Hypervisors are a kind of software which runs different virtual systems called virtual machines on a single computer giving the view to guest running on each virtual machine that it is running on its own single computer. This presentation talks about hypervisors and different techniques of their implementation in brief.
2. Motivation
• In some situations, organizations need different computers but
actually do not want it.
3. Motivation
• In some situations, organizations need different computers but
actually do not want it.
• E.g. a company has e-mail server, web server, FTP server, etc.
4. Motivation
• In some situations, organizations need different computers but
actually do not want it.
• E.g. a company has e-mail server, web server, FTP server, etc.
• Due to reliability, use separate machines
5. Motivation
• In some situations, organizations need different computers but
actually do not want it.
• E.g. a company has e-mail server, web server, FTP server, etc.
• Due to reliability, use separate machines
Solution is virtualization
7. Virtualization
• Allows a single computer to run different virtual systems (Virtual
Machines).
• Abstracts the hardware of a single computer into different execution
environments
8. Virtualization
• Allows a single computer to run different virtual systems (Virtual
Machines).
• Abstracts the hardware of a single computer into different execution
environments
• Creates illusion that each execution environment is running on its
own private computer
9. Virtualization
• Allows a single computer to run different virtual systems (Virtual
Machines).
• Abstracts the hardware of a single computer into different execution
environments
• Creates illusion that each execution environment is running on its
own private computer
• Failure in one virtual machine do not affect other virtual machines
12. Types of Hypervisors
• Type 1 hypervisor
• Type 2 hypervisor
Type 1 Hypervisor
Hardware
Windows Linux
13. Types of Hypervisors
• Type 1 hypervisor
• Type 2 hypervisor
Type 1 Hypervisor
Hardware
Windows Linux Type 2 Hypervisor
Hardware
Guest OS
Host Operating System
Other OS
processes
Type 1 Hypervisor Type 2 Hypervisor
14. Requirements for Virtualization
• CPU has some instructions which can only be executed in kernel
mode e.g. perform I/O, changing MMU settings, etc.
15. Requirements for Virtualization
• CPU has some instructions which can only be executed in kernel
mode e.g. perform I/O, changing MMU settings, etc.
• These instructions are called sensitive instructions
16. Requirements for Virtualization
• CPU has some instructions which can only be executed in kernel
mode e.g. perform I/O, changing MMU settings, etc.
• These instructions are called sensitive instructions
• Some instructions cause a trap if executed in user mode
17. Requirements for Virtualization
• CPU has some instructions which can only be executed in kernel
mode e.g. perform I/O, changing MMU settings, etc.
• These instructions are called sensitive instructions
• Some instructions cause a trap if executed in user mode
• These instructions are called privileged instructions
18. Requirements for Virtualization
• CPU has some instructions which can only be executed in kernel
mode e.g. perform I/O, changing MMU settings, etc.
• These instructions are called sensitive instructions
• Some instructions cause a trap if executed in user mode
• These instructions are called privileged instructions
• A machine is virtualizable if sensitive instructions are subset of
privileged instructions.
Popek and Goldberg, Formal Requirements for Virtualizable Third Generation Architectures, Commun. Of
ACM, 1974
19. Different Techniques of Implementation
• Binary translation
• Paravirtualization
• Hardware support
26. VT-x Operating Modes
• Set of processor operations called VMX operations
• Two kinds of VMX operation
27. VT-x Operating Modes
• Set of processor operations called VMX operations
• Two kinds of VMX operation
• VMX root operation
• Fully privileged, generally for VMM
28. VT-x Operating Modes
• Set of processor operations called VMX operations
• Two kinds of VMX operation
• VMX root operation
• Fully privileged, generally for VMM
• VMX non-root operation
• Not fully privileged, generally for guest
• Reduces the privilege of guest software developed to operate in ring 0
30. VM Entry and Exit
• Two types of transitions
• VM entry
• Transition from VM root operation to VM non root operation
• Loads guest state from VMCS
• Stores VMM state to VMCS
31. VM Entry and Exit
• Two types of transitions
• VM entry
• Transition from VM root operation to VM non root operation
• Loads guest state from VMCS
• Stores VMM state to VMCS
• VM exit
• Transition from VM non-root operation to VM root operation
• Stores guest state to VMCS
• Loads VMM state from VMCS
32. VM Entry and Exit
Guest 0 Guest 1
VMM
VMXON VMXOFF
VM
EntryVM Exit VM Exit
Picture: Copied from Intel Manual Sept 2014
34. Virtual Machine Control Structure
• Control Structures stored in memory
• One VMCS active per virtual processor at a time
35. Virtual Machine Control Structure
• Control Structures stored in memory
• One VMCS active per virtual processor at a time
• Stores guest state, host state, VMX controls and VM-exit information
36. VM Exits in VMX Non-Root Operation
• Some instructions cause VM-exit unconditionally
• e.g. CPUID, INVD, XSETBV, INVEPT, VMCLEAR, VMLAUNCH, etc.
37. VM Exits in VMX Non-Root Operation
• Some instructions cause VM-exit unconditionally
• e.g. CPUID, INVD, XSETBV, INVEPT, VMCLEAR, VMLAUNCH, etc.
• Some instructions cause VM-exit conditionally based on VM-
execution control settings in VMCS
• e.g. HLT, INVLPG, MONITOR, VMREAD, etc.
38. VM Exits in VMX Non-Root Operation
• Some instructions cause VM-exit unconditionally
• e.g. CPUID, INVD, XSETBV, INVEPT, VMCLEAR, VMLAUNCH, etc.
• Some instructions cause VM-exit conditionally based on VM-
execution control settings in VMCS
• e.g. HLT, INVLPG, MONITOR, VMREAD, etc.
• Exceptions
39. VM Exits in VMX Non-Root Operation
• Some instructions cause VM-exit unconditionally
• e.g. CPUID, INVD, XSETBV, INVEPT, VMCLEAR, VMLAUNCH, etc.
• Some instructions cause VM-exit conditionally based on VM-
execution control settings in VMCS
• e.g. HLT, INVLPG, MONITOR, VMREAD, etc.
• Exceptions
• Triple Faults
40. VM Exits in VMX Non-Root Operation
• Some instructions cause VM-exit unconditionally
• e.g. CPUID, INVD, XSETBV, INVEPT, VMCLEAR, VMLAUNCH, etc.
• Some instructions cause VM-exit conditionally based on VM-
execution control settings in VMCS
• e.g. HLT, INVLPG, MONITOR, VMREAD, etc.
• Exceptions
• Triple Faults
• External Interrupts
41. VM Exits in VMX Non-Root Operation
• Some instructions cause VM-exit unconditionally
• e.g. CPUID, INVD, XSETBV, INVEPT, VMCLEAR, VMLAUNCH, etc.
• Some instructions cause VM-exit conditionally based on VM-
execution control settings in VMCS
• e.g. HLT, INVLPG, MONITOR, VMREAD, etc.
• Exceptions
• Triple Faults
• External Interrupts
• Non-Maskable Interrupts
42. VM Exits in VMX Non-Root Operation
• Some instructions cause VM-exit unconditionally
• e.g. CPUID, INVD, XSETBV, INVEPT, VMCLEAR, VMLAUNCH, etc.
• Some instructions cause VM-exit conditionally based on VM-
execution control settings in VMCS
• e.g. HLT, INVLPG, MONITOR, VMREAD, etc.
• Exceptions
• Triple Faults
• External Interrupts
• Non-Maskable Interrupts
and more…
43. References
• A.S.Tanenbaum, Modern Operating Systems, 3rd Edition,2008
• Abraham Silberschatz, Peter B. Galvin, Greg Gagne, Operating System
Concepts, 8th Edition, 2010
• Understanding Full Virtualization, Paravirtualization and Hardware-assist
by VMware
• Understanding Intel Virtualization Technology (Power point presentation)
by Narendar B. Sahgal and Dion Rodgers
• Intel 64 and IA-32 Architectures Software Developer’s Manual Volume 3
Editor's Notes
Basic block is defined in compiler theory. It is a block of instructions which has single entry point and single exit point. By definition, they cannot have any instructions which can modify the program counter except at the end.
Basic block is defined in compiler theory. It is a block of instructions which has single entry point and single exit point. By definition, they cannot have any instructions which can modify the program counter except at the end.