第二回Bitvisor読書会 前半 Intel-VT について

3,656 views

Published on

Description of the Intel-VT.

Published in: Technology, Lifestyle
0 Comments
3 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
3,656
On SlideShare
0
From Embeds
0
Number of Embeds
38
Actions
Shares
0
Downloads
77
Comments
0
Likes
3
Embeds 0
No embeds

No notes for slide

第二回Bitvisor読書会 前半 Intel-VT について

  1. 1. Bitvisor Tsuyoshi Ozawa 2009 10 7 1
  2. 2. • x86 • x86 IO • Intel-VT • Intel-VT 2009 10 7 2
  3. 3. x86 2009 10 7 3
  4. 4. x86 ( ) Ring3 = User Mode Ring2 Ring1 (0 ) Ring0 Kernel Mode OS Ring 0 Ring 3 2009 10 7 4
  5. 5. 1. 2. 2009 10 7 5
  6. 6. Ring3 Ring0 Ring3 Ring2 Ring1 Ring0 Kernel Mode User Mode 2009 10 7 6
  7. 7. Ring3 Ring0 Ring3 Ring2 out Ring1 Ring0 Kernel Mode User Mode 2009 10 7 6
  8. 8. Ring3 Ring0 Ring3 Ring2 out Ring1 Ring0 Kernel Mode ( ) User Mode 2009 10 7 6
  9. 9. Ring3 Ring0 Ring3 Ring2 out Ring1 Ring0 Kernel Mode User Mode 2009 10 7 7
  10. 10. Ring3 Ring0 Ring3 Ring2 out Ring1 Ring0 Kernel Mode User Mode 2009 10 7 8
  11. 11. x86 IO 2009 10 7 9
  12. 12. x86 IO • Memory Mapped IO • • IO Mapped IO • IO 2009 10 7 10
  13. 13. MMIO Kernel Memory Mapped IO mov %eax,(%ebx) Physical memory 2009 10 7 11
  14. 14. MMIO • • Datasheet Intel G35 Express Chipset http://support.intel.co.jp/design/chipsets/ datashts/317607.htm 2009 10 7 12
  15. 15. MMIO • • Datasheet Intel G35 Express Chipset http://support.intel.co.jp/design/chipsets/ datashts/317607.htm 2009 10 7 12
  16. 16. IO mapped IO Memory address space Kernel IO address space outw %ax,$0xECDF Physical memory 2009 10 7 13
  17. 17. IO mapped IO • 0x0000 - 0xFFFF 16 IO • 0x0000 IO • IO address TSS(Task State Segment) space 0xFFFF 2009 10 7 14
  18. 18. Intel-VT 2009 10 7 15
  19. 19. Intel-VT 1. 2.( )VM CPU 2009 10 7 16
  20. 20. OS on Hypervisor 1. OS 2. OS 2009 10 7 17
  21. 21. Kernel Kernel Mode Mode Hypervisor on Guest OS os CPU 2009 10 7 18
  22. 22. Kernel Kernel Mode Mode Hypervisor on Guest OS os CPU 2009 10 7 18
  23. 23. Kernel Kernel Mode Mode Hypervisor on Guest OS os CPU 2009 10 7 18
  24. 24. Kernel Kernel Mode Mode Hypervisor on Guest OS os CPU 2009 10 7 19
  25. 25. Kernel Kernel Mode Mode Hypervisor on Guest OS os CPU 2009 10 7 19
  26. 26. Kernel Kernel Mode Mode Hypervisor on Guest OS os CPU 2009 10 7 19
  27. 27. Kernel Kernel Mode Mode Hypervisor on Guest OS os CPU 2009 10 7 20
  28. 28. Kernel Kernel Mode Mode Hypervisor on Guest OS os CPU 2009 10 7 20
  29. 29. Kernel Kernel Mode Mode Hypervisor on Guest OS os CPU 2009 10 7 20
  30. 30. Kernel Kernel Mode Mode Hypervisor on Guest OS os CPU 2009 10 7 21
  31. 31. Kernel Kernel Mode Mode Hypervisor on Guest OS os CPU 2009 10 7 21
  32. 32. ? 2009 10 7 22
  33. 33. Xen VMWare Ring3 Ring2 Ring1 = Guest Kerel Ring0 HyperVisor OS 2009 10 7 23
  34. 34. Xen VMWare Ring 1 Ring 2 Ring 1 Kernel Kernel Mode Mode Hypervirsor on Guest kernel on CPU 2009 10 7 24
  35. 35. Intel-VT 2009 10 7 25
  36. 36. Intel-VT Kernel Kernel Mode Mode Hypervirsor on Guest kernel on CPU 2009 10 7 26
  37. 37. Intel-VT Guest OS Kernel Kernel Mode Mode Hypervirsor on Guest kernel on CPU 2009 10 7 27
  38. 38. Intel-VT CPU . Kernel Kernel Mode Mode Hypervirsor on Guest kernel on CPU 2009 10 7 28
  39. 39. Intel-VT VMX Root Mode Kernel Kernel Mode Mode Hypervirsor on Guest kernel on CPU 2009 10 7 29
  40. 40. VMX Root Mode VMXON Kernel . Mode A20 VT Hypervirsor on 2009 10 7 30
  41. 41. VMX Root Mode VMXOFF Kernel Mode VT . VT Hypervirsor on 2009 10 7 31
  42. 42. Intel-VT VMX non Root Mode Kernel Kernel Mode Mode Hypervirsor on Guest kernel on CPU 2009 10 7 32
  43. 43. Intel-VT VMX non Root Mode Kernel Kernel Mode Mode VMEntry Hypervirsor on Guest kernel on CPU 2009 10 7 32
  44. 44. VMEntry VMLAUNCH VMRESUME VMX non Root Mode 2009 10 7 33
  45. 45. VMLAUNCH VMRESUME 1. •Host State ( ) 2.VMX non Root ( )Host State Intel 2009 10 7 34
  46. 46. Host State ? • • CR0,CR3,CR4 • DR7 • RSP, RIP • (CS,SS,DS,ES,FS,GS) • (FS,GS,TR,IDTR) 2009 10 7 35
  47. 47. Host State ? • OS OS • Hypervisor OS 2009 10 7 36
  48. 48. ? • VMCS(Virtual Machine Control Structure) • 4KB 0 byte revison 4 byte • 4KB VMX-abort indicator 8 byte VMCS Data 2009 10 7 37
  49. 49. VMCS 0 byte VMCS revison identifier VMCS . 4 byte VMX-abort indicator CPU VMCS 8 byte VMCS Data ( ) 2009 10 7 38
  50. 50. VMCS 0 byte VMCS revison identifier 4 byte VMX-abort indicator 8 byte abort VMCS Data abort 2009 10 7 39
  51. 51. VMCS 0 byte VMCS revison identifier 4 byte VMX-abort indicator 8 byte VMCS Data Host State VMCS Data 2009 10 7 40
  52. 52. VMCS Guest Visible Area Kernel Kernel Memory Mode Mode VMCS Hypervirsor on 2009 10 7 41
  53. 53. VMCS Guest Visible Area Kernel Kernel Memory Mode Mode VMCS Hypervirsor on 2009 10 7 41
  54. 54. • • RAX,RBX,RCX... • - • CR2 • Shadow Paging • etc.. 2009 10 7 42
  55. 55. • • RAX,RBX,RCX... • - • CR2 • Shadow Paging • etc.. (RIP ) 2009 10 7 42
  56. 56. Intel-VT VMExit Kernel Kernel Mode Mode Hypervirsor on Guest kernel on CPU 2009 10 7 43
  57. 57. VMExit VMMCALL + VMX Root Mode 2009 10 7 44
  58. 58. VMExit 1. •Guest State ( ) 2.VMX Root ( )Guest State Intel 2009 10 7 45
  59. 59. Guest State ? 1. • CR0,CR3,CR4 • DR7 • RSP, RIP • (CS,SS,DS,ES,FS,GS) 2. Active State • 32bit Active/HLT/Wait for IPI 3. Interruptibility state • 32bit Active/HLT/Wait for IPI 4. VMCS Link pointer • .VMCS 2 2009 10 7 46
  60. 60. • . RDTSC ( ) • 2009 10 7 47
  61. 61. • . RDTSC ( ) • VMCS 2009 10 7 47
  62. 62. 0 byte VMCS revison identifier 4 byte VMX-abort indicator 8 byte VMCS Data . 2009 10 7 48
  63. 63. VMCS VMREAD/VMWRITE mov VMExit ... 2009 10 7 49
  64. 64. VMWRITE Kernel Mode Memory VMCS Hypervirsor on 2009 10 7 50
  65. 65. VMREAD Kernel Mode Memory VMCS Hypervirsor on 2009 10 7 51
  66. 66. VMWRITE/VMREAD • vmwrite destreg srcreg • vmread destreg srcreg 2009 10 7 52
  67. 67. VMWRITE/VMREAD • vmwrite destreg srcreg • vmread destreg srcreg srcreg 2009 10 7 52
  68. 68. srcreg -encoding- Bit Posiotion(s) Contents 31:15 Reserved (must be 0) 14:15 Bit Width 12 Reserved (must be 0) 11:10 Type 9:1 Index 0 Access Type(32bit or 64bit?) • Appendix H.3 2009 10 7 53
  69. 69. • IO • • • 0 OS 1 VMEXIT 2009 10 7 54
  70. 70. IO • IO 16bit bitmap VMCS • 0x0000 - 0xFFFF 0 OS 1 VMEXIT 2009 10 7 55
  71. 71. IO -encoding- Bit Posiotion(s) Contents 31:15 Reserved (must be 0) 14:15 Bit Width 12 Reserved (must be 0) 11:10 Type 9:1 Index 0 Access Type(32bit or 64bit?) • Appendix H.3 2009 10 7 56
  72. 72. IO -encoding- Bit Posiotion(s) Contents 31:15 Reserved (must be 0) 14:15 Bit Width 12 Reserved (must be 0) 11:10 64 bit access Type =2 9:1 Index 0 Access Type(32bit or 64bit?) • Appendix H.3 2009 10 7 56
  73. 73. IO -encoding- Bit Posiotion(s) Contents 31:15 Reserved (must be 0) 14:15 Bit Width 12 Reserved (must be 0) 11:10 Type 9:1 Index 0 Access Type(32bit or 64bit?) • Appendix H.3 2009 10 7 57
  74. 74. IO -encoding- Bit Posiotion(s) Contents 31:15 Reserved (must be 0) 14:15 Bit Width 12 Reserved (must be 0) 11:10 Control = 0 Type Index = 0 9:1 Index 0 Access Type(32bit or 64bit?) • Appendix H.3 2009 10 7 57
  75. 75. IO -encoding- mov $bitmaptr, %rax /* val */ mov $0x0002000, %rdx /* index */ vmwrite %rax,%rdx 2009 10 7 58
  76. 76. IO -encoding- core/asm.s core/constants.h core/vt_init.c 2009 10 7 59
  77. 77. 2009 10 7 60
  78. 78. VMCS VMPTRST Current VMCS Current VMCS . 2009 10 7 61
  79. 79. VMPTRST Kernel Mode Memory VMCS VMCS Hypervirsor on 2009 10 7 62
  80. 80. Current VMCS VMPTRLD Current VMCS 2009 10 7 63
  81. 81. VMPTRST Kernel Mode Memory VMCS Current VMCS Hypervirsor on 2009 10 7 64
  82. 82. VMCLEAR VMCS 2009 10 7 65
  83. 83. VMCLEAR Kernel Mode Memory VMCS Hypervirsor on 2009 10 7 66
  84. 84. Intel ( ) Volume 2B, 3B 2009 10 7 67
  85. 85. 2009 10 7 68

×