Virtual Machine Monitors!

Similar documents
CSE 120 Principles of Operating Systems

Virtual Machine Monitors (VMMs) are a hot topic in

Module 1: Virtualization. Types of Interfaces

Types of Virtualization. Types of virtualization

CS 571 Operating Systems. Final Review. Angelos Stavrou, George Mason University

Multiprocessor Scheduling. Multiprocessor Scheduling

Lecture 5: February 3

Nested Virtualization and Server Consolidation

references Virtualization services Topics Virtualization

Virtual Machines. Jinkyu Jeong Computer Systems Laboratory Sungkyunkwan University

Virtualization. ...or how adding another layer of abstraction is changing the world. CIS 399: Unix Skills University of Pennsylvania.

Operating Systems 4/27/2015

The Challenges of X86 Hardware Virtualization. GCC- Virtualization: Rajeev Wankar 36

Spring 2017 :: CSE 506. Introduction to. Virtual Machines. Nima Honarmand

Virtualization. Pradipta De

An overview of virtual machine architecture

EE 660: Computer Architecture Cloud Architecture: Virtualization

Virtual Machines. Part 2: starting 19 years ago. Operating Systems In Depth IX 1 Copyright 2018 Thomas W. Doeppner. All rights reserved.

CS-580K/480K Advanced Topics in Cloud Computing. VM Virtualization II

Lecture 7. Xen and the Art of Virtualization. Paul Braham, Boris Dragovic, Keir Fraser et al. 16 November, Advanced Operating Systems

Chapter 5 C. Virtual machines

Virtualization. join, aggregation, concatenation, array, N 1 ühendamine, agregeerimine, konkateneerimine, massiiv

Virtualization. Michael Tsai 2018/4/16

LINUX Virtualization. Running other code under LINUX

Originally prepared by Lehigh graduate Greg Bosch; last modified April 2016 by B. Davison

CS 350 Winter 2011 Current Topics: Virtual Machines + Solid State Drives

CS 470 Spring Virtualization and Cloud Computing. Mike Lam, Professor. Content taken from the following:

COMPUTER ARCHITECTURE. Virtualization and Memory Hierarchy

Overview of System Virtualization: The most powerful platform for program analysis and system security. Zhiqiang Lin

Introduction to Cloud Computing and Virtualization. Mayank Mishra Sujesha Sudevalayam PhD Students CSE, IIT Bombay

for Kerrighed? February 1 st 2008 Kerrighed Summit, Paris Erich Focht NEC

The Architecture of Virtual Machines Lecture for the Embedded Systems Course CSD, University of Crete (April 29, 2014)

Virtualization and memory hierarchy

VIRTUALIZATION: IBM VM/370 AND XEN

CHAPTER 16 - VIRTUAL MACHINES

Virtualization. ! Physical Hardware Processors, memory, chipset, I/O devices, etc. Resources often grossly underutilized

Virtualization. Starting Point: A Physical Machine. What is a Virtual Machine? Virtualization Properties. Types of Virtualization

Virtualization. Operating Systems, 2016, Meni Adler, Danny Hendler & Amnon Meisels

Virtualization. Dr. Yingwu Zhu

Xen and the Art of Virtualization. Nikola Gvozdiev Georgian Mihaila

NON SCHOLAE, SED VITAE

CprE Virtualization. Dr. Yong Guan. Department of Electrical and Computer Engineering & Information Assurance Center Iowa State University

Virtual Leverage: Server Consolidation in Open Source Environments. Margaret Lewis Commercial Software Strategist AMD

CSCE 410/611: Virtualization!

CS370 Operating Systems

CHAPTER 16 - VIRTUAL MACHINES

Virtualization Introduction

24-vm.txt Mon Nov 21 22:13: Notes on Virtual Machines , Fall 2011 Carnegie Mellon University Randal E. Bryant.

Distributed Systems COMP 212. Lecture 18 Othon Michail

CSCE 410/611: Virtualization

CS 550 Operating Systems Spring Introduction to Virtual Machines

Background. IBM sold expensive mainframes to large organizations. Monitor sits between one or more OSes and HW

COS 318: Operating Systems. Virtual Machine Monitors

I/O and virtualization

Linux and Xen. Andrea Sarro. andrea.sarro(at)quadrics.it. Linux Kernel Hacking Free Course IV Edition

Lecture 09: VMs and VCS head in the clouds

Learning Outcomes. Extended OS. Observations Operating systems provide well defined interfaces. Virtual Machines. Interface Levels

Cloud Computing Virtualization

CS370: Operating Systems [Spring 2017] Dept. Of Computer Science, Colorado State University

Virtual Machines. To do. q VM over time q Implementation methods q Hardware features supporting VM q Next time: Midterm?

Introduction to Virtual Machines. Carl Waldspurger (SB SM 89 PhD 95) VMware R&D

Xen and the Art of Virtualization. CSE-291 (Cloud Computing) Fall 2016

Virtualization and High-Availability

Cloud and Datacenter Networking

Server Virtualization Approaches

Virtual Machines Disco and Xen (Lecture 10, cs262a) Ion Stoica & Ali Ghodsi UC Berkeley February 26, 2018

Advanced Operating Systems (CS 202) Virtualization

1 Virtualization Recap

Fairness Issues in Software Virtual Routers

OS Virtualization. Why Virtualize? Introduction. Virtualization Basics 12/10/2012. Motivation. Types of Virtualization.

Lecture 5. KVM for ARM. Christoffer Dall and Jason Nieh. 5 November, Operating Systems Practical. OSP Lecture 5, KVM for ARM 1/42

A Survey on Virtualization Technologies

CS370: Operating Systems [Spring 2016] Dept. Of Computer Science, Colorado State University

Virtualization with XEN. Trusted Computing CS599 Spring 2007 Arun Viswanathan University of Southern California

Virtualization and Virtual Machines. CS522 Principles of Computer Systems Dr. Edouard Bugnion

Xen and the Art of Virtualization

CS5460: Operating Systems. Lecture: Virtualization. Anton Burtsev March, 2013

Virtual machine architecture and KVM analysis D 陳彥霖 B 郭宗倫

Virtualisation: The KVM Way. Amit Shah

Virtualization, Xen and Denali

Unit 5: Distributed, Real-Time, and Multimedia Systems

CSCI 8530 Advanced Operating Systems. Part 19 Virtualization

CSE543 - Computer and Network Security Module: Virtualization

System Virtual Machines

Dawn Song

Chapter 2: System Structures

CSE543 - Computer and Network Security Module: Virtualization

CSE543 - Computer and Network Security Module: Virtualization

INNOV-4: Fun With Virtualization. Or, How I learned to love computers that don t really exist...

CS370 Operating Systems

Dynamic Translator-Based Virtualization

Virtualization. Virtualization

The Future of Virtualization

Lecture 4: Extensibility (and finishing virtual machines) CSC 469H1F Fall 2006 Angela Demke Brown

System Virtual Machines

Virtualization. Guillaume Urvoy-Keller UNS/I3S

Xen and the Art of Virtualiza2on

Virtual Machine Systems

SUSE An introduction...

Knut Omang Ifi/Oracle 20 Oct, Introduction to virtualization (Virtual machines) Aspects of network virtualization:

Transcription:

ISA 673 Operating Systems Security Virtual Machine Monitors! Angelos Stavrou, George Mason University!

Virtual Machine Monitors 2! Virtual Machine Monitors (VMMs) are everywhere! Industry commitment! Software: VMware, Xen, Microsoft Virtual PC! Hardware: Intel VT, AMD-V! If Intel and AMD add it to their chips, you know it s serious! Academia: lots of VMM-based projects and papers! An old idea: developed by IBM in 60s & 70s! Today! What is it, what problems have to be solved, how to solve them! Survey some virtualization systems! Briefly outline cool things you can do with virtualization!

What is a VMM? 3! We have seen that an OS already virtualizes! System calls, processes, virtual memory, file system, sockets, etc.! Applications program to this interface! A VMM virtualizes an entire physical machine! Interface supported is the hardware! OS defines a higher-level interface! VMM provides the illusion that software has full control over the hardware (of course, VMM is in control)! VMM applications run in virtual machines (c.f., OS processes)!

What is a VMM? (Cont.) 4! Implications! You can boot an operating system in a virtual machine! Run multiple instances of an OS on same physical machine! Run different OSes simultaneously on the same machine! Linux on Windows, Windows on Mac, etc.! Capabilities! Virtualize Resources and Isolate processes! Share and meter resources! Provide machine in machine types of abstraction! How many levels can we really go down?! VMM stands for Virtual Machine Monitor & VM for Virtual Machine"

Why is that important? 5! Resource utilization! Machines today are powerful, want to multiplex their hardware! e.g., ISP hosting can divvy up a physical machine to customers! Can migrate VMs from one machine to another without shutdown! Software use and development! Can run multiple OSes simultaneously! No need to dual boot! Can do system (e.g., OS) development at user-level! Security! Securing a Browser using virtualization (Demo).! What are the benefits and problems?!!!!

Why is that important? (Cont.) 6! Common theme is manipulating applications/ services at the granularity of a machine! Specific version of OS, libraries, applications, etc., as package! The importance here is to understand that there are many types of virtualization:! Full Emulated Virtualization (Super Heavy Weight)! Full Partly-Emulated Virtualization (Heavy Weight)! Para-Virtualization (Medium Weight)! OS-Level and Application Virtualization (Very Light)

Types of Virtualization 7! Emulation! VM emulates/simulates complete hardware! Unmodified guest OS for a different PC can be run! Bochs, VirtualPC for Mac, QEMU, Virtualbox, Vmware Workstation! Full/native Virtualization! VM simulates enough hardware to allow an unmodified guest OS to be run in isolation! Same hardware CPU! IBM VM family, VMWare Workstation, Parallels,!!

Types of Virtualization (Cont.) 8! Para-virtualization! VM does not simulate hardware! Use special API that a modified guest OS must use! Hypercalls trapped by the Hypervisor and serviced! Xen, VMWare ESX Server!

Types of Virtualization (Cont.) 9! OS-level virtualization! OS allows multiple secure virtual servers to be run! Guest OS is the same as the host OS, but appears isolated! apps see an isolated OS! Solaris Containers, BSD Jails, Linux Vserver! Application level virtualization! Application is gives its own copy of components that are not shared (E.g., own registry files, global objects)! VE prevents conflicts! Java Virtual Machine, Interpreted languages!

10! Full vs Lightweight Virtualization

VMM Requirements 11! Fidelity! OSes and applications work the same without modification! (although we may modify the OS a bit)! Isolation! VMM protects resources and VMs from each other! Performance! VMM is another layer of software and therefore overhead! As with OS, want to minimize this overhead! VMware:! CPU-intensive apps: 2-10% overhead! I/O-intensive apps: 25-60% overhead!

CPU Virtualization 12! VMM needs to multiplex VMs on CPU! How? Just as you would expect! Timeslice the VMs! Each VM will timeslice its OS/applications during its quantum! Typically relatively simple scheduler! Round robin, work-conserving (give unused quantum to other VMs)!

Virtualizing Events & I/O 13! VMM receives interrupts, exceptions! Needs to vector to appropriate VM! Craft appropriate handler invocation, emulate event registers! OSes can no longer interact directly with I/O devices! VMWare Workstation: generic devices only (hosted)! E.g., AMD Lance chipset/pcnet Ethernet device! Load driver into OS in VM, OS uses it normally! Driver knows about VMM, cooperates to pass the buck to a real device driver (e.g., on underlying host OS)! VMware ESX Server: drivers run in VMM (hypervisor)!

14! Virtualized I/O Models

Virtualization in Mobile Devices 15! What are the problems?! Why did Google use the Dalvik VM?! Is it enough in terms of application Security?! Can we monitor operations inside Dalvik?! Who will guard the guarding program?! No mechanism for two-level control! Linux-level processes not visible! There is a need for higher level control! See the paper by Gernot Heiser! Discussion!

Summary 16! VMMs multiplex virtual machines on hardware! Export the hardware interface! Run OSes in VMs, apps in OSes unmodified! Run different versions, kinds of OSes simultaneously! Intel and AMD are adding virtualization support! Goal is to fully virtualize architecture! Transparent trap-and-emulate approach now feasible! Echoes hardware support originally implemented by IBM! Lesson: Never underestimate the power of indirection!

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback