Similar documents

Intel Virtualization Technology Roadmap and VT-d Support in Xen

COSC6376 Cloud Computing Lecture 14: CPU and I/O Virtualization

Intel Virtualization Technology for Directed I/O Architecture Specification

I/O virtualization. Jiang, Yunhong Yang, Xiaowei Software and Service Group 2009 虚拟化技术全国高校师资研讨班

Intel Virtualization Technology for Directed I/O

Virtualization. Starting Point: A Physical Machine. What is a Virtual Machine? Virtualization Properties. Types of Virtualization

Virtualization. ! Physical Hardware Processors, memory, chipset, I/O devices, etc. Resources often grossly underutilized

Virtual Machines. Part 2: starting 19 years ago. Operating Systems In Depth IX 1 Copyright 2018 Thomas W. Doeppner. All rights reserved.

Intel Virtualization Technology for Directed I/O

Programmed I/O accesses: a threat to Virtual Machine Monitors?

Micro VMMs and Nested Virtualization

Intel s Virtualization Extensions (VT-x) So you want to build a hypervisor?

Virtualization. Pradipta De

The Challenges of X86 Hardware Virtualization. GCC- Virtualization: Rajeev Wankar 36

Nested Virtualization and Server Consolidation

Module 1: Virtualization. Types of Interfaces

CS-580K/480K Advanced Topics in Cloud Computing. VM Virtualization II

Nested Virtualization Update From Intel. Xiantao Zhang, Eddie Dong Intel Corporation

Lecture 7. Xen and the Art of Virtualization. Paul Braham, Boris Dragovic, Keir Fraser et al. 16 November, Advanced Operating Systems

Advanced Operating Systems (CS 202) Virtualization

Fast access ===> use map to find object. HW == SW ===> map is in HW or SW or combo. Extend range ===> longer, hierarchical names

Virtualization. Operating Systems, 2016, Meni Adler, Danny Hendler & Amnon Meisels

CSE 120 Principles of Operating Systems

Intel Virtualization Technology for Directed I/O

COMPUTER ARCHITECTURE. Virtualization and Memory Hierarchy

Knut Omang Ifi/Oracle 20 Oct, Introduction to virtualization (Virtual machines) Aspects of network virtualization:

Knut Omang Ifi/Oracle 6 Nov, 2017

Hardware Virtualization Trends

Virtual Virtual Memory

LINUX Virtualization. Running other code under LINUX

Virtual Machine Monitors (VMMs) are a hot topic in

Intel Graphics Virtualization on KVM. Aug KVM Forum 2011 Rev. 3

Virtualization and memory hierarchy

OS Virtualization. Why Virtualize? Introduction. Virtualization Basics 12/10/2012. Motivation. Types of Virtualization.

Fast access ===> use map to find object. HW == SW ===> map is in HW or SW or combo. Extend range ===> longer, hierarchical names

CS 550 Operating Systems Spring Introduction to Virtual Machines

What is KVM? KVM patch. Modern hypervisors must do many things that are already done by OSs Scheduler, Memory management, I/O stacks

Introduction to SGX (Software Guard Extensions) and SGX Virtualization. Kai Huang, Jun Nakajima (Speaker) July 12, 2017

CS370: Operating Systems [Spring 2017] Dept. Of Computer Science, Colorado State University

Intel Virtualization Technology for Directed I/O

KVM for IA64. Anthony Xu

Spring 2017 :: CSE 506. Introduction to. Virtual Machines. Nima Honarmand

CLOUD COMPUTING IT0530. G.JEYA BHARATHI Asst.Prof.(O.G) Department of IT SRM University

Introduction to Virtual Machines. Carl Waldspurger (SB SM 89 PhD 95) VMware R&D

The Architecture of Virtual Machines Lecture for the Embedded Systems Course CSD, University of Crete (April 29, 2014)

Dawn Song

SR-IOV support in Xen. Yaozu (Eddie) Dong Yunhong Jiang Kun (Kevin) Tian

Virtualization. ...or how adding another layer of abstraction is changing the world. CIS 399: Unix Skills University of Pennsylvania.

SUSE Linux Enterprise Server: Supported Virtualization Technologies

Virtualization Introduction

Virtualization. Virtualization

Linux and Xen. Andrea Sarro. andrea.sarro(at)quadrics.it. Linux Kernel Hacking Free Course IV Edition

System Virtual Machines

Nested EPT to Make Nested VMX Faster. Red Hat Author Gleb Natapov October 21, 2013

Virtually Impossible

Xen is not just paravirtualization

CS 350 Winter 2011 Current Topics: Virtual Machines + Solid State Drives

General-purpose computing with VirtualBox on Genode/NOVA. Norman Feske

Operating Systems 4/27/2015

Virtualization. Adam Belay

System Virtual Machines

Virtual Machines. Jinkyu Jeong Computer Systems Laboratory Sungkyunkwan University

The Future of Virtualization

Virtualisation: The KVM Way. Amit Shah

Chapter 5 C. Virtual machines

Memory Management Part 1. Operating Systems in Depth XX 1 Copyright 2018 Thomas W. Doeppner. All rights reserved.

Xen and the Art of Virtualization

Transplantation of VirtualBox to the NOVA microhypervisor. Norman Feske

Advanced Systems Security: Virtual Machine Systems

CSC 5930/9010 Cloud S & P: Virtualization

Virtual Machine Security

Mission-Critical Enterprise Linux. April 17, 2006

Virtual Leverage: Server Consolidation in Open Source Environments. Margaret Lewis Commercial Software Strategist AMD

references Virtualization services Topics Virtualization

Virtualization. Dr. Yingwu Zhu

Chapter 5 (Part II) Large and Fast: Exploiting Memory Hierarchy. Baback Izadi Division of Engineering Programs

1 Virtualization Recap

Introduction Construction State of the Art. Virtualization. Bernhard Kauer OS Group TU Dresden Dresden,

Xen and the Art of Virtualization. CSE-291 (Cloud Computing) Fall 2016

Virtual machine architecture and KVM analysis D 陳彥霖 B 郭宗倫

Hardware- assisted Virtualization

Making Nested Virtualization Real by Using Hardware Virtualization Features

VIRTUALIZATION: IBM VM/370 AND XEN

Cloud Computing Virtualization

CS 5600 Computer Systems. Lecture 11: Virtual Machine Monitors

VT-d and FreeBSD. Константин Белоусов 21 сентября 2013 г. Revision : Константин Белоусов VT-d and FreeBSD

EE 660: Computer Architecture Cloud Architecture: Virtualization

Dr. Song Fu 3/22/2010

CprE Virtualization. Dr. Yong Guan. Department of Electrical and Computer Engineering & Information Assurance Center Iowa State University

Virtualized SISCI. Extending Virtual Machines With a Shared Memory API Utilizing PCIe Networking. Halvor Kielland-Gyrud Master s Thesis Spring 2017

Shared Virtual Memory (SVM) in Xen. Feng Wu

Virtual Machines. To do. q VM over time q Implementation methods q Hardware features supporting VM q Next time: Midterm?

Introduction to Cloud Computing and Virtualization. Mayank Mishra Sujesha Sudevalayam PhD Students CSE, IIT Bombay

VT-d Posted Interrupts. Feng Wu, Jun Nakajima <Speaker> Intel Corporation

KVM as The NFV Hypervisor

Junhong Jiang, Kevin Tian, Chris Wright, Don Dugger

G Disco. Robert Grimm New York University

Hardware-Assisted Mediated Pass-Through with VFIO. Kevin Tian Principal Engineer, Intel

Hardware assisted Virtualization in Embedded

Transcription:

Virtual Machine Virtual Machine Types System Virtual Machine: virtualize a machine Container: virtualize an OS Program Virtual Machine: virtualize a process Language Virtual Machine: virtualize a language environment Virtualization Techniques Paravirtualization (e.g., Xen) Binary rewriting with Ring Deprivation (e.g., VMWare) Dynamic Binary Translation (e.g., QEMU) Hardware Virtualization (e.g., KVM) System Call Level Virtualization (e.g., Linux Container)

Extended Page Tables (EPT) A VMM must protect host physical memory Multiple guest operating systems share the same host physical memory VMM typically implements protections through page-table shadowing in software Page-table shadowing accounts for a large portion of virtualization overheads VM exits due to: #PF, INVLPG, MOV CR3 Goal of EPT is to reduce these overheads

What Is EPT? CR3 EPT Base Pointer (EPTP) Guest Linear Address Guest IA-32 Page Tables Guest Physical Address Extended Page Tables Host Physical Address Extended Page Table A new page-table structure, under the control of the VMM Defines mapping between guest- and host-physical addresses EPT base pointer (new VMCS field) points to the EPT page tables EPT (optionally) activated on VM entry, deactivated on VM exit Guest has full control over its own IA-32 page tables No VM exits due to guest page faults, INVLPG, or CR3 changes

EPT Translation: Details CR3 Guest Linear Address Host Physical Address + EPT Tables Page Directory + EPT Tables Page Table + EPT Tables Guest Physical Page Base Address Guest Physical Address All guest-physical memory addresses go through EPT tables (CR3, PDE, PTE, etc.) Above example is for 2-level table for 32-bit address space Translation possible for other page-table formats (e.g., PAE)

VT-d Overview: Intel Virtualization Technology For Directed I/O

Options For I/O Virtualization Monolithic Model Service VM Model Pass-through Model Service VMs Guest VMs VM 0 VM n VM 0 VM n Guest OS and Apps Guest OS and Apps I/O Services VM 0 VM n Guest OS and Apps Guest OS and Apps I/O Services Device Drivers Guest OS and Apps Device Drivers Device Drivers Device Drivers Hypervisor Hypervisor Hypervisor Shared Devices Shared Devices Assigned Devices Pro: Higher Performance Pro: I/O Device Sharing Pro: VM Migration Con: Larger Hypervisor Pro: High Security Pro: I/O Device Sharing Pro: VM Migration Con: Lower Performance Pro: Highest Performance Pro: Smaller Hypervisor Pro: Device assisted sharing Con: Migration Challenges VT-d Goal: Support all Models

VT-d Overview VT-d is platform infrastructure for I/O virtualization Defines architecture for DMA remapping Implemented as part of platform core logic Will be supported broadly in Intel server and client chipsets CPU CPU System Bus VT-d Integrated Devices North Bridge PCIe* Root Ports DRAM PCI Express South Bridge PCI, LPC, Legacy devices,

VT-d Usage Basic infrastructure for I/O virtualization Enable direct assignment of I/O devices to unmodified or paravirtualized VMs Improves system reliability Contain and report errant DMA to software Enhances security Support multiple protection domains under SW control Provide foundation for building trusted I/O capabilities Other usages Generic facility for DMA scatter/gather Overcome addressability limitations on legacy devices

VT-d Architecture Detail DMA Requests Device ID Virtual Address Length Bus 255 Bus N Dev 31, Func 7 Dev P, Func 2 Page Frame Fault Generation Bus 0 Dev P, Func 1 Dev 0, Func 0 4KB Page Tables DMA Remapping Engine Translation Cache Device Assignment Structures Device D1 Device D2 Address Translation Structures Context Cache Address Translation Structures Memory Access with System Physical Address Memory-resident Partitioning And Translation Structures

VT-d: Remapping Structures VT-d hardware selects page-table based on source of DMA request Requestor ID (bus / device / function) in request identifies DMA source VT-d Device Assignment Entry 127 64 Rsvd Domain ID Rsvd Address Width 63 0 Address Space Root Pointer Rsvd Ext. Controls Controls P VT-d supports hierarchical page tables for address translation Page directories and page tables are 4 KB in size 4KB base page size with support for larger page sizes Support for DMA snoop control through page table entries VT-d Page Table Entry 63 Rsvd Page-Frame / Page-Table Address Available SP Rsvd Ext. Controls W R 0

VT-d: Hardware Page Walk Requestor ID DMA Virtual Address 15 Bus 8 7 3 2 Device Func 0 63 57 56 48 47 000000b 000000000b Level-4 table offset 39 38 Level-3 table offset 30 29 Level-2 table offset 21 20 12 Level-1 table offset 11 Page Offset 0 Base Device Assignment Tables Level-4 Page Table Example Device Assignment Table Entry specifying 4-level page table Level-3 Page Table Level-2 Page Table Level-1 Page Table Page

VT-d: Translation Caching Architecture supports caching of remapping structures Context Cache: Caches frequently used device-assignment entries IOTLB: Caches frequently used translations (results of page walk) Non-leaf Cache: Caches frequently used page-directory entries When updating VT-d translation structures, software enforces consistency of these caches Architecture supports global, domain-selective, and page-range invalidations of these caches Primary invalidation interface through MMIO registers for synchronous invalidations Extended invalidation interface for queued invalidations

VT-x & VT-d Working Together Virtual Machines Virtual Machine Monitor (VMM) Logical Processors VT-x Binary Translation Paravirtualization Page-table Shadowing Physical Memory IO-Device Emulation Interrupt Virtualization DMA Remap VT-d I/O Devices Hardware Virtualization Mechanisms under VMM Control

How Intel Virtualization Technology Address Virtualization Challenges Reduced Complexity VT-x removes need for binary translation / paravirtualization Can avoid I/O emulation for direct-mapped I/O devices Improved Functionality 64-bit guest OS support, remove limitations of paravirtualization Can grant Guest OS direct access to modern physical I/O devices Enhanced Reliability and Protection Simplified VMM reduces trusted computing base (TCB) DMA errors logged and reported to software Improved Performance Hardware support reduces address-translation overheads No need for shadow page tables (saves memory)

Delivering Intel VT Established Intel Virtualization Technology Specifications for Intel based platforms For the IA-32 Intel Architecture (Jan 2005) VT-x For the Intel Itanium Architecture (Jan 2005) VT-i For Directed I/O Architecture (March 2006) VT-d See http://www.intel.com/technology/computing/vptech/ Shipping Intel based platforms enabled with Intel VT VT-x: Desktop in 2005, Mobile platforms and Intel Xeon processor based servers and workstations in 2006 VT-i: Later in 2006, Intel Itanium processor based servers VT-d: Intel is enabling VMM vendors with VT-d silicon in 2006

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback