Systems, 3rd Edition,2008

• Abraham Silberschatz, Peter B. Galvin, Greg Gagne, Operating System Concepts, 8th Edition, 2010

• Understanding Full Virtualization, Paravirtualization and Hardware-assist by VMware

• Understanding Intel Virtualization Technology (Power point presentation) by Narendar B. Sahgal and Dion Rodgers

• Intel 64 and IA-32 Architectures Software Developer’s Manual Volume 3