Webinar: Intel®Virtualization Technology for Embedded ...
Upcoming SlideShare
Loading in...5
×
 

Webinar: Intel®Virtualization Technology for Embedded ...

on

  • 1,148 views

 

Statistics

Views

Total Views
1,148
Views on SlideShare
1,148
Embed Views
0

Actions

Likes
1
Downloads
29
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Webinar: Intel®Virtualization Technology for Embedded ... Webinar: Intel®Virtualization Technology for Embedded ... Presentation Transcript

  • Webinar: Intel® Virtualization Technology for Embedded Applications Tanveer Alam Platform Architect Intel Embedded and Communications Group 1
  • Legal Disclaimer INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL® PRODUCTS. NO LICENSE, EXPRESS OR IMPLIED, BY ESTOPPEL OR OTHERWISE, TO ANY INTELLECTUAL PROPERTY RIGHTS IS GRANTED BY THIS DOCUMENT. EXCEPT AS PROVIDED IN INTEL'S TERMS AND CONDITIONS OF SALE FOR SUCH PRODUCTS, INTEL ASSUMES NO LIABILITY WHATSOEVER AND INTEL DISCLAIMS ANY EXPRESS OR IMPLIED WARRANTY, RELATING TO SALE AND/OR USE OF INTEL PRODUCTS INCLUDING LIABILITY OR WARRANTIES RELATING TO FITNESS FOR A PARTICULAR PURPOSE, MERCHANTABILITY, OR INFRINGEMENT OF ANY PATENT, COPYRIGHT OR OTHER INTELLECTUAL PROPERTY RIGHT. UNLESS OTHERWISE AGREED IN WRITING BY INTEL, THE INTEL PRODUCTS ARE NOT DESIGNED NOR INTENDED FOR ANY APPLICATION IN WHICH THE FAILURE OF THE INTEL PRODUCT COULD CREATE A SITUATION WHERE PERSONAL INJURY OR DEATH MAY OCCUR. Intel may make changes to specifications and product descriptions at any time, without notice. Designers must not rely on the absence or characteristics of any features or instructions marked "reserved" or "undefined." Intel reserves these for future definition and shall have no responsibility whatsoever for conflicts or incompatibilities arising from future changes to them. The information here is subject to change without notice. Do not finalize a design with this information. The products described in this document may contain design defects or errors known as errata which may cause the product to deviate from published specifications. Current characterized errata are available on request. Contact your local Intel sales office or your distributor to obtain the latest specifications and before placing your product order. Copies of documents which have an order number and are referenced in this document, or other Intel literature, may be obtained by calling 1-800-548-4725, or by visiting Intel's Web Site. Intel® Virtualization Technology requires a computer system with an enabled Intel® processor, BIOS, virtual machine monitor (VMM) and, for some uses, certain computer system software enabled for it. Functionality, performance or other benefits will vary depending on hardware and software configurations and may require a BIOS update. Software applications may not be compatible with all operating systems. Please check with your application vendor. Intel processor numbers are not a measure of performance. Processor numbers differentiate features within each processor family, not across different processor families. Click here for details. All products, computer systems, dates, and figures specified are preliminary based on current expectations, and are subject to change without notice. Intel, the Intel logo, Intel Atom, Intel Core, Pentium, and Xeon are trademarks or registered trademarks of Intel Corporation or its subsidiaries in the United States and other countries. *Other names and brands may be claimed as the property of others. Copyright © 2010, Intel Corporation. All rights reserved. 2
  • Agenda Intel® vPro™ Technology for Embedded What is Virtualization? - Definitions - Benefits What is Intel® Virtualization Technology (Intel® VT)? - Hardware-assisted virtualization across the platform Embedded Virtualization Segment-based Usage Models: - Military, Aerospace and Government (MAG) - Embedded Medical - Telecoms - Industrial - Gaming Implementing Intel VT Platform Requirements 3 3
  • Intel vPro Technology for Embedded 4
  • What is Virtualization ? Windows* Open Linux* • Hardware and software-based VM0 VM1 system configuration strategy App App App App App App • Enables multiple software environments to co-exist on the Guest OS0 Guest OS1 same piece of hardware • Creates separate, self-contained “virtual” computer nodes called Virtual Machines (VMs) • Requires intermediary software New Layer of Software Virtual Machine Monitor (VMM) layer to manage the VMs: Physical Host Hardware Virtual Machine Monitor (VMM) VMM is the intermediary software layer that manages these virtual machines * Other names and brands may be claimed as the property of others. 5
  • The Benefits of Virtualization Windows* Open Linux* • Optimizes utilization of hardware VM0 VM1 resources through system consolidation App App App App App App • Preserves legacy applications/code Guest OS0 Guest OS1 when migrating to new systems • Allows legacy and new applications to co-exist without interference • Eliminates/reduces system downtime by enabling live migration Virtual Machine Monitor (VMM) of running applications Physical Host Hardware • Reduces TCO • Provides information assurance/data integrity with multiple protected domains VMM is the intermediary software layer that manages these virtual machines * Other names and brands may be claimed as the property of others. 6
  • Virtualization Definitions Para-Virtualization Full Virtualization • OS and device drivers are “aware” • OS and device drivers are unaware they are being used in a virtualized they are being used in a virtualized environment environment • Code modified to support a para- • OS and drivers run in their original, virtualized environment native configuration • OS source code must be available to make these modifications Ring 3 Application Application Ring 3 Application Application VMX Unmodified Operating Non Root Unmodified Unmodified Operating System Mode Operating Operating System Driver System System Ring 1 Ring 0 Front End Binary Patching VMX Ring 3 Ring 0 Virtual Machine Monitor Root Virtual Machine Monitor Mode Ring 0 Hardware with Intel® Hardware Virtualization Technology 7
  • Virtualization Definitions (Continued) Virtual Machine Monitor Hypervisor/Thin-Hypervisor (VMM) Software intermediary layer Non-hosted – or “thin” – VMM that manages OS attempts to access functions as a pure interface between the underlying hardware and redirects hardware and the OS. Also known as a the call appropriately. Thin-Hypervisor. Ring 3 Application Application VMX Non Root Unmodified Unmodified Mode Operating Operating System System Ring 0 Ring 3 VMX Root VMM / Hypervisor Mode Ring 0 Hardware with Intel® Virtualization Technology 8
  • “Hypervisor” Variants Used in Embedded Virtualization Type 1 (Native, Bare-Metal,..) Type 2 (Hosted…) A pure Hypervisor that runs directly on A Hypervisor that runs within a Host OS and the hardware and hosts Guest OS’s. hosts Guest OS’s inside of it, using the host OS services to provide the virtual Examples: WindRiver* Hypervisor, Green environment. Hills*’ Integrity*, LynuxWorks*’ LynxSecure*, Real-Time System’s RTS-Hypervisor; Xen and Examples : Microsoft* HyperV, TenAsys* eVM KVM (open source) VMware VMPlayer/Workstation, QEMU (open source). Applications Applications Applications Applications Applications Applications Guest OS1 Guest OS2 ….. Guest OSn Guest OS1 Guest OS2 ….. Guest OSn Hypervisor Hypervisor Host OS Host OS Service’s Multi-Core Intel® Architecture with Multi-Core Intel ® Architecture with Intel® Virtualization Technology Intel ® Virtualization Technology * Other names and brands may be claimed as the property of others. 9
  • What is Intel® Virtualization Technology – or Intel® VT? 10
  • Intel® Virtualization Technology Intel® Virtualization Technology (Intel® VT) Hardware-assistance for virtualization, offered across the entire hardware platform (CPU, Chipset, I/O) Intel® VT-x Intel® VT-d Intel® VT-c Technology built into Hardware-based Virtualization technology Intel® 64-bit and 32-bit virtualization assistance built into Intel ® processors found in Intel® chipsets networking and I/O devices Processor Chipset Network Intel® VT-x: Intel® Virtualization Technology (Intel® VT) for IA-32, Intel® 64 and Intel® Architecture Intel® VT-d: Intel® Virtualization Technology (Intel® VT) for Directed I/O Intel® VT-c: Intel® Virtualization Technology (Intel® VT) for Connectivity 11
  • Intel® Virtualization Technology: Virtualization Across the Platform VM0 VM1 VM2 VMn Apps Apps Apps … Apps OS OS OS OS Processor Memory I/O Device Virtualization Virtualization Virtualization Ring Intel VT-x Binary EPT Page-table DMA and Interrupt Remap I/O DMA Interrupt Sharable I/O Device Deprivileging ConfigurationTranslation Configuration Shadowing Configuration Remapping Remapping I/O Config Emulation Network VT-x EPT VT-d VT-c Storage Processors Memory I/O Devices Intel ® VT provides hardware assistance to the virtualization software, reducing its size and complexity and enabling lower cost, more efficient, secure, and powerful virtualization solutions. Intel ® VT-x: Intel ® Virtualization Technology (Intel ® VT) for IA-32, Intel ® 64 and Intel ® Architecture Intel ® VT-d: Intel ® Virtualization Technology (Intel ® VT) for Directed I/O Intel ® VT-c: Intel ® Virtualization Technology (Intel ® VT) for Connectivity 12
  • Intel® VT Development Roadmap VMM software evolution over time with Intel® Virtualization Technology hardware support Assists for endpoint I/O device sharing: Vector 3: - Support for PCI-SIG Standards VT-c - Network Virtualization (VMDq) I/O Device Focus Enhanced Platform Support: Vector 2: Baseline Infrastructure: - Interrupt Remapping VT-d - Perf Enhancements Platform Focus DMA Remapping - PCI-SIG compliance Performance Assists: Enhanced support for: Vector 1: Close basic - EPT - APIC Virtualization processor Processor VT-x “virtualization holes” - APIC TPR - VM Switching - VPIDs - Misc Other Focus in IA-32 CPUs - µ-Arch Opt. Richer IO-device Software-only VMMs Simpler and more Better I/O and VMM Binary translation Secure VMMs CPU Performance Functionality and Sharing for Paravirtualization through foundation and Robustness vi Software IO-Device Emulation of virtualizable ISA hardware support legacy and paravirtualized OSes Intel ® VT-x: Intel ® Virtualization Technology (Intel ® VT) for IA-32, Intel ® 64 and Intel ® Architecture Intel ® VT-d: Intel ® Virtualization Technology (Intel ® VT) for Directed I/O Intel ® VT-c: Intel ® Virtualization Technology (Intel ® VT) for Connectivity 13
  • Usage Models for Intel® Virtualization Technology 14
  • Embedded Virtualization Usage Models Legacy OS Consolidation Trusted/Open Application Integration Legacy OS Legacy OS Embedded OS with Media GUI, calendar, (Single threaded (Single threaded: Guest OS (Phone, Video) OS/ RTOS ) OS/RTOS) Application voice mail, games etc. Thin Hypervisor Thin Hypervisor CPU 0 CPU 1 VT-x & VT-d enabled Multi-Core Intel® Architecture Antenna VT-x & VT-d enabled Multi-Core Intel Architecture RTOS & GPOS Consolidation Performance-Critical Application Separation Linux* X-windows User Space Real Time Kernel Modified NetBSD* MS Windows* SMP kernel Standard API Real Time Process IP Stack Changes NetBSD Hypervisor Hypervisor CPU 0 CPU 1 CPU 0 CPU 1 NIC Chipset NIC Chipset VT-x & VT-d enabled Multi-Core Intel Architecture VT-x & VT-d enabled Multi-Core Intel Architecture VT-x: Intel® Virtualization Technology (Intel® VT) for IA-32, Intel® 64 and Intel® Architecture VT-d: Intel® Virtualization Technology (Intel® VT) for Directed I/O * Other names and brands may be claimed as the property of others. 15
  • Embedded Virtualization Usage Model Applicability by Segment Government (MAG) Military, Aerospace & Retail Storage Embedded Gaming Embedded Medical Automation Industrial Control / Media Phone Routers / Appliances Telecommunication / Infotainment In-Vehicle Digital Signage Automation Home/ Building Digital Surveillance Embedded Application Segments Embedded Usage Model’s GPOS and RTOS Consolidation Legacy OS Consolidation Trusted & Open Application Integration Performance Critical Application Separation Legend : Applicable Potential Less Likely Virtualization usage models, Applicability and Value varies by segment 16
  • Embedded Virtualization Applications • Military, Aerospace, Government (MAG) • Embedded Medical • Embedded Telecoms • VoIP, Video and Converged Communications • Industrial • Embedded Gaming 17
  • Military, Aerospace, Government (MAG) Information Assurance: Multiple Levels of Security on a Single Platform Problem: Secret Top Secret Unclassified Optional System Management Ring 3 App App App App App • Need for information App App App App App assurance • Consolidate multiple Middleware Secure Middleware security level platforms Linux* RTOS Windows* Unmodified Linux* Ring 0 into a single platform Virtual BOIS/Driver Virtual BOIS/Driver Virtual BOIS/Driver Virtual BOIS/Drivers Non Root Mode Root Mode Intel® VT Solution: Light weight-Highly Trusted Separation Kernel (Virtual Machine Monitor) Ring 0P • Create separate domains Cores 0 1 2 3 for all applications and OS’s Physical Memory • Isolate network traffic and access domains Assigned Devices - Top Secret - Secret Shared - Unclassified Devices * Other names and brands may be claimed as the property of others. 18
  • Military, Aerospace, Government (MAG) - continued Real-Time and Non Real-Time Application Convergence Non-Real Time Data, Real-Time Applications Streaming System Control Voice & (Maps, Navigation, Video Signal Processing Visibility, etc.) over IP (Visual Enhancement) GPOS (Windows*, RTOS Linux*) Thin Hypervisor Multi-Core Intel® Architecture with Intel® VT Problem: Intel® VT Solution: • Multiple systems needed for • Converge communication applications and real- real-time/mission-critical control time system control and applications (e.g. and communication applications maps, navigation) on fewer hardware platforms • Same reliability packed on less hardware * Other names and brands may be claimed as the property of others. 19
  • Embedded Medical Consolidate Real-Time Control, HMI and GUI on One Hardware Platform Problem: • Add new features • Maintain FDA and safety compliance • Reduce costs of certification • Portability Intel® VT Solution: • Consolidate real-time control, HMI and GUI onto a single platform • Fewer hardware components = smaller system • Easier to upgrade, add new features VT-x: Intel® Virtualization Technology (Intel® VT) for IA-32, Intel® 64 and Intel® Architecture VT-d: Intel® Virtualization Technology (Intel® VT) for Directed I/O * Other names and brands may be claimed as the property of others. 20
  • Embedded Telecoms Upgrade to New Hardware, Preserve Legacy OS and Applications Problem: Legacy Legacy OS Guest OS OS (Ex. QNX*) • Legacy OS and applications are single (Ex. VxWorks*) threaded • Extensive repository of legacy code is irreplaceable Thin Hypervisor • Porting to a modern OS is not an option • Migrate single-threaded legacy applications VT-x & VT-d enabled Multi-Core to next-generation multi-core platforms Intel® Architecture Intel® VT Solution: • Consolidate legacy applications and OS’s on one platform • Use VMs to emulate legacy environment; other VMs can host new applications • Preserve legacy code base • Increase system performance via next-generation multi-core Intel® architecture VT-x: Intel® Virtualization Technology (Intel® VT) for IA-32, Intel® 64 and Intel® Architecture VT-d: Intel® Virtualization Technology (Intel® VT) for Directed I/O * Other names and brands may be claimed as the property of others. 21
  • Embedded Telecoms - continued Separate Performance-Critical Applications on the Platform User Space Problem: Modified NetBSD* SMP kernel • Kernel modifications create Standard IP Stack Changes NetBSD dependencies that prohibit moving to latest distributions Xen*/KVM* Virtual Machine Monitor VT-x & VT-d enabled Multi-Core Intel® VT Solution: Intel® Architecture • Performance-critical application separation • Host legacy modified kernel beside standard distribution on open source hypervisor • Revalidation of changes is not required • Open source approach is maintained VT-x: Intel® Virtualization Technology (Intel® VT) for IA-32, Intel® 64 and Intel® Architecture VT-d: Intel® Virtualization Technology (Intel® VT) for Directed I/O * Other names and brands may be claimed as the property of others. 22
  • VoIP, Media and Converged Communications Safely Host Trusted and Open Applications on One Platform Embedded OS with Problem: Cell Phone GUI, calendar, Application voice mail, games etc.. • Platform must offer reliability and QOS with the flexibility of new Thin Hypervisor application hosting CPU 0 CPU 1 Antenna Intel® VT Solution: Multi-Core Intel® Architecture with • Create closed VMs for call control and critical Intel® Virtualization Technology applications; open VM for application development - Solves the problem of “un-trusted” software Cell - Reduces platform complexity Network - Separates functionality - Enables new x86 application development 23
  • Industrial Consolidate RTOS and GPOS on One Hardware Platform to Save Cost Linux* X-windows Problem: Real Time Kernel MS Windows* ● Competitive pricing pressure API Real Time Process requires reduced platform cost ● Real-time processes require Hypervisor determinism CPU 0 CPU 1 NIC Chipset Intel® VT Solution: VT-x & VT-d enabled Multi-Core Intel® Architecture ● RTOS/GPOS consolidation ● Run real-time control and GUI on the same platform ● Reduce hardware CapEx/OpEx IT Network VT-x: Intel ® Virtualization Technology (Intel ® VT) for IA-32, Intel ® 64 and Intel ® Architecture VT-d: Intel ® Virtualization Technology (Intel ® VT) for Directed I/O * Other names and brands may be claimed as the property of others. 24
  • Embedded Gaming Enabling support for next gen platforms and OSes while providing a transition path for legacy applications Problem: Windows Legacy Games New Gen Games • Support transition to newer generation platforms. • Support for older generation OS and games on new hardware. Full GFX OS Legacy OS • Consolidate and increase (Windows*) (QNX*, DOS*) performance. Gfx passthrough Thin Hypervisor Gfx passthrough Intel® VT Solution: Multi-Core Intel® Architecture with • Use Intel® VT to run two concurrent Intel® VT Oses on the same gaming machine. • Use VT-d technology to directly assign video hardware (both discrete and native) to guest operating systems. Discreet Gfx Native Gfx * Other names and brands may be claimed as the property of others. 25
  • Implementing Intel® Virtualization Technology 26
  • Hardware and Software Components Needed Component Feature Needed Processor Intel® VT-x enabled (support for VMX operations) Hardware Components Chipset Intel® VT-d enabled Support for enabling Intel® Virtualization BIOS Technology Software Components Check for your Operating System support for the VMM/Hypervisor VMM selected, “Refer to the next slide for more details” The newer generation, Intel® Core™ i7, i5, i3+ family of products and Intel® Core™ 2 Duo and their corresponding chipsets have “Intel® Virtualization Technology” already built-in . However, this still requires BIOS enabling and board vendor/OEM validation. VT-x: Intel® Virtualization Technology (Intel® VT) for IA-32, Intel® 64 and Intel® Architecture +Intel® Core™ i3 does not support VT-d VT-d: Intel® Virtualization Technology (Intel® VT) for Directed I/O 27
  • Example of Enabling Virtualization on an Intel® VT Supported Platform Step 1: Download KVM* source “kvm-release.tar.gz” at the following link http://www.linux-kvm.org/page/Downloads KVM (Kernel-based Virtual Machine) is an open source free-to-download VMM Step 2: Unpack and configure KVM components Step 3: Create a disk image for the guest Step 4: Install the Guest Operating System 4a: Insert Linux*/Windows* installation CD into the CDROM 4b: Execute the command for installing the OS (Refer to the link below) 4c: Follow the normal installation procedure Step 5: Run the newly installed Guest OS 5a: Execute the command to start the OS (Refer to the link below) The Guest Domain should now start up For more details/resources and installation “How To” visit: http://www.linux-kvm.org/page/Downloads * Other names and brands may be claimed as the property of others. 28
  • Intel® TXT and Intel® VT Technologies Intel® VT is a prerequisite for implementing Intel® TXT Secure this critical Single Domain & Security Multiple Domains, Varying Security VMM/Hypervisor with Intel® TXT VM0 VM0 VM1 VM(n) App0 App[n-1] Appn App0 App0 Appn MVMM OR MVMM 29
  • Bringing it all together… VM0 VM1 VM2 VMn … Virtual Apps Apps Apps Apps Machines (VMs) OS OS OS OS Higher-level VMM Functions: Resource Discovery / Provisioning / Scheduling / User Interface VMM (a.k.a., Processor Virtualization Memory Virtualization I/O Device Virtualization hypervisor) Ring VT-x Binary Page-table EPT I/O DMA Interrupt DMA and Interrupt Remap I/O Device Sharable Deprivileging Translation Configuration Configuration Shadowing Remapping Remapping Configuration I/O Config Emulation Physical Network Platform VT-x EPT VT-d PCI SIG VT-c Resources Storage Processors Memory I/O Devices Intel ® VT-x: Intel ® Virtualization Technology (Intel ® VT) for IA-32, Intel ® 64 and Intel ® Architecture Intel ® VT-d: Intel ® Virtualization Technology (Intel ® VT) for Directed I/O Intel ® VT-c: Intel ® Virtualization Technology (Intel ® VT) for Connectivity 30
  • Key Takeaways Virtualization technology enables abstraction of the platform to allow various software environments to co-exist and make use of hardware resources “Virtualization usage models” and a “VMM Ecosystem” exists specifically for embedded solutions Embedded designs can save CapEx/OpEx with virtualization Virtualization allows preservation of legacy OS and applications, and opens new opportunities for embedded customers to create value Intel supports its virtualization technology across all platform roadmaps: Intel ® Atom™ processor (excluding VT-d) to Intel® Xeon® processor * Other names and brands may be claimed as the property of others. 31
  • Key Takeaways * Other names and brands may be claimed as the property of others. 32
  • For more information visit the following links: • Intel® Virtualization Technology www.intel.com/technology/virtualization • Intel® Virtualization Technology for Connectivity (Intel® VT-c) www.intel.com/network/connectivity/solutions/virtualization.htm • Intel® Technology Journal featuring Intel® Virtualization Technology www.intel.com/technology/itj/2006/v10i3/ • Intel® 64 and IA-32 Architectures Software Developer's Manuals http://www.intel.com/products/processor/manuals/index.htm • Intel® Virtualization Developer Community www.intel.com/software/virtualization • Intel® Embedded Design Center http://edc.intel.com/ • Intel® Embedded and Communications Alliance www.intel.com/design/network/ica/index.htm 33
  • 34