1 / 25

Intel Virtualization Technology

Intel Virtualization Technology. Rich Uhlig Gil Neiger Dion Rodgers Amy L. Santoni Fernando C.M. Martins Andrew V. Anderson Steven M. Bennett Alain Kägi Felix H. Leung Larry Smith. 碩一 朱君平. Outline. Virtualization Usage models and workloads

dante
Download Presentation

Intel Virtualization Technology

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Intel VirtualizationTechnology Rich Uhlig Gil Neiger Dion Rodgers Amy L. Santoni Fernando C.M. Martins Andrew V. Anderson Steven M. Bennett Alain Kägi Felix H. Leung Larry Smith 碩一 朱君平 Distributed System

  2. Outline • Virtualization • Usage models and workloads • Challenges to virtualizing Intel architectures • Addressing virtualization challenges in software • VT-x architecture overview • VT-i architecture overview • Solving virtualization challenges with VT-x and VT-i Distributed System

  3. Virtualization • Make it run multiple operating systems. virtual machines (VMs) • VMM is a layer of system software. • Arbitrate accesses to the underlying physical host platform’s resources. VM0 VM1 VMn App0 App0 App1 App1 Appn Appn ... ... Guest OS0 Guest OS1 Guest OSn Guest OSn Virtual Machine Monitor (VMM) Virtual Machine Monitor (VMM) Platform HW Platform HW Memory Memory Processor/CS Processor/CS I/O Devices I/O Devices Distributed System

  4. Virtualizationcapabilities Isolating multiple softwarestacks in their own VMscan improve: security-Intrusions can be confined to the VM. reliability-Software failures in one VM do not affect the other VMs. Distributed System

  5. Virtualization makes it possible to consolidateindividual workloads onto asingle physicalplatform, reducing the total cost. For server and clint can imporvemanageability. Distributed System

  6. By encapsulating a guest’s state within a VM virtualization can decouple the guest from the hardware migrate to a different platform. Distributed System

  7. Virtualization Usage Models • Benefits of virtualization include improved utilization, manageability, and reliability of systems. • Virtualization has a broad range of usages. Distributed System

  8. Challenges to virtualizing Intel architectures • Intel microprocessors provide protection of a 2-bit privilege level. • Ring 0: for most privileged software. Ex: kernel. • Ring 3: for least privileged software. Ex: applications. Most IA software uses only privilege levels 0 and 3. Nonvirtualized system Distributed System

  9. Because a VMM cannot allow a guest OS such control, a guest OS cannot execute at privilege level 0. • IA-based VMMs must use ring deprivileging, a technique that runs all guest software at a privilege level greater than 0. Guests in 64-bitmode can’t use on IA-32 processors. (b) the 0/1/3 model for ring deprivileging (c) the 0/3/3 model for ring deprivileging Distributed System

  10. Ring deprivileging causes numerousvirtualization challenges: • Ring aliasing-Problem when software is run at a privilege level otherthan the level for which it waswritten. • Address-space compression- Challenges of protecting these portions of the virtual-address space and supporting guest accesses. • The VMM could run entirely within the guest’s virtual-addressspace. • The VMM must prevent guest access to those portions of the guest’s virtual-address space that the VMM is using. • Guestattempts to access these portions of the address spacemustgenerate transitions to the VMM, which canemulate support them. Distributed System

  11. Nonfaulting access to privileged state-The IA-32 architectures include instructions that access privileged state and do not fault when executed with insufficient privilege. • Example: Software can execute the instructions that write to these registers (LGDT, LIDT, LLDT, and LTR) only at privilege level 0. Software can execute the instructions that read from these registers(SGDT, SIDT, SLDT, and STR) at any privilege level. If guest OS using the latter instructions could determine that it does not have full control of the CPU. Distributed System

  12. Adverse impacts on guest transitions- • Original, SYSENTER always effects a transition to privilege level 0, and SYSEXIT will fault if executed outside that privilege level. • Executions of SYSENTER by a guest application will cause a transition to the VMM and not to the guest OS. The VMM must thus emulate every guest execution of SYSENTER. • Execution of SYSEXIT by a guest OS will cause a fault to the VMM. Thus, the VMM must emulate every guest execution of SYSEXIT. Distributed System

  13. Interrupt virtualization- • IA-32 architecture provide mechanisms for masking external interrupts, preventing their delivery when the OS is not ready for them. • VMM will likely manage external interrupts and deny guest software the ability to control interrupt masking. • The other challenges when a VMM has a “virtual interrupt” to deliver to a guest. A virtual interrupt should be delivered only when the guest has unmasked interrupts. Distributed System

  14. Ring compression- • Because segment limits do not apply in 64-bit mode, paging must be used in this mode. • Because IA-32 paging does not distinguish privilege levels 0-2, the guest OS must run at privilege level 3. • Thus, the guest OS will run at the same privilege level as guest applications and will not be protected from them. • Access to hidden state-IA-32 does not provide mechanisms for saving and restoring these hidden components of a guest context when changing VMs. Distributed System

  15. Addressing virtualization challenges in software • VMM designers have solutions that modify guest software: • Source guest OS Modifications. • Binary guest OS Modifications. • They offers high performance and does not require making changes to guest applications. • A disadvantage is that it limits the range of supported operating systems. Virtualization of current IA CPUs require complex software workarounds. Distributed System

  16. Intel virtualization technology • VT-x : Intel Virtualization Technology of IA-32. • VT-i : Intel Virtualization Technology of Itanium architecture. • Apps run deprivileged in ring 3. • OS runs deprivileged in ring 0. • VMM runs in new mode with full privilege. VM0 VM1 VMn App0 App1 Appn ... Guest OS0 Guest OS1 Guest OSn Virtual Machine Monitor (VMM) Platform HW Memory Processor/CS I/O Devices Distributed System

  17. VT-x architecture overview • VT-x augments IA-32 with two new forms of CPU operation: • VMX root operation: Fully privileged, runs for VM monitor. • VMX non-root operation: Not fully privileged, runs for guest software . Both forms of operation support all four privilege levels. (d) system using VT-x or VT-i Distributed System

  18. VM Entry and VM Exit • VM Entry • Transition from VMM to guest . • Enters VMX non-root operation. • Loads processor state from guest state of VMCS . • VM Exit • Transition from guest to VMM. • Enters VMX root operation. • Saves guest state in VMCS. • Loads host state from VMCS. VM0 VM1 App0 App1 ... Guest OS0 Guest OS1 VM Exit VM Entry Virtual Machine Monitor (VMM) Platform HW Distributed System Processor/CS I/O Devices Memory

  19. virtual-machine control structure (VMCS) • VMCS manages VM entriesand VM exits and processor behavior in VMX non-rootoperations. • Only one VMCS active per virtual processor at any given time. • The VMCS is divided into two sections: • The guest-state area. • The host-state area. Distributed System

  20. VM 1 VM 2 VM n Ring 3 Ring 3 Ring 3 Ring 0 Ring 0 Ring 0 VMCS 1 VMCS n VMCS 2 Ring 3 Ring 0 Load processor state from the guest-state area. VT-x Operations Save processor state tothe guest-state area and then load processor statefrom the host-state area. VMX Non-root Operation . . . VM Exit VMX Root Operation VMXON VMRESUME VMLAUNCH Distributed System

  21. Principal Causes of VMEXIT • State-based exits allow function virtualization • CPUID, RDMSR, WRMSR, RDPMC, RDTSC, MOV DR • Selective exception and I/O exiting reduce unnecessaryexits • 32-entry exception bitmap, I/O-port access bitmap VT-x includesVM executioncontrol fields thatsupport a varietyof virtualizationstrategies for IA-32. Distributed System

  22. Distributed System

  23. Solving virtualization challenges with VT-x and VT-i • Address-space compression: • With VT-x, every transition between guest softwareand the VMM can change the linear-address space. • Allowing the guest software full use of its own address space. • Ring aliasing and ring compression: • They allow a VMM to run guest software at its intended privilege level. • Problems that a guest OS executes at the same privilege level as guest applications is also solved. Distributed System

  24. Nonfaulting access to privileged state: • A VMM based on VT-x does not require control of the guest privilege level. • VT-x allows guest software running at privilege level 0 to use the instructions LGDT, LIDT, LLDT, LTR, SGDT, SIDT, SLDT, and STR. • Guest transitions : • Guest software cannot use the IA-32 instructions SYSENTER and SYSEXIT if the guest OS runs outside privilege level 0. • With VT-x, a guest OS can run at privilege level 0, allowing use of these instructions. Distributed System

  25. Interrupt virtualization: • VT-x includes an external-interrupt exiting VM execution control. When this control is set to 1, a VMM prevents guest control of interrupt masking. • VT-x also includes an interrupt-window exiting VM-execution control. VMM can set this control when it has a virtual interrupt to deliver to a guest. • Access to hidden state: • VT-x includes in the guest-state area of the VMCS fields corresponding to CPU state. • The processor loads values from these VMCS fields on every VM entry and saves into them on every VM exit. Distributed System

More Related