Lecture 5. KVM for ARM. Christoffer Dall and Jason Nieh. 5 November, Operating Systems Practical. OSP Lecture 5, KVM for ARM 1/42

Similar documents
KVM/ARM: The Design and Implementation of the Linux ARM Hypervisor

BUD17-301: KVM/ARM Nested Virtualization. Christoffer Dall

KVM/ARM. Marc Zyngier LPC 12

SFO17-403: Optimizing the Design and Implementation of KVM/ARM

To EL2, and Beyond! connect.linaro.org. Optimizing the Design and Implementation of KVM/ARM

Virtual Machines. Part 2: starting 19 years ago. Operating Systems In Depth IX 1 Copyright 2018 Thomas W. Doeppner. All rights reserved.

Porting bhyve on ARM. Mihai Carabas, Peter Grehan BSDCan 2016 University of Ottawa Ottawa, Canada June 10 11, 2016

Virtualization. Pradipta De

The Architecture of Virtual Machines Lecture for the Embedded Systems Course CSD, University of Crete (April 29, 2014)

The Challenges of X86 Hardware Virtualization. GCC- Virtualization: Rajeev Wankar 36

Virtualization. Operating Systems, 2016, Meni Adler, Danny Hendler & Amnon Meisels

Back To The Future: A Radical Insecure Design of KVM on ARM

Learning Outcomes. Extended OS. Observations Operating systems provide well defined interfaces. Virtual Machines. Interface Levels

COMPUTER ARCHITECTURE. Virtualization and Memory Hierarchy

Spring 2017 :: CSE 506. Introduction to. Virtual Machines. Nima Honarmand

Virtualization. ! Physical Hardware Processors, memory, chipset, I/O devices, etc. Resources often grossly underutilized

Chapter 5 C. Virtual machines

Virtualization. Starting Point: A Physical Machine. What is a Virtual Machine? Virtualization Properties. Types of Virtualization

What is KVM? KVM patch. Modern hypervisors must do many things that are already done by OSs Scheduler, Memory management, I/O stacks

Nested Virtualization on ARM

CS5460: Operating Systems. Lecture: Virtualization. Anton Burtsev March, 2013

Virtualization and memory hierarchy

KVM/ARM. Linux Symposium Christoffer Dall and Jason Nieh

Module 1: Virtualization. Types of Interfaces

Hypervisors on ARM Overview and Design choices

24-vm.txt Mon Nov 21 22:13: Notes on Virtual Machines , Fall 2011 Carnegie Mellon University Randal E. Bryant.

OS Virtualization. Why Virtualize? Introduction. Virtualization Basics 12/10/2012. Motivation. Types of Virtualization.

Virtualization History and Future Trends

Porting Hyperkernel to the ARM Architecture

Nested Virtualizationon ARM

Virtualization. Virtualization

LINUX Virtualization. Running other code under LINUX

Nested Virtualization and Server Consolidation

references Virtualization services Topics Virtualization

Performance of Kernels in Virtual Machines: An Introduction to KVM Hypervisor

Performance overhead of KVM on Linux 3.9 on ARM Cortex-A15

LINUX KVM FRANCISCO JAVIER VARGAS GARCIA-DONAS CLOUD COMPUTING 2017

Lecture 7. Xen and the Art of Virtualization. Paul Braham, Boris Dragovic, Keir Fraser et al. 16 November, Advanced Operating Systems

CSCI 8530 Advanced Operating Systems. Part 19 Virtualization

CS370 Operating Systems

Virtualization. ...or how adding another layer of abstraction is changing the world. CIS 399: Unix Skills University of Pennsylvania.

Virtual Machine Monitors!

Virtualization (II) SPD Course 17/03/2010 Massimo Coppola

Virtualization. Dr. Yingwu Zhu

COS 318: Operating Systems. Virtual Machine Monitors

Intel s Virtualization Extensions (VT-x) So you want to build a hypervisor?

CS370: Operating Systems [Spring 2017] Dept. Of Computer Science, Colorado State University

The Design, Implementation, and Evaluation of Software and Architectural Support for ARM Virtualization

CS-580K/480K Advanced Topics in Cloud Computing. VM Virtualization II

ARM Virtualization: Performance and Architectural Implications. Christoffer Dall, Shih-Wei Li, Jin Tack Lim, Jason Nieh, and Georgios Koloventzos

Lecture 5: February 3

Cross-architecture Virtualisation

Virtualization. Guillaume Urvoy-Keller UNS/I3S

Operating Systems 4/27/2015

Virtual Machines. Jinkyu Jeong Computer Systems Laboratory Sungkyunkwan University

CSE 120 Principles of Operating Systems

1 Virtualization Recap

Virtual Machines. To do. q VM over time q Implementation methods q Hardware features supporting VM q Next time: Midterm?

CS 550 Operating Systems Spring Introduction to Virtual Machines


Virtualization. Darren Alton

Advanced Operating Systems (CS 202) Virtualization

Concepts. Virtualization

I/O and virtualization

64-bit ARM Unikernels on ukvm

ARM Interrupt Virtualization. Andre Przywara

The Evolution of the ARM Architecture Towards Big Data and the Data-Centre

Micro VMMs and Nested Virtualization

Virtual Machines. Part 1: 54 years ago. Operating Systems In Depth VIII 1 Copyright 2018 Thomas W. Doeppner. All rights reserved.

Cloud Computing Virtualization

Optimizing and Enhancing VM for the Cloud Computing Era. 20 November 2009 Jun Nakajima, Sheng Yang, and Eddie Dong

VIRTUALIZATION. Dresden, 2011/12/6. Julian Stecklina

Introduction to Cloud Computing and Virtualization. Mayank Mishra Sujesha Sudevalayam PhD Students CSE, IIT Bombay

CprE Virtualization. Dr. Yong Guan. Department of Electrical and Computer Engineering & Information Assurance Center Iowa State University

ARMv8: The Next Generation. Minlin Fan & Zenon Xiu December 8, 2015

HW isolation for automotive environment BoF

Knut Omang Ifi/Oracle 6 Nov, 2017

Björn Döbel. Microkernel-Based Operating Systems. Exercise 3: Virtualization

Virtual Machine Monitors (VMMs) are a hot topic in

A Survey on Virtualization Technologies

Silver Bullet of Virtualization. Challenges and Concerns. May 27, 2013 v1.0

Xen is not just paravirtualization

CSCE 410/611: Virtualization

Chapter 5 B. Large and Fast: Exploiting Memory Hierarchy

Virtualization and Virtual Machines. CS522 Principles of Computer Systems Dr. Edouard Bugnion

viommu/arm: full emulation and virtio-iommu approaches Eric Auger KVM Forum 2017

CSCE 410/611: Virtualization!

DISCO and Virtualization

Facing the Reality: Virtualization in a Microkernelbased Operating System. Matthias Lange, MOS, January 26th, 2016

Multi-Hypervisor Virtual Machines: Enabling An Ecosystem of Hypervisor-level Services

Testing System Virtual Machines

System Virtual Machines

Virtualization. Adam Belay

Virtual machine architecture and KVM analysis D 陳彥霖 B 郭宗倫

Virtualization. Part 1 Concepts & XEN

Cortex-A15 MPCore Software Development

ARMv8 port of the Jailhouse hypervisor

Introduction to Virtual Machines. Carl Waldspurger (SB SM 89 PhD 95) VMware R&D

Overview of System Virtualization: The most powerful platform for program analysis and system security. Zhiqiang Lin

Advanced Systems Security: Virtual Machine Systems

Transcription:

Lecture 5 KVM for ARM Christoffer Dall and Jason Nieh Operating Systems Practical 5 November, 2014 OSP Lecture 5, KVM for ARM 1/42

Contents Virtualization KVM Virtualization on ARM KVM/ARM: System architecture KVM/ARM: CPU virtualization KVM/ARM: Memory virtualization KVM/ARM: I/O virtualization Keywords Questions OSP Lecture 5, KVM for ARM 2/42

Outline Virtualization KVM Virtualization on ARM KVM/ARM: System architecture KVM/ARM: CPU virtualization KVM/ARM: Memory virtualization KVM/ARM: I/O virtualization Keywords Questions OSP Lecture 5, KVM for ARM 3/42

Virtualization: reminder Virtual Machine (VM) Popek and Goldberg (1974) A virtual computer system is a hardware-software duplicate of a real existing computer system in which a statistically dominant subset of the virtual processor s instructions execute on the host processor in native mode. OSP Lecture 5, KVM for ARM 4/42

Virtualization: reminder (2) Duplicate underlying hardware Virtualization emulation Run (almost) as fast as the physical machine Abstract hardware resources CPU Memory I/O devices OSP Lecture 5, KVM for ARM 5/42

Virtualization: reminder (3) Hypervisor, Virtual Machine Monitor (VMM) The two often get confused in literature One hypervisor per physical machine One VMM per VM OSP Lecture 5, KVM for ARM 6/42

Virtualization: reminder (4) Virtualization architectures Type I: Baremetal or native Type II: Hosted Source: http://microkerneldude.wordpress.com OSP Lecture 5, KVM for ARM 7/42

Approaches to virtualization Binary translation Translate sensitive instructions to non-sensitive ones Can run unmodified guest OSes Paravirtualization gr. para (alongside) + virtualization More efficient than binary translation Also more intrusive: requires modification of guest OS Hardware-assisted virtualization Extend CPU with special hypervisor state Trap-and-emulate Similar for memory, I/O OSP Lecture 5, KVM for ARM 8/42

Outline Virtualization KVM Virtualization on ARM KVM/ARM: System architecture KVM/ARM: CPU virtualization KVM/ARM: Memory virtualization KVM/ARM: I/O virtualization Keywords Questions OSP Lecture 5, KVM for ARM 9/42

KVM Kernel-based Virtual Machine Module for the Linux kernel that turns it into a hypervisor Part of the Linux mainline kernel (since 2.6.20) Exposes /dev/kvm to user space Requires a user space host to run e.g. QEMU OSP Lecture 5, KVM for ARM 10/42

KVM/QEMU on x86 kvm.ko module provides virtualization interface via /dev/kvm QEMU sets up the guest VM using /dev/kvm This requires hardware assisted virtualization (VT-x or AMD-V) Otherwise QEMU will fall back to software emulation KVM architecture is strongly dependent on Linux/x86 OSP Lecture 5, KVM for ARM 11/42

Virtualization on x86 (Intel VT-x) AMD-V Secure Virtual Machine looks similarly OSP Lecture 5, KVM for ARM 12/42

Outline Virtualization KVM Virtualization on ARM KVM/ARM: System architecture KVM/ARM: CPU virtualization KVM/ARM: Memory virtualization KVM/ARM: I/O virtualization Keywords Questions OSP Lecture 5, KVM for ARM 13/42

ARMv7-A Instruction Set Architecture Base ISA is not virtualizable CPU modes/privilege Levels: User mode (PL0) Supervisor mode (PL1) Monitor mode (Secure PL1)... OSP Lecture 5, KVM for ARM 14/42

ARM TrustZone TrustZone/Secure Monitor does not provide virtualization No support for trap-and-emulate logic Secure boot, chain of trust Memory isolation from a rich OS Running trusted/proprietary software (e.g. Digital Rights Management) OSP Lecture 5, KVM for ARM 15/42

ARM Virtualization Extensions Extensions for CPU and MMU virtualization Implemented in Cortex-A15, Cortex-A7 New processor mode: Hyp mode (PL3) OSP Lecture 5, KVM for ARM 16/42

ARM VE: CPU virtualization OSP Lecture 5, KVM for ARM 17/42

ARM VE: CPU virtualization (2) Traps are configurable Sensitive instructions may trap to Supervisor mode Hyp mode Hyp mode has a reduced number of registers compared to Supervisor mode OSP Lecture 5, KVM for ARM 18/42

ARM VE: Memory virtualization Guest physical Hypervisor Virtual Memory Hypervisor Machine memory OSP Lecture 5, KVM for ARM 19/42

ARM VE: Memory virtualization (2) MMU supports two stages of translation: Stage 1: Virtual (VA) to Intermediate Physical (IPA) Managed by guest OS Stage 2: Intermediate Physical (IPA) to Host Physical (PA) Managed by hypervisor OSP Lecture 5, KVM for ARM 20/42

ARM VE: I/O virtualization Interrupts Generic Interrupt Controller (GIC) VGIC Memory-mapped interface (MMIO) Inter-Processor Interrupts (IPI) Timers Generic Timer Architecture Virtual counter, virtual timer OSP Lecture 5, KVM for ARM 21/42

Outline Virtualization KVM Virtualization on ARM KVM/ARM: System architecture KVM/ARM: CPU virtualization KVM/ARM: Memory virtualization KVM/ARM: I/O virtualization Keywords Questions OSP Lecture 5, KVM for ARM 22/42

Intel VT-x: CPU virtualization OSP Lecture 5, KVM for ARM 23/42

KVM on ARM: Challenges KVM architecture is strongly dependent on Linux/x86 Difficult to migrate Linux to Hyp mode Modify a lot of code Maintain separate branch Don t get included in upstream Hyp mode lacks the features of VMX root mode Difficult run an entire OS there OSP Lecture 5, KVM for ARM 24/42

Split-mode virtualization Factor KVM into Highvisor and Lowvisor OSP Lecture 5, KVM for ARM 25/42

Split-mode virtualization Lowvisor Switches between Host (Highvisor) and VMs Highvisor Leverages KVM/Linux s mechanisms Manages both its page tables and the Lowvisor s Note: trapping to the Highvisor requires double-switching OSP Lecture 5, KVM for ARM 26/42

Outline Virtualization KVM Virtualization on ARM KVM/ARM: System architecture KVM/ARM: CPU virtualization KVM/ARM: Memory virtualization KVM/ARM: I/O virtualization Keywords Questions OSP Lecture 5, KVM for ARM 27/42

World switches VMs and the Host/Highvisor run at the same level of privilege All world switches are intermediated by the Lowvisor The Host controls switching policy OSP Lecture 5, KVM for ARM 28/42

VM and Host state Action Nr. State 38 General Purpose (GP) Registers 26 Control Registers 16 VGIC Control Registers Context Switch 4 VGIC List Registers 2 Arch. Timer Control Registers 32 64-bit VFP registers 4 32-bit VFP Control Registers - CP14 Trace Registers - WFI Instructions - SMC Instructions Trap-and-Emulate - ACTLR Access - Cache ops. by Set/Way - L2CTLR / L2ECTLR Registers OSP Lecture 5, KVM for ARM 29/42

Switching from Host to VM 1. Store Host state 2. Configure and load VM state 3. Enable traps from Supervisor to Hyp 4. Enable Stage 2 translation 5. Trap to Supervisor or User OSP Lecture 5, KVM for ARM 30/42

Switching from VM to Host 1. Store VM state 2. Configure and load VM state 3. Disable (most) traps from Supervisor to Hyp 4. Disable Stage 2 translation 5. Trap to Host OSP Lecture 5, KVM for ARM 31/42

Outline Virtualization KVM Virtualization on ARM KVM/ARM: System architecture KVM/ARM: CPU virtualization KVM/ARM: Memory virtualization KVM/ARM: I/O virtualization Keywords Questions OSP Lecture 5, KVM for ARM 32/42

Memory virtualization Provided by enabling Stage 2 translation Stage 2 page tables are managed by the Highvisor Stage 2 translation is enabled/disabled by the Lowvisor OSP Lecture 5, KVM for ARM 33/42

Outline Virtualization KVM Virtualization on ARM KVM/ARM: System architecture KVM/ARM: CPU virtualization KVM/ARM: Memory virtualization KVM/ARM: I/O virtualization Keywords Questions OSP Lecture 5, KVM for ARM 34/42

I/O virtualization Direct access to I/O memory is disabled Accesses by the VM will result in Stage 2 pagefaults... and trap to the hypervisor Device access policy is controlled by QEMU Pass-through devices are an exception OSP Lecture 5, KVM for ARM 35/42

Interrupt virtualization Interrupts are emulated through VGIC VGIC state is saved/restore on context switches GIC distributor accesses will trap to the hypervisor Virtual distributor routes IPIs OSP Lecture 5, KVM for ARM 36/42

Timer virtualization Uses virtual timers Only Hyp mode can access physical timers Virtual timer interrupts trap to hypervisor Hypervisor forwards interrupts to VMs Hypervisor performs ACK and EOI operations Per-CPU timers are multiplexed using the Host s software timers OSP Lecture 5, KVM for ARM 37/42

Outline Virtualization KVM Virtualization on ARM KVM/ARM: System architecture KVM/ARM: CPU virtualization KVM/ARM: Memory virtualization KVM/ARM: I/O virtualization Keywords Questions OSP Lecture 5, KVM for ARM 38/42

Keywords virtualization hardware-assisted virtualization hypervisor virtual machine monitor split-mode virtualization highvisor lowvisor world switch OSP Lecture 5, KVM for ARM 39/42

Resources http://landley.net/kdocs/ols/2010/ ols2010-pages-45-56.pdf http://systems.cs.columbia.edu/files/ wpid-asplos2014-kvm.pdf http://systems.cs.columbia.edu/projects/kvm-arm/ http://www.linux-kvm.org/page/status http://www.linux-kvm.org/page/main_page OSP Lecture 5, KVM for ARM 40/42

Outline Virtualization KVM Virtualization on ARM KVM/ARM: System architecture KVM/ARM: CPU virtualization KVM/ARM: Memory virtualization KVM/ARM: I/O virtualization Keywords Questions OSP Lecture 5, KVM for ARM 41/42

Questions? OSP Lecture 5, KVM for ARM 42/42

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback