Hardware-assisted Virtual Machine
노용환 (a.k.a. somma)
fixbrain@gmail.com
Virtualization…
system utilization
management cost
consolidation
isolation
trusted environment
resource aggregation
GRID s...
History…
1960 1970 1999 2006 현재
CP-40, IBM,
Cambridge Scientific Center
full virtualization
System/370, IBM
x86 virtualiza...
Virtualization techniques
Shared Device
Memory and I/O
Virtualization
VMM
CPU CPU MEMORY
Physical H/W
Control
Guest OS Gue...
Virtualization techniques
Full Virtualization
- No OS modification
- Binary translation, Trace cache,…
- VMware ESX server...
HVM (Hardware-assisted Virtual Machine)
Virtualize…
CPU
- AMD-V , VT-x
IOMMU
- AMD-Vi, VT-d
Network
- VT-c
VMX operation
V...
HVM (Hardware-assisted Virtual Machine)
HVM – new instructions
HVM – instruction execution order
VMXON
VMCLEAR
VMPTRLD
VMWRITE
VMLAUNCH
GUEST Exit
VMREAD
VMRESUME
VMXOFF
HVM – data…
VMXON Region
- created per logical processor
- used by VMX instructions
VMCS Region
- created per virtual CPU ...
HVM – VMM programming summary
check VMX support allocate VMXON region execute VMXON
allocate VMCS regionexecute VMCLEARexe...
HVM – VMCS data organization
#1 Guest state fields
- saved on VM exits, loaded on VM entries
#2 Host state fields
- loaded...
HVM – VMCS data organization
HVM – accessing VMCS data
VMWRITE
VMREAD
virtual address / physical address
READ
virtual address / physical address
WRITE
HVM – accessing VMCS data
HVM – accessing VMCS data
HVM – initialize and run VMM
HVM – handling VM exits
#6 VM Exit info
HVM – handling VM exits
Q & A
HVM – Blue Pill
HVM – related works
Hypersight
- Northsecuritylabs( http://northsecuritylabs.com/ )
- 2011 년 이후 업데이트 없음…
McAfee DeepSAFE
M...
HVM – related works
HyperDbg
- SoftIce 와 유사
- HVM 을 이용한 커널디버거
DEMO
&
Q & A
Upcoming SlideShare
Loading in...5
×

Hypervisor seminar

735

Published on

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
735
On Slideshare
0
From Embeds
0
Number of Embeds
4
Actions
Shares
0
Downloads
39
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide
  • system utilization
    시스템의 사용률을 높임
    하나의 시스템에서 통합(consolidation) 할 수 있고, 관리부하를 줄일 수 있음

    isolation
    물리자원을 직접 사용하지 않고, 에뮬레이션 된 자원을 이용하므로
    결함 제거/전파 저지/보안향상
    안전하고, 깨끗한 컴퓨팅 환경 제공

    resource aggregation
    디스크, CPU 같은 분산된 여러 물리자원을 단일 자원으로 집합시킬 수 있음
    동일한 인터페이스로 통합

    mobility
    system 의 이동/마이그레이션을 쉽게 가능하게 해줌
    fast suspend/resume 등

    emulation
    - 존재하지 않는 환경, 하드웨어등을 모의 시험할 수 있게 함
  • Transcript of "Hypervisor seminar"

    1. 1. Hardware-assisted Virtual Machine 노용환 (a.k.a. somma) fixbrain@gmail.com
    2. 2. Virtualization… system utilization management cost consolidation isolation trusted environment resource aggregation GRID system MPP (Massively Parallel Processing)resource access control mobility emulation
    3. 3. History… 1960 1970 1999 2006 현재 CP-40, IBM, Cambridge Scientific Center full virtualization System/370, IBM x86 virtualization, VMWare application virtualization (application streaming) x86,x64, ARM, … Storage, Network … VMWare, Virtual Box, Xen… … OpenStack, CloudStack,… … Amazon, Google…
    4. 4. Virtualization techniques Shared Device Memory and I/O Virtualization VMM CPU CPU MEMORY Physical H/W Control Guest OS Guest OS physical h/w virtualized h/w VMM must … - support same hardware interface - can control guest OS when accessing H/W resources.
    5. 5. Virtualization techniques Full Virtualization - No OS modification - Binary translation, Trace cache,… - VMware ESX server Para Virtualization - Need OS modification - Hypercall - Xen Direct execution eflags, control registers, MSR registers, port I/O, privileged instructions, …
    6. 6. HVM (Hardware-assisted Virtual Machine) Virtualize… CPU - AMD-V , VT-x IOMMU - AMD-Vi, VT-d Network - VT-c VMX operation VMX root operation VMX non-root operation
    7. 7. HVM (Hardware-assisted Virtual Machine)
    8. 8. HVM – new instructions
    9. 9. HVM – instruction execution order VMXON VMCLEAR VMPTRLD VMWRITE VMLAUNCH GUEST Exit VMREAD VMRESUME VMXOFF
    10. 10. HVM – data… VMXON Region - created per logical processor - used by VMX instructions VMCS Region - created per virtual CPU for guest OS - used by CPU and VMM - 4Kb aligned - PHYSICAL_ADDRESS == typedef LARGE_INTEGER - …
    11. 11. HVM – VMM programming summary check VMX support allocate VMXON region execute VMXON allocate VMCS regionexecute VMCLEARexecute VMPTRLD initialize VMCS data host-state area fields VM-exit control fields VM-entry control fields VM-execution control fields guest-state area fields execute VMLAUNCH handling various VM-exits
    12. 12. HVM – VMCS data organization #1 Guest state fields - saved on VM exits, loaded on VM entries #2 Host state fields - loaded on VM exits #3 Execution control fields - control VMX-non root operations #4 Exit control fields - control VM exits #5 Entry control fields - control VM entries #6 VM Exit info - saved VM exits information on VM exits pin-based controls processor-based controls exception-bitmap address I/O bitmap address Timestamp counter offset CR0/CR4 guest/host masks CR3 targets MSR bitmaps
    13. 13. HVM – VMCS data organization
    14. 14. HVM – accessing VMCS data VMWRITE VMREAD virtual address / physical address READ virtual address / physical address WRITE
    15. 15. HVM – accessing VMCS data
    16. 16. HVM – accessing VMCS data
    17. 17. HVM – initialize and run VMM
    18. 18. HVM – handling VM exits #6 VM Exit info
    19. 19. HVM – handling VM exits
    20. 20. Q & A
    21. 21. HVM – Blue Pill
    22. 22. HVM – related works Hypersight - Northsecuritylabs( http://northsecuritylabs.com/ ) - 2011 년 이후 업데이트 없음… McAfee DeepSAFE Microsoft - Countering Kernel Rootkits with Lightweight Hook Protection
    23. 23. HVM – related works HyperDbg - SoftIce 와 유사 - HVM 을 이용한 커널디버거
    24. 24. DEMO & Q & A

    ×