Virtual Machines. Part 2: starting 19 years ago. Operating Systems In Depth IX 1 Copyright 2018 Thomas W. Doeppner. All rights reserved.

Similar documents
Virtualization. Pradipta De

Chapter 5 C. Virtual machines

CS 350 Winter 2011 Current Topics: Virtual Machines + Solid State Drives

Virtual Machines. Part 1: 54 years ago. Operating Systems In Depth VIII 1 Copyright 2018 Thomas W. Doeppner. All rights reserved.

The Challenges of X86 Hardware Virtualization. GCC- Virtualization: Rajeev Wankar 36

COMPUTER ARCHITECTURE. Virtualization and Memory Hierarchy

Module 1: Virtualization. Types of Interfaces

Advanced Operating Systems (CS 202) Virtualization

CS-580K/480K Advanced Topics in Cloud Computing. VM Virtualization II

CS370 Operating Systems

Virtualization and memory hierarchy


Spring 2017 :: CSE 506. Introduction to. Virtual Machines. Nima Honarmand

Virtualization. Starting Point: A Physical Machine. What is a Virtual Machine? Virtualization Properties. Types of Virtualization

Virtualization. ! Physical Hardware Processors, memory, chipset, I/O devices, etc. Resources often grossly underutilized

CprE Virtualization. Dr. Yong Guan. Department of Electrical and Computer Engineering & Information Assurance Center Iowa State University

Lecture 7. Xen and the Art of Virtualization. Paul Braham, Boris Dragovic, Keir Fraser et al. 16 November, Advanced Operating Systems

1 Virtualization Recap

Learning Outcomes. Extended OS. Observations Operating systems provide well defined interfaces. Virtual Machines. Interface Levels

CHAPTER 16 - VIRTUAL MACHINES

Virtualization. Operating Systems, 2016, Meni Adler, Danny Hendler & Amnon Meisels

24-vm.txt Mon Nov 21 22:13: Notes on Virtual Machines , Fall 2011 Carnegie Mellon University Randal E. Bryant.

CSCI 8530 Advanced Operating Systems. Part 19 Virtualization

Lecture 5. KVM for ARM. Christoffer Dall and Jason Nieh. 5 November, Operating Systems Practical. OSP Lecture 5, KVM for ARM 1/42

OS Virtualization. Why Virtualize? Introduction. Virtualization Basics 12/10/2012. Motivation. Types of Virtualization.

CS 550 Operating Systems Spring Introduction to Virtual Machines

Virtual Machines. Jinkyu Jeong Computer Systems Laboratory Sungkyunkwan University

Virtualization. Adam Belay

The Future of Virtualization

Virtual Machines. To do. q VM over time q Implementation methods q Hardware features supporting VM q Next time: Midterm?

EE 660: Computer Architecture Cloud Architecture: Virtualization

references Virtualization services Topics Virtualization

CS370: Operating Systems [Spring 2017] Dept. Of Computer Science, Colorado State University

The Architecture of Virtual Machines Lecture for the Embedded Systems Course CSD, University of Crete (April 29, 2014)

Virtualization. Virtualization

CSE 120 Principles of Operating Systems

Operating Systems 4/27/2015

CSC 5930/9010 Cloud S & P: Virtualization

CHAPTER 16 - VIRTUAL MACHINES

Virtual Virtual Memory

What is KVM? KVM patch. Modern hypervisors must do many things that are already done by OSs Scheduler, Memory management, I/O stacks

Virtual machine architecture and KVM analysis D 陳彥霖 B 郭宗倫

Nested Virtualization and Server Consolidation

Virtualization. ...or how adding another layer of abstraction is changing the world. CIS 399: Unix Skills University of Pennsylvania.

Virtual Machine Monitors!

LINUX Virtualization. Running other code under LINUX

Intel VMX technology

Who Watches the Watcher? Detecting Hypervisor Introspection from Unprivileged Guests

DISCO and Virtualization

CS5460: Operating Systems. Lecture: Virtualization. Anton Burtsev March, 2013

Virtual Machine Monitors (VMMs) are a hot topic in

Advanced Systems Security: Virtual Machine Systems

CS370: Operating Systems [Spring 2017] Dept. Of Computer Science, Colorado State University

Cloud Computing Virtualization

Background. IBM sold expensive mainframes to large organizations. Monitor sits between one or more OSes and HW

Virtualization and Virtual Machines. CS522 Principles of Computer Systems Dr. Edouard Bugnion

Distributed Systems COMP 212. Lecture 18 Othon Michail

CS370 Operating Systems

Lecture 5: February 3

Virtualization History and Future Trends

Intel s Virtualization Extensions (VT-x) So you want to build a hypervisor?

Intel Virtualization Technology Roadmap and VT-d Support in Xen

Virtualization. Dr. Yingwu Zhu

Virtualization (II) SPD Course 17/03/2010 Massimo Coppola

Multiprocessor Scheduling. Multiprocessor Scheduling

COS 318: Operating Systems. Virtual Machine Monitors

Xen is not just paravirtualization

Chapter 5 B. Large and Fast: Exploiting Memory Hierarchy

Xen and the Art of Virtualization. Nikola Gvozdiev Georgian Mihaila

CLOUD COMPUTING IT0530. G.JEYA BHARATHI Asst.Prof.(O.G) Department of IT SRM University

Linux and Xen. Andrea Sarro. andrea.sarro(at)quadrics.it. Linux Kernel Hacking Free Course IV Edition

LINUX KVM FRANCISCO JAVIER VARGAS GARCIA-DONAS CLOUD COMPUTING 2017


Xen and the Art of Virtualization. CSE-291 (Cloud Computing) Fall 2016

Hardware Virtualization Trends

An overview of virtual machine architecture

Virtual Machine Security

Fast access ===> use map to find object. HW == SW ===> map is in HW or SW or combo. Extend range ===> longer, hierarchical names

To EL2, and Beyond! connect.linaro.org. Optimizing the Design and Implementation of KVM/ARM

VIRTUALIZATION: IBM VM/370 AND XEN

Virtual machines are an interesting extension of the virtual-memory concept: not only do we give processes the illusion that they have all of memory

W4118: virtual machines

Virtualisation: The KVM Way. Amit Shah

Introduction to Cloud Computing and Virtualization. Mayank Mishra Sujesha Sudevalayam PhD Students CSE, IIT Bombay

Micro VMMs and Nested Virtualization

Overview of System Virtualization: The most powerful platform for program analysis and system security. Zhiqiang Lin

A Survey on Virtualization Technologies

CS 5600 Computer Systems. Lecture 11: Virtual Machine Monitors

Virtualization. Michael Tsai 2018/4/16

Virtual Memory. Lecture for CPSC 5155 Edward Bosworth, Ph.D. Computer Science Department Columbus State University

Virtualization. Guillaume Urvoy-Keller UNS/I3S

CS370: Operating Systems [Spring 2016] Dept. Of Computer Science, Colorado State University

CSE543 - Computer and Network Security Module: Virtualization

COSC6376 Cloud Computing Lecture 14: CPU and I/O Virtualization

CIS Operating Systems CPU Mode. Professor Qiang Zeng Spring 2018

Nested Virtualization Update From Intel. Xiantao Zhang, Eddie Dong Intel Corporation

Introduction Construction State of the Art. Virtualization. Bernhard Kauer OS Group TU Dresden Dresden,

I/O and virtualization

COSC 6385 Computer Architecture. Virtualizing Compute Resources

Memory Management Part 1. Operating Systems in Depth XX 1 Copyright 2018 Thomas W. Doeppner. All rights reserved.

Transcription:

Virtual Machines Part 2: starting 19 years ago Operating Systems In Depth IX 1 Copyright 2018 Thomas W. Doeppner. All rights reserved.

Operating Systems In Depth IX 2 Copyright 2018 Thomas W. Doeppner. All rights reserved.

How They re Different IBM 360 Two execution modes supervisor and problem (user) all sensitive instructions are privileged instructions Memory is protectable: 2k-byte granularity All interrupt vectors and the clock are in first 512 bytes of memory I/O done via channel programs in memory, initiated with privileged instructions Dynamic address translation (virtual memory) added for Model 67 Intel x86 Four execution modes rings 0 through 3 not all sensitive instructions are privileged instructions Memory is protectable: segment system + virtual memory Special register points to interrupt vector I/O done via memory-mapped registers Virtual memory is standard Operating Systems In Depth IX 3 Copyright 2018 Thomas W. Doeppner. All rights reserved.

Rings apps 3 2 1 kernel 0 Operating Systems In Depth IX 4 Copyright 2018 Thomas W. Doeppner. All rights reserved.

A Sensitive x86 Instruction popf pops word off stack, setting processor flags according to word s content - sets all flags if in ring 0 including interrupt-disable flag - just some of them if in other rings ignores interrupt-disable flag Operating Systems In Depth IX 5 Copyright 2018 Thomas W. Doeppner. All rights reserved.

What to Do? Binary rewriting rewrite kernel binaries of guest OSes - replace sensitive instructions with hypercalls - do so dynamically Hardware virtualization fix the hardware so it s virtualizable Paravirtualization virtual machine differs from real machine - provides more convenient interfaces for virtualization - hypervisor interface between virtual and real machines - guest OS source code is modified Operating Systems In Depth IX 6 Copyright 2018 Thomas W. Doeppner. All rights reserved.

Binary Rewriting Privilege-mode code run via binary translator replaces sensitive instructions with hypercalls translated code is cached - usually translated just once VMWare U.S. patent 6,397,242 more recently - KVM/QEMU Operating Systems In Depth IX 7 Copyright 2018 Thomas W. Doeppner. All rights reserved.

Fixing the Hardware Intel Vanderpool technology: VT-x also known as VMX (virtual-machine extensions) new processor mode - ring -1 root mode other modes are non-root certain events in non-root mode cause VM-exit to root mode - essentially a hypercall - data structure in root mode specifies which events cause VM-exits non-vmm OSes must be written not to use root mode! Operating Systems In Depth IX 8 Copyright 2018 Thomas W. Doeppner. All rights reserved.

Virtual-Machine State Real Execution VM-exit Machine state Virtualized state VMM Operating Systems In Depth IX 9 Copyright 2018 Thomas W. Doeppner. All rights reserved.

VM Control State Virtual Machine Guest State Host State Control virtual machine control structure (VMCS) Root Mode Operating Systems In Depth IX 10 Copyright 2018 Thomas W. Doeppner. All rights reserved.

VM Control State VM-Exit Virtual Machine Guest State Host State Control virtual machine control structure (VMCS) Root Mode Operating Systems In Depth IX 11 Copyright 2018 Thomas W. Doeppner. All rights reserved.

VM Control State VM-Entry Virtual Machine Guest State Host State Control virtual machine control structure (VMCS) Root Mode Operating Systems In Depth IX 12 Copyright 2018 Thomas W. Doeppner. All rights reserved.

Examples mov instruction mov $2, %rax - no VM-exit mov $2, %CR3 interrupts - VM-exit interrupt occurs - VM-exit popf in ring 0 - affects interrupt-disable flag on guest, no effect on real machine - no VM-exit set interrupt vector - VM-exit Operating Systems In Depth IX 13 Copyright 2018 Thomas W. Doeppner. All rights reserved.

Quiz We ve implemented recursive virtualization: VMM i runs on a VM supported by VMM i-1, which runs on a VM supported by VMM i-2,, which runs on a VM supported by VMM 0, which runs on the real hardware. A VM-Exit takes place on a VM running on VMM i. a) It s handled first on VMM i, which then VM- Exits to VMM i-1, which the VM-Exits to VMM i-2,, which VM-exits to VMM 0. b) It s handled first on VMM 0, is then handled on VMM 1,, and finally on VMM i. Operating Systems In Depth IX 14 Copyright 2018 Thomas W. Doeppner. All rights reserved.

I/O Virtualization Channel programs were generic I/O via memory-mapped registers is not lots and lots and lots of device drivers must VMM handle all of them? Operating Systems In Depth IX 15 Copyright 2018 Thomas W. Doeppner. All rights reserved.

Real-Machine OS Structure process process process process process OS Device drivers Devices Processor(s) Operating Systems In Depth IX 16 Copyright 2018 Thomas W. Doeppner. All rights reserved.

On a Virtual Machine Process Process Process Process OS OS Device drivers Device drivers Virtual devices Virtual processor(s) Virtual devices Virtual processor(s) Device drivers VMM Devices Processor(s) Operating Systems In Depth IX 17 Copyright 2018 Thomas W. Doeppner. All rights reserved.

VMware Workstation Process Process Process Process Guest OS Guest OS VMApp Process Process Device drivers Device drivers Virtual devices Virtual processor(s) Virtual devices VMDriver Virtual processor(s) Device drivers Host OS Devices Processor(s) Operating Systems In Depth IX 18 Copyright 2018 Thomas W. Doeppner. All rights reserved.

KVM/QEMU KVM kernel virtual machine monitor for Linux uses VMX technology (or AMD equivalent) QEMU generic and open source machine emulator and virtualizer does binary rewriting and caching as does VMware emulates I/O devices as well KVM/QEMU code executes natively until VM-exit user-space QEMU code does I/O emulation Operating Systems In Depth IX 19 Copyright 2018 Thomas W. Doeppner. All rights reserved.

Paravirtualization Sensitive instructions replaced with hypervisor calls traps to VMM Virtual machine provides higher-level device interface guest machine has no device drivers Operating Systems In Depth IX 20 Copyright 2018 Thomas W. Doeppner. All rights reserved.

Xen Domain 0 Domain U1 Ring 3 Ring 3 Ring 3 Ring 3 Ring 3 App App App App App OS net back end event channel shared mem net front end OS Ring 0 block back end event channel shared mem block front end Ring 1 net device driver disk device driver VMM Ring 0 Hardware Operating Systems In Depth IX 21 Copyright 2018 Thomas W. Doeppner. All rights reserved.

Additional Applications Sandboxing isolate web servers isolate device drivers Migration VM not tied to particular hardware easy to move from one (real) platform to another Operating Systems In Depth IX 22 Copyright 2018 Thomas W. Doeppner. All rights reserved.

Domain 0 Xen with Isolated Driver Domain U1 Process Process Process Process Domain U2 OS net back end net front end block front end OS block back end OS net device driver VMM disk device driver Hardware Operating Systems In Depth IX 23 Copyright 2018 Thomas W. Doeppner. All rights reserved.

Process Migration stack dynamic bss data text Operating Systems In Depth IX 24 Copyright 2018 Thomas W. Doeppner. All rights reserved.

Approaches: Before stack dynamic bss data text stack dynamic bss data text Operating Systems In Depth IX 25 Copyright 2018 Thomas W. Doeppner. All rights reserved.

Approaches: After Communication stack dynamic bss data text Communication stack stack dynamic bss data text dynamic bss data text local standin System calls Operating Systems In Depth IX 26 Copyright 2018 Thomas W. Doeppner. All rights reserved.

Virtual-Machine Migration Virtual machines are isolated by definition! State is well defined thus easy to identify and move possible exception of virtual memory Operating Systems In Depth IX 27 Copyright 2018 Thomas W. Doeppner. All rights reserved.

Transferring Virtual Memory Eager all dirty - (clean pages come from common source) Lazy copy on reference Straightforward flush everything to file system on source, then access file system on target Weird precopy Operating Systems In Depth IX 28 Copyright 2018 Thomas W. Doeppner. All rights reserved.

Eager Dirty Freeze process on source Transfer all dirty pages to target Resume process on target Operating Systems In Depth IX 29 Copyright 2018 Thomas W. Doeppner. All rights reserved.

Precopy While process still running on source transfer everything to target (eager dirty) While more than x pages dirty on source transfer newly dirtied pages to target Freeze process on source Transfer remaining dirty pages to target Resume process on target Operating Systems In Depth IX 30 Copyright 2018 Thomas W. Doeppner. All rights reserved.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback