slides
Upcoming SlideShare
Loading in...5
×
 

slides

on

  • 597 views

 

Statistics

Views

Total Views
597
Views on SlideShare
597
Embed Views
0

Actions

Likes
1
Downloads
33
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

slides slides Presentation Transcript

  • Intel Virtualization Technology: Hardware Support for Efficient Processor Virtualizatio n Gil Neiger, Amy Santoni, Felix Leung, Dion Rodgers, Rich Uhlig Intel Technology Journal Volume 10, Issue 3, 2006 Presenter: Weiming Zhao
  • Overview
    • Background
      • X86 memory management review
    • Software-only virtualization
      • Challenges
      • Solutions
    • Intel virtualization technology (VT) ‏
      • VT-x / VT-i architecture
      • Hardware-based Solutions
    • Usages of VT-x and VT-i
    • Future of VT
  • Overview
    • Background
      • X86 memory management review
    • Software-only virtualization
      • Challenges
      • Solutions
    • Intel virtualization technology (VT) ‏
      • VT-x / VT-i architecture
      • Hardware-based Solutions
    • Usages of VT-x and VT-i
    • Future of VT
  • IA-32 Architecture overview
  • Memory Management on IA-32
  • Privilege level (ring 0,1,2,3) ‏ Memory Management on IA-32: segments
  • Memory Management on IA-32: multi-segments
  • Memory Management on IA-32: flat model
    • Paging protection
      • User / Supervisor bit
      • Read / Write bit
      • Works well for unvirtualized OS
    • In 64-bit mode, segmentation is generally disabled
      • Use flat model
      • Paging isolates kernel / user space
      • OS runs in “supervisor mode”
      • App runs in “user mode”
    Without VMM With VMM
      • On 32-bit:
          • Use segments to isolate VMM/OS/App
          • 0/1/3 model
      • On 64-bit :
          • 0/3/3 model
    The privileges of VMM, OS and Apps
  • Overview
    • Background
      • X86 memory management review
    • Software-only virtualization
      • Challenges
      • Solutions
    • Intel virtualization technology (VT) ‏
      • VT-x / VT-i architecture
      • Hardware-based Solutions
    • Usages of VT-x and VT-i
    • Future of VT
  • Challenges
    • Ring Aliasing
      • The problem that arise when software is run at a privilege level other than the privilege level for which it was written
      • An existing OS may be written to run with ring 0
      • VMM must run with ring 0
      • Guest OS: be deprivileged
        • 0/1/3 (32-bit)‏
        • 0/3/3 (64-bit)‏
      • A guest OS can know its run level
        • PUSH CS: CS contains the Current Privilege Level (CPL)‏
  • Challenges
    • Address-Space Compression
      • VMM must use some of the guest’s virtual-address space to manage transition between guest OS and VMM
        • For IA-32, IDT (interrupt descript table) uses linear address (virtual address)‏
        • For Itanium, interrupt vector table (IVT) resides in virtual address space
      • VMM’s address spaces must be protected
        • Guest could detect that it is running in a VM
  • Challenges
    • Non-Faulting Access to Privileged State
      • In most cases, accessing privileges states result in faults
      • However, some instructions can access privilege states without faulting
        • For IA-32, GDTR, IDTR, etc are only writable at ring 0. But they are readable without causing faulting
        • For Itanium, PTA (page-table address) register is only writable at ring 0. thrash instruction indirectly exposes the value
      • A guest OS may find the inconsistency by attempting to write first and then reading
    • Adverse Impact on Guest System Calls
      • System calls are made via SYSENTER/SYSEXIT
        • Lower latency than the traditional software interrupt (INT 80H)‏
        • SYSENTER always transits to ring 0
        • SYSEXITS faults if executed outside ring 0
        • VMM must emulate every guest execution of SYSENTER/SYSEXIT
  • Challenges
    • Interrupt Virtualization
      • A VMM may manage external interrupts and deny guest to control interrupt masking
        • To support “virtual interrupt”, VMM must intercept guest’s attempt of masking/unmasking
        • Some OS frequently mask and unmask, intercepting them significantly affect performance
      • Deliver "virtual interrupt" to a guest in a timely way
        • A guest may mask the interrupt (not ready to receive)‏
  • Challenges
    • Access to Hidden State
      • Some processor states are not software-accessible
      • In IA-32, no mechanism for saving/restoring the hidden component of segment registers
        • e.g. segmen registers
        • required for guest switching to set the hidden value
      • In Itanium, no direct write to a Current Frame Load Enabled (CFLE) field in Register State Engine (RSE)‏
        • After external interrupt handling, VMM wants to return to guest OS with CFLE = 0
        • The return from interrupt instruction forces it to be 1
  • Challenges
    • Ring Compression
      • Segment protections do not apply in 64-bit
      • Paging does not distinguish ring 0-2
        • Guest OS must run at ring 3 (0/3/3 model)‏
        • Guest OS runs at the same privilege level as applications
    • Frequent Access to Privileged Resources
      • Performance is compromised by excessive faults
      • Task-priority register: it may be frequently accessed to control interrupt priority
  • Overview
    • Background
      • X86 memory management review
    • Software-only virtualization
      • Challenges
      • Solutions
    • Intel virtualization technology (VT) ‏
      • VT-x / VT-i architecture
      • Hardware-based Solutions
    • Usages of VT-x and VT-i
    • Future of VT
      • Paravirtualization
        • Modify the guest OS to cooperate with VMM
        • Pros: offers high performance
        • Cons: need the source code of an OS
        • Example: Xen
      • Binary translation
        • Transforming guest OS binaries on-the-fly
        • Pros: support unmodified OS
        • Cons: slow
        • Examples: VMware, Virtual PC
    Two Main solutions
  • Overview
    • Background
      • X86 memory management review
    • Software-only virtualization
      • Challenges
      • Solutions
    • Intel virtualization technology (VT) ‏
      • VT-x / VT-i architecture
      • Hardware-based Solutions
    • Usages of VT-x and VT-i
    • Future of VT
  • VT-x Architecture Overview Intel Virtualization Architecture Overview
    • Two new forms of CPU operation
      • VMX root operation – for use by a VMM
      • VMX non-root operation – similar to that of IA-32 w/o VT-x
      • Both forms of operation support all four privilege levels
      • Guest OS can run at its intended privilege level
    • Two new transitions
      • VM entry – from VMX root operation to non-root operation
      • VM exit – from VMX non-root operation to root operation
    • Under VMX non-root operation, Many instructions/events cause VM exits
  • Intel Virtualization Architecture Overview
    • VMCS (Virtual Machine Control Structure)‏
      • A new data structure
      • VMCS includes guest-state area and host-state area
      • At transition, corresponding state is loaded/saved VM Exiting events control
      • External-interrupt exiting
        • If set, all external interrupts causes VM exits
        • Guest is not able to mask them
      • Interrupt-window exiting
        • If set, a VM exit occurs whenever guest OS is ready to receive interrupts
      • Use TPR shadow
        • “ MOV CR8” (to set TPR) accesses a TPR shadow
        • A VM exit occurs if any TPR is set to a value below some threshold
      • Exception bitmap
        • which exception should cause VM exits and which should not
      • I/O bitmap
        • which port access attempts cause VM exit
      • MSR bitmap
        • To which Model Specific Register access attempts cause VM exit
    VT-x Architecture Overview
  • Intel Virtualization Architecture Overview
    • A new PSR (Processor Status Register) bit: PSR.vm
      • Guest OS runs with the bit set to 1
      • VMM runs with the bit set to 0
      • When PRS.vm=1, execution of privileged instructions causes control transfer to VMM
      • When PRS.vm=1, the uppermost virtual-address bit is not available
      • PSR.vm is orthogonal to the privilege level
    • Virtual process desciptor (VPD) table
      • Virtualization-acceleration field
        • e.g. Interception control for reads of CPUID etc.
      • Virtualization-disable field
        • Disable virtualization of a particular resource of instruction
    • Control virtualization interception
      • Virtualization vector
      • Virtual external interrupt vector
    VT-i Architecture Overview
  • Overview
    • Background
      • X86 memory management review
    • Software-only virtualization
      • Challenges
      • Solutions
    • Intel virtualization technology (VT) ‏
      • VT-x / VT-i architecture
      • Hardware-based Solutions
    • Usages of VT-x and VT-i
    • Future of VT
  • Solving Challenges with VT
    • Address-Space Compression
      • With VT-x
        • VM Exits / VM Entries change the linear address space
        • VMM and guests resides in separate virtual address space
      • With VT-i
        • The VMM has a virtual-address bit that guest OS cannot use
        • VMM has exclusive use of half of virtual-address space
    • Ring Aliasing
    • Ring Compression
        • VT-x and VT-i allow guest OS to run at its intended privilege level
  • Solving Challenges with VT
    • Nonfaulting Access to Privileged State
      • With VT-x and VT-i, such access:
        • Either causes transition to VMM
        • Or becomes unimportant to VMM
          • E.g. allow guests to write IDT (VMCS controls the interrupts/exceptions)‏
    • Guest System Calls
        • With VT-x, a guest OS can run at privilege level 0
        • Eliminates the problem associated with SYSENTER/SYSEXIT
    • Interrupt Virtualization
      • External interrupt exiting VM control
      • Interrupt-window exiting VM control
  • Solving Challenges with VT
    • Access to Hidden State
      • VT-x includes those state in the guest-state area of VMCS
        • Processor load/restore the values on every VM entry or exit
      • VT-i provides a way for VMM to write the CFLE bit
    • Frequent Access to Privileged Resources
      • VT-x provides TPR shadow. VMM is only involved when the value drops below the threshold
      • VT-i allows guest write the interruption-control register. VMM can revise them before the guest interrupt handler returns
  • Overview
    • Background
      • X86 memory management review
    • Software-only virtualization
      • Challenges
      • Solutions
    • Intel virtualization technology (VT) ‏
      • VT-x / VT-i architecture
      • Hardware-based Solutions
    • Usages of VT-x and VT-i
    • Future of VT
  • VMM Usage of Intel VT Features
    • Exception Handling
      • When VM exits, the cause of exception is accessible to VMM
        • If the exception should be handled by guest OS, a VM entry with the event (event injection) is executed
        • Or eliminate the cause of the exception and then perform a plain VM entry
    • Lazy Floating-Point State Processing
      • A feature of IA-32
        • Restoring the floating-point state is time-consuming
        • It can be avoided if a user process does not use the FPU
        • When FPU is needed, an exception occurs to trigger state restoring
      • VT-x supports the guest OS to utilize this feature by using its exception handling
  • Overview
    • Background
      • X86 memory management review
    • Software-only virtualization
      • Challenges
      • Solutions
    • Intel virtualization technology (VT) ‏
      • VT-x / VT-i architecture
      • Hardware-based Solutions
    • Usages of VT-x and VT-i
    • Future of VT
  • Future of VT Architecture
    • NMI-window VM exiting
      • Similar to the interrupt-window exiting, but for non-maskable interrupts (NMI)‏
    • Virtual-processor identifiers (VPIDs)
      • Allow a VMM to assign a VPID to each virtual processor
      • CPU can use VPIDs to tag translations in TLB
      • So the need of TLB flash on every VM entry/exit can be eliminated
    • Extended page table (EPT)‏
      • A separate set of pate tables to translate from guest-physical address to host-physical address
      • Guest OS can modify its own page tables and directly handle PF
      • VMM can avoid the VM Exits associated with page-table virtualization, which are a major source of overhead
  •