Your SlideShare is downloading. ×
0
ch8. System VM, VMWare
ch8. System VM, VMWare
ch8. System VM, VMWare
ch8. System VM, VMWare
ch8. System VM, VMWare
ch8. System VM, VMWare
ch8. System VM, VMWare
ch8. System VM, VMWare
ch8. System VM, VMWare
ch8. System VM, VMWare
ch8. System VM, VMWare
ch8. System VM, VMWare
ch8. System VM, VMWare
ch8. System VM, VMWare
ch8. System VM, VMWare
ch8. System VM, VMWare
ch8. System VM, VMWare
ch8. System VM, VMWare
ch8. System VM, VMWare
ch8. System VM, VMWare
ch8. System VM, VMWare
ch8. System VM, VMWare
ch8. System VM, VMWare
ch8. System VM, VMWare
ch8. System VM, VMWare
ch8. System VM, VMWare
ch8. System VM, VMWare
ch8. System VM, VMWare
ch8. System VM, VMWare
ch8. System VM, VMWare
ch8. System VM, VMWare
ch8. System VM, VMWare
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

ch8. System VM, VMWare

428

Published on

0 Comments
3 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
428
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
24
Comments
0
Likes
3
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. System Virtual Machines -Overview Presented by Jongpil Lee
  • 2. Contents <ul><li>Key Concepts </li></ul><ul><li>Resource Virtualization – Processors </li></ul><ul><li>Resource Virtualization – Memory </li></ul><ul><li>Resource Virtualization – Input/Output </li></ul>
  • 3. System Virtual Machines <ul><li>A system VM environment is capable of supporting multiple system images simultaneously, each running its own operating system and associated application programs </li></ul><ul><li>Real resources of the host platform are shared among the guest system with the virtual machine monitor(VMM) </li></ul><ul><ul><li>The VMM manages the allocation of , and access to, the hardware resource of host platform </li></ul></ul>Linux Applications Linux Virtual Intel IA-32 Windows Applications Windows Virtual Intel IA-32 Solaris Applications Solaris Virtual Intel IA-32 Virtual Machine Monitor(VMM) Intel IA-32 Hardware
  • 4. Key Concepts(1) Outward Appearance CPU Terminal Controller Disk Memory Network Controller Printer To network Dedicated to user1 Dedicated to user2 speaker Keyboard CD-Drive Display Mouse speaker Keyboard CD-Drive Display Mouse Shared Hardware
  • 5. Key Concepts(2) State Management Load register block pointer To point to VM’s registers In VMM memory Load program counter to Point to VM program and Start execution . . Load temp <- reg_pointer, index(A) Store reg_pointer, index(B) <- temp . . Copy register state from VMM memory Load program counter to Point to VM program and Start execution . . Mov reg A -> reg B . . Copy register state from Processor back to system memory VMM changes pointer when VM is activated Indirection Copying Processor Register Block Pointer VMM Memory Register values For VM2 Register values For VM1 Register values For VM3 Processor VMM Memory Register values For VM2 Register values For VM1 Register values For VM3 VMM copies register values when VM is activated Processor Register
  • 6. Key Concepts(3) Resource Control <ul><li>The VMM maintain overall control of all the hardware resources </li></ul><ul><li>Interval timer interrupt </li></ul><ul><ul><li>Instead of allowing the operating system in a virtual machine to field the timer interrupt, the VMM first handles the interrupt itself </li></ul></ul>First VM Active Next VM Active Next VM Active Timer Interrupt occurs VMM saves architected state Of running VM VMM determines Next VM to be activated VMM sets timer interval and enables interrupts VMM restores architected state For next VM VMM sets PC to timer Interrupt handler of OS in next VM
  • 7. Key Concepts(4) Native and Hosted Virtual Machine <ul><li>A native VM system </li></ul><ul><ul><li>The VMM opeartes in a privilege mode higher than the mode of the guest virtual machines </li></ul></ul><ul><ul><li>The privilege level of the guest OS is emulated by the VMM </li></ul></ul><ul><li>A Hosted VM system </li></ul><ul><ul><li>a virtual machine system is installed on a host platform that is already running an existing OS </li></ul></ul><ul><ul><li>The VMM utilizes the functions already available on the host OS to control and manage resources desired by each of the virtual machine </li></ul></ul>Nonprivileged modes Privileged modes Traditional Uniprocessor system OS Hardware Application Native VM system VMM Hardware Guest OS Guest Apps User-Mode hosted VM system Host OS Hardware VMM Guest Apps Guest OS VMM Dual-mode hosted VM system Host OS Hardware Guest OS Guest Apps
  • 8. Key Concepts(5) IBM VM/370 <ul><li>The virtual machine monitor of VM/370 </li></ul><ul><ul><li>the control program(CP) </li></ul></ul><ul><li>A single-user operating system </li></ul><ul><ul><li>The conversational monitor system(CMS) </li></ul></ul>
  • 9. Resource Virtualization - Processor <ul><li>The key aspect of virtualizing a processor </li></ul><ul><ul><li>the execution of the guest instructions, including both system-level and user-level instruction </li></ul></ul><ul><li>Processor virtualization method </li></ul><ul><ul><li>Emulation </li></ul></ul><ul><ul><ul><li>Interpretation, binary translation ( described in Chapter 2 ) </li></ul></ul></ul><ul><ul><li>Direct native execution </li></ul></ul><ul><ul><ul><li>Only if the ISA of the host is identical to the ISA of the guest </li></ul></ul></ul><ul><li>Trap </li></ul><ul><ul><li>For virtualizable ISA, a trap occurs naturally when an instruction needs to be emulated </li></ul></ul><ul><ul><ul><li>the trap handler jumps to an appropriate interpreter routine, interprets the single instruction, and returns control back to the original program </li></ul></ul></ul>
  • 10. Resource Virtualization - Processor Conditions for ISA Virtualizability(1) <ul><li>We restrict the discussion here to native system VMs </li></ul><ul><li>In a native system VM, the VMM runs in system mode, and all other software runs in user mode </li></ul><ul><li>The VMM keeps track of the intended mode of operation of a guest virtual machine </li></ul><ul><ul><li>But The VMM sets the actual native hardware mode to user mode whenever executing instructions from the guest virtual machine </li></ul></ul>
  • 11. Resource Virtualization – Processor Conditions for ISA Virtualizability(2) <ul><li>The machine being virtualized is modeled as a 4-tuple </li></ul><ul><ul><li>S = < E, M, P, R > </li></ul></ul><ul><ul><ul><li>E : the executable storage </li></ul></ul></ul><ul><ul><ul><li>M : the mode of operation </li></ul></ul></ul><ul><ul><ul><li>P : the program counter </li></ul></ul></ul><ul><ul><ul><li>R : the memory relocation bounds register </li></ul></ul></ul><ul><li>A memory trap occurs if the address accessed by a program falls outside the bounds indicated by R </li></ul><ul><li>A privileged instruction is defined as one that traps if the machine is in user mode and does not trap if the machine is in system mode </li></ul><ul><ul><li>Load PSW(LPSW, IBM System/370) </li></ul></ul><ul><ul><ul><li>Load the processor status word (PSW) from a location in memory if the processor is in system mode. If it is not in system mode, the machine traps </li></ul></ul></ul><ul><ul><li>Set CPU Timer(SPT, IBM System/370) </li></ul></ul><ul><ul><ul><li>Replaces the CPU interval timer with the contents of a location in memory if the CPU is in system mode and traps if it is not </li></ul></ul></ul>
  • 12. Resource Virtualization – Processor Conditions for ISA Virtualizability(3) <ul><li>To specify instructions that interact with hardware, two categories of special instructions are defined </li></ul><ul><ul><li>Control-sensitive instruction </li></ul></ul><ul><ul><ul><li>Attempt to change the configuration of resources in the system </li></ul></ul></ul><ul><ul><ul><li>Ex) Load PSW, Set CPU Timer </li></ul></ul></ul><ul><ul><li>Behavior-sensitive instruction </li></ul></ul><ul><ul><ul><li>Behavior or results produced depend on the configuration of resource </li></ul></ul></ul><ul><ul><ul><li>Ex) Load Real Address(LRA) </li></ul></ul></ul><ul><ul><ul><ul><li>takes a virtual address, translates it, saves the corresponding real address in a specified general-purpose register </li></ul></ul></ul></ul><ul><ul><ul><ul><li>The behavior of this instruction depends on the state(mapping) of the real memory resource </li></ul></ul></ul></ul><ul><ul><ul><li>Ex) Pop Stack into Flags Register(POPF) </li></ul></ul></ul><ul><ul><ul><ul><li>pops the flag registers from a stack held in memory </li></ul></ul></ul></ul><ul><ul><ul><ul><li>In user mode, this instrution overwrites all flags except the interrupt-enable flag </li></ul></ul></ul></ul><ul><ul><ul><ul><li>For the interrupt-enable flag, the instruction acts as a no-op when executed in user mode </li></ul></ul></ul></ul><ul><ul><li>Innocuous instruction </li></ul></ul>
  • 13. Resource Virtualization – Processor Conditions for ISA Virtualizability(4) dispatcher Allocator Interpreter routine1 Interpreter routine1 Interpreter routine1 Instruction Trap occurs These instructions desire to change machine reosurce, e.g., load relocation bounds register These instructions do not change machine resources But access privileged resource, e.g., IN, OUT, Write TLB Privileged instruction Privileged instruction Privileged instruction Privileged instruction <ul><li>Component of a Virtual Machine Monitor </li></ul><ul><li>Dispatcher </li></ul><ul><li>Allocator </li></ul><ul><li>Interpreter routines </li></ul>
  • 14. Resource Virtualization – Processor Conditions for ISA Virtualizability(5) <ul><li>The theorem regarding (efficient) VMM construction </li></ul><ul><ul><li>Theorem 1 </li></ul></ul><ul><ul><ul><li>A virtual machine monitor may be constructed if the set of sensitive instruction is a subset of the set of privileged instructions </li></ul></ul></ul><ul><ul><ul><li>An efficient virtual machine implementation can be constructed if instructions that could interfere with the functioning of the VMM always trap in the user mode </li></ul></ul></ul>
  • 15. Resource Virtualization – Processor Conditions for ISA Virtualizability(6) <ul><li>The VMM interprets a sensitive instruction according to the prevailing status of the virtual system resources and the state of the virtual machine </li></ul>Guset OS code in VM (user mode) VMM code (privileged mode) Privileged instruction(LPSW) Next instruction(target of LPSW) Dispatcher LPSW Routine: Change mode to priileged Check privilege level in VM Emulate instruction Compute target Restore mode to user Jump to target
  • 16. Resource Virtualization – Processor Conditions for ISA Virtualizability(7) <ul><li>Interpreting the SPT interuction </li></ul><ul><ul><li>The VMM examines the contents of the location to be loaded into the CPU timer </li></ul></ul><ul><ul><ul><li>If( t < T ) t is loaded, else T is loaded </li></ul></ul></ul><ul><ul><ul><ul><li>t : the content of the location </li></ul></ul></ul></ul><ul><ul><ul><ul><li>T : the time remaining from the allocated time for the virtual machine itself </li></ul></ul></ul></ul><ul><ul><li>Meanwhile, it keeps the time difference( t - T ) in an internal table so that this time can be restored when the guest VM is again activated </li></ul></ul>
  • 17. Resource Virtualization – Processor Recursive Virtualization <ul><li>The concept of running the virtual machine system on a copy itself </li></ul><ul><li>Two effects that usually restrict the ability to create an efficient recursively virtualizable system </li></ul><ul><li>Theorem 2 </li></ul><ul><ul><li>A conventional third-generation computer is recursively virtualizable if </li></ul></ul><ul><ul><ul><li>(a) it is virtualizable and </li></ul></ul></ul><ul><ul><ul><li>(b) a VMM without any timing dependences can be constructed for it </li></ul></ul></ul>hardware VMM Virtual Machine 2 nd -level VMM Virtual Machine Virtual Machine Virtual Machine Privileged Mode Nonprivileged Mode
  • 18. Resource Virtualization – Processor Handling Problem Instructions <ul><li>The POPF instruction is sensitive but not privileged </li></ul><ul><ul><li>Critical instruction ( sensitive but not privileged ) </li></ul></ul><ul><ul><li>It does not generate a trap in user mode </li></ul></ul><ul><ul><li>It violate the virtualizability condition of Theorem 1 </li></ul></ul><ul><li>An additional set of steps must be taken in order to implement a system virtual machine( with possible loss of some efficiency ) </li></ul><ul><ul><li>It is possible for a VMM intercepts POPF and other critical instructions if all guest software were interpreted instruction by instruction </li></ul></ul><ul><ul><li>Techniques related to those described in Chapters 2 and 3 can be used to reduce the inefficiency </li></ul></ul>
  • 19. Resource Virtualization – Processor Handling Problem Instructions Scanner and Patcher Code patch for Discovered Critical instruction Control transfer, e.g., trap VMM
  • 20. Resource Virtualization – Processor Patching of Critical Instructions <ul><li>One way to discover critical instructions </li></ul><ul><ul><li>The VMM takes control at the head of each guest basic block and scan instructions in sequence until the end of the basic block is reached </li></ul></ul><ul><ul><ul><li>If a critical instruction is found, it is replaced with a trap to the VMM </li></ul></ul></ul><ul><ul><ul><li>Another trap back to the VMM is placed at the end of the basic block </li></ul></ul></ul><ul><li>To reduce overhead, the trap at the end of a scanned basic block can be replaced by the original branch or jump instruction </li></ul>
  • 21. Resource Virtualization – Processor Caching Emulation Code <ul><li>The overhead of VMM interpretation can become a problem when the frequency of sensitive instructions requiring interpretation is high </li></ul>Translation Table Block 1 Block 2 Block 3 Code Cache Specialized Emualtion Routines Code section Emulated in code cache Two critical Instructions combined Into a single block Block 1 Block 3 Block 2 Control Transfer, e.g., trap Patched Program VMM
  • 22. Resource Virtualization – Memory Virtual Memory Support in a System Virtual machine Environment(1) <ul><li>Each of the guest VMs has its own set of virtual memory tables </li></ul><ul><li>Address translation in each of the guest VMs transforms address in its virtual address space to locations in real memory </li></ul><ul><ul><li>Real memory : a guest VM’s illusion of physical memory </li></ul></ul><ul><ul><li>Physical memory : the hardware memory </li></ul></ul><ul><li>A guest’s real memory address must undergo a further mapping to determine the address in physical memory of the host hardware </li></ul><ul><li>VMM maintains a real map table mapping the real pages to physical pages </li></ul>
  • 23. Resource Virtualization – Memory Virtual Memory Support in a System Virtual machine Environment(2) Virtual memory of Program 1 on VM1 Real Memory of VM1 Virtual memory of Program 2 on VM1 Real Memory of VM2 Virtual memory of Program 3 on VM2 Not mapped to physical memory Physical Memory of System VM1 Real page Real page Real Map Table for VM1 VM2 Real page Real page Real Map Table for VM2 Not mapped 1000 2000 1500 3000 5000 1000 4000 500 3000 1000 4000 500 1000 3000 Virtual page Real page --- --- 1000 Not mapped --- --- 4000 3000 --- --- Page Table for Program 2 Virtual page Real page --- --- 1000 500 --- --- 4000 3000 --- --- Page Table for Program 3 Virtual page Real page --- --- 1000 5000 --- --- 2000 1500 --- --- Page Table for Program 1 --- --- 3000 Not mapped --- --- 5000 1000 --- --- --- --- 1500 500 --- --- 3000 Not mapped --- --- --- --- 500 3000
  • 24. Resource Virtualization – Memory Virtualizing Architected Page Tables(1) <ul><li>The virtual-to-physical mapping is kept by the VMM in shadow page tables, one for each of the guest VMs </li></ul><ul><ul><li>These tables are the ones actually used by hardware to translate virtual addresses and to keep the TLB up-to-date </li></ul></ul><ul><li>To make this method work, the page table pointer register is virtualized </li></ul>Virtual page Physical page --- --- 1000 1000 --- --- 2000 500 --- --- Shadow Page Table for Program 1 on VM1 Virtual page Physical page --- --- 1000 1000 --- --- 2000 500 --- --- Shadow Page Table for Program 1 on VM1 Virtual page Physical page --- --- 1000 1000 --- --- 2000 500 --- --- Shadow Page Table for Program 1 on VM1 Page table pointer Program 1 on VM1 is Currently active
  • 25. Resource Virtualization – Memory Virtualizing Architected Page Tables(2) <ul><li>Page fault handling </li></ul><ul><ul><li>If the page is mapped in the virtual table of the guest OS </li></ul></ul><ul><ul><ul><li>The VMM has moved the accessed real page to its own swap space </li></ul></ul></ul><ul><ul><ul><li>The VMM brings the real page back into physical memory </li></ul></ul></ul><ul><ul><ul><li>The VMM updates the real map table and the affected shadow table(s) </li></ul></ul></ul><ul><ul><li>If the page is not mapped in the guest </li></ul></ul><ul><ul><ul><li>The VMM transfers control to the trap handler of the guest, indicating a page falut </li></ul></ul></ul><ul><ul><ul><li>The guest OS then issues instruction to modify its page table </li></ul></ul></ul><ul><ul><ul><li>The VMM intercepts these request </li></ul></ul></ul><ul><ul><ul><li>The VMM updates the page table and also updates the mapping in the appropriate shadow page table </li></ul></ul></ul>
  • 26. Resource Virtualization – Memory Virtualizing an Architected TLB <ul><li>To virtualize the TLB, the VMM maintains a copy of each guest’s TLB contents and also manages the real TLB </li></ul><ul><li>The real TLB management </li></ul><ul><ul><li>The VMM rewrite the TLB whenever a guest VM is activated </li></ul></ul><ul><ul><ul><li>The VMM translates the real address in virtual TLB to physical address in the physical TLB </li></ul></ul></ul><ul><ul><ul><li>The VMM copies the VM’s virtual TLB entries into the physical TLB </li></ul></ul></ul><ul><ul><ul><li>A fairly high overhead </li></ul></ul></ul><ul><ul><li>The VMM leverage the address space identifiers(ASIDs) </li></ul></ul>ASID Mapping: Prog. 1 – ASID 3 Prog. 2 –ASID 7 ASID Mapping: Prog. 1 – ASID 3 Virtual TLBs ASID Map Table Real TLB Virtual TLB of VM1 Virtual page Real page --- --- 2000 1500 --- --- 4000 3000 --- --- --- --- 1000 5000 ASID --- 3 --- 3 --- 7 --- Virtual TLB of VM2 Virtual page Real page --- --- --- --- --- --- --- --- --- --- --- --- 1000 3000 ASID --- 3 --- --- --- --- --- Virtual ASID Real ASID --- --- VM1:3 9 --- --- VM1:7 --- --- --- VM2:3 4 Virtual page Real page --- --- 1000 3000 --- --- 2000 500 --- --- --- --- 1000 1000 ASID --- 9 --- 4 --- 9 ---
  • 27. Resource Virtualization – Input/Output Virtualizing Device <ul><li>Dedicated Devices </li></ul><ul><ul><li>Some I/O device is dedicated to a particular guest VM or at least are switched from one guest to another on a very long time scale </li></ul></ul><ul><ul><li>The device itself does not necessarily have to be virtualized </li></ul></ul><ul><ul><li>Requests to and from the device could theoretically bypass the VMM and go directly to the guest operating system </li></ul></ul><ul><li>Partitioned Device </li></ul><ul><ul><li>A very large disk, for example, can be partitioned into several smaller virtual disk that are then made available to the virtual machine as dedicated devices </li></ul></ul>
  • 28. Resource Virtualization – Input/Output Virtualizing Device <ul><li>Shared Devices </li></ul><ul><ul><li>Some device, such as a network adapter, can be shared among a number of guest VMs at a fine time granularity </li></ul></ul><ul><ul><li>Each guest may have its own virtual state related to usage of the device, e.g., a virtual network address. </li></ul></ul><ul><ul><ul><li>This state information is maintained by the VMM for each guest VM </li></ul></ul></ul><ul><li>Nonexistent Physical Device </li></ul><ul><ul><li>Virtual devices “attached” to a virtual machine for which there is no corresponding physical device </li></ul></ul><ul><ul><li>For example, a network adapter that is used for communicating with other virtual machines on the same platform </li></ul></ul>
  • 29. Resource Virtualization – Input/Output Virtualizing Device <ul><li>Spooled Device </li></ul><ul><ul><li>Virtualization of spooled device can be performed by using a two-level spool table approach </li></ul></ul>Virtual Machine 1 Spool Table Program A B C D Status Printed Completed Running Completed Location 1000 2000 3000 4000 Real loc 11000 12000 13000 14000 Size 400 200 200 500 Virtual Machine 2 Spool Table Size 400 800 Real loc 21000 22000 Location 1000 2000 Status Running Completed Program P Q VMM Spool Table VM 1 2 1 1 Status A Q B D Status Printed Printing Waiting Waiting Real loc 30000 31000 31800 30400 Size 400 800 200 500 10000 20000 30000
  • 30. Resource Virtualization – Input/Output Virtualizing I/O Activity <ul><li>An application program makes device-independent I/O request </li></ul><ul><li>The Operating system converts the device-independent request into calls to device driver routines </li></ul><ul><li>A device driver takes care of device-specific aspects of performing an I/O transaction </li></ul><ul><li>The VMM can intercept a guest’s I/O action and convert it from a virtual device action to a real device action at any of the three interface </li></ul><ul><ul><li>The system call interface </li></ul></ul><ul><ul><li>The device driver interface </li></ul></ul><ul><ul><li>The operational-level interface </li></ul></ul>Application Hardware Operating system VMM I/O drivers System calls Physical memory and I/O operations driver calls
  • 31. Resource Virtualization – Input/Output Virtualizing I/O Activity <ul><li>Virtualizing at the I/O operation Level </li></ul><ul><ul><li>The privileged nature of the I/O operations make them easy for the VMM to intercept because they trap in user mode </li></ul></ul><ul><li>Virtualizing at the Device Driver Level </li></ul><ul><ul><li>If the VMM can intercept the call to the virtual device driver, it can convert the virtual device information to the corresponding physical device and redirect the call to a driver program for the physical device </li></ul></ul><ul><ul><li>It requires that the VMM developer have some knowledge of the guest operating system and its internal device driver interfaces </li></ul></ul><ul><li>Virtualizing at the System call Level </li></ul><ul><ul><li>The virtualization process could be made more efficient by intercepting the initial I/O request at the OS interface, the ABI </li></ul></ul><ul><ul><ul><li>The entire I/O action could be done by the VMM </li></ul></ul></ul>
  • 32. Resource Virtualization – Input/Output Input/Output Virtualization and Hosted Virtual Machine <ul><li>An I/O request from a guest virtual machine is converted by the native-mode portion of the VMM into a user application request made to the host </li></ul><ul><li>An advantage of a hosted virtual machine </li></ul><ul><ul><li>It is not necessary to provide device drivers in the VMM </li></ul></ul><ul><ul><li>the actual device drivers do not have to be incorporated as part of the VMM </li></ul></ul><ul><li>A component that form a dual mode hosted virtual machine system </li></ul><ul><ul><li>VMM-n(native) </li></ul></ul><ul><ul><ul><li>Intercepts traps due to privileged instructions or patched critical instructions encountered in a virtual machine </li></ul></ul></ul><ul><ul><li>VMM-u(user) </li></ul></ul><ul><ul><ul><li>Makes resource requests to the host OS </li></ul></ul></ul><ul><ul><li>VMM-d(driver) </li></ul></ul><ul><ul><ul><li>Provide a means for communication between the other two components </li></ul></ul></ul>

×