Copyright © Siemens AG 2010. All rights reserved. Corporate Technology Architecture of the Kernel-based Virtual Machine (KVM) Jan Kiszka, Siemens AG, CT.

Slides:



Advertisements
Similar presentations
Virtualization Technology
Advertisements

User-Mode Linux Ken C.K. Lee
Bart Miller. Outline Definition and goals Paravirtualization System Architecture The Virtual Machine Interface Memory Management CPU Device I/O Network,
Xen and the Art of Virtualization A paper from the University of Cambridge, presented by Charlie Schluting For CS533 at Portland State University.
Network Implementation for Xen and KVM Class project for E : Network System Design and Implantation 12 Apr 2010 Kangkook Jee (kj2181)
1 Last Class: Introduction Operating system = interface between user & architecture Importance of OS OS history: Change is only constant User-level Applications.
KVM/ARM: The Design and Implementation of the Linux ARM Hypervisor Fall 2014 Presented By: Probir Roy.
1 OS & Computer Architecture Modern OS Functionality (brief review) Architecture Basics Hardware Support for OS Features.
LINUX Virtualization Running other code under LINUX.
Xen and the Art of Virtualization. Introduction  Challenges to build virtual machines Performance isolation  Scheduling priority  Memory demand  Network.
虛擬化技術 Virtualization and Virtual Machines
CSE598C Virtual Machines and Their Applications Operating System Support for Virtual Machines Coauthored by Samuel T. King, George W. Dunlap and Peter.
Virtualization Technology Prof D M Dhamdhere CSE Department IIT Bombay Moving towards Virtualization… Department of Computer Science and Engineering, IIT.
Tanenbaum 8.3 See references
Microkernels, virtualization, exokernels Tutorial 1 – CSC469.
Xen I/O Overview. Xen is a popular open-source x86 virtual machine monitor – full-virtualization – para-virtualization para-virtualization as a more efficient.
Virtualization Paul Krzyzanowski Distributed Systems Except as otherwise noted, the content of this presentation is licensed.
 Virtual machine systems: simulators for multiple copies of a machine on itself.  Virtual machine (VM): the simulated machine.  Virtual machine monitor.
Cloud Operating System Unit 09 Cloud OS Core Technology M. C. Chiang Department of Computer Science and Engineering National Sun Yat-sen University Kaohsiung,
Introduction to virtualization
Full and Para Virtualization
Lecture 26 Virtual Machine Monitors. Virtual Machines Goal: run an guest OS over an host OS Who has done this? Why might it be useful? Examples: Vmware,
Protection of Processes Security and privacy of data is challenging currently. Protecting information – Not limited to hardware. – Depends on innovation.
CSE 451: Operating Systems Winter 2015 Module 25 Virtual Machine Monitors Mark Zbikowski Allen Center 476 © 2013 Gribble, Lazowska,
KVM: Virtualisation The Linux Way Amit Shah GEEP.
Virtualization Neependra Khare
Kernel-based Virtual Machine (KVM) Memory Management Unit (MMU) Virtualization Mohammad H. Mofrad February 11, 2016
1 Virtualization "Virtualization software makes it possible to run multiple operating systems and multiple applications on the same server at the same.
CS 695 Topics in Virtualization and Cloud Computing, Autumn 2012 CS 695 Topics in Virtualization and Cloud Computing More Introduction + Processor Virtualization.
Introduction to Virtualization
Virtualization.
Virtual Machine Monitors
Virtualization Technology
Xen and the Art of Virtualization
CSC 482/582: Computer Security
Module 12: I/O Systems I/O hardware Application I/O Interface
Chapter 13: I/O Systems Modified by Dr. Neerja Mhaskar for CS 3SH3.
Presented by Mike Marty
Presented by Yoon-Soo Lee
CS 3214 Introduction to Computer Systems
Operating Systems CMPSC 473
Process Management Process Concept Why only the global variables?
CS352H: Computer Systems Architecture
Anton Burtsev February, 2017
Mechanism: Limited Direct Execution
Lecture 24 Virtual Machine Monitors
Morgan Kaufmann Publishers
Morgan Kaufmann Publishers
Xen: The Art of Virtualization
Running other code under LINUX
CIT 480: Securing Computer Systems
OS Virtualization.
Virtualization Techniques
A Survey on Virtualization Technologies
Operating System Concepts
13: I/O Systems I/O hardwared Application I/O Interface
The Design & Implementation of Hyperupcalls
CSE 451: Operating Systems Autumn Module 24 Virtual Machine Monitors
Chapter 13: I/O Systems I/O Hardware Application I/O Interface
CSE 471 Autumn 1998 Virtual memory
CSE 153 Design of Operating Systems Winter 2019
Virtualization Dr. S. R. Ahmed.
Virtual Memory Lecture notes from MKP and S. Yalamanchili.
Xen and the Art of Virtualization
Virtual Memory Use main memory as a “cache” for secondary (disk) storage Managed jointly by CPU hardware and the operating system (OS) Programs share main.
CSE 451: Operating Systems Autumn Module 24 Virtual Machine Monitors
System Virtualization
In Today’s Class.. General Kernel Responsibilities Kernel Organization
Module 12: I/O Systems I/O hardwared Application I/O Interface
Chapter 13: I/O Systems “The two main jobs of a computer are I/O and [CPU] processing. In many cases, the main job is I/O, and the [CPU] processing is.
Presentation transcript:

Copyright © Siemens AG All rights reserved. Corporate Technology Architecture of the Kernel-based Virtual Machine (KVM) Jan Kiszka, Siemens AG, CT T DE IT 1 Corporate Competence Center Embedded Linux

Slide © Siemens AG, Corporate TechnologyJan Kiszka, CT T DE IT 1 Agenda  Introduction  Basic KVM model  Memory  API  Optimizations  Paravirtual devices  Outlook

Slide © Siemens AG, Corporate TechnologyJan Kiszka, CT T DE IT 1 Virtualization of Commodity Computers CPU MMU Instructio n Set Clocks & Timers Busses & I/O Devices Interrupt Controlle rs Memory On-Chip Resource s

Slide © Siemens AG, Corporate TechnologyJan Kiszka, CT T DE IT 1 Virtualizing the x86 Instruction Set Architecture x86 originally virtualization “unfriendly”  No hardware provisions  Instructions behave differently depending on privilege context  Performance suffered on trap-and-emulate  CISC nature complicates instruction replacements Early approaches to x86 virtualization  Binary translation (e.g. VMware)  Execute substitution code for privileged guest code  May require substantial replacements to preserve illusion  CPU paravirtualization (e.g Xen)  Guest is aware of instruction restrictions  Hypervisor provides replacement services (hypercalls)  Raised abstraction levels for better performance

Slide © Siemens AG, Corporate TechnologyJan Kiszka, CT T DE IT 1 Hardware-assisted x86 CPU Virtualization Two variants  Intel's Virtualization Technology, VT-x  AMD-V (aka Secure Virtual Machine) Identical core concept CPU Host State Guest State VCPU

Slide © Siemens AG, Corporate TechnologyJan Kiszka, CT T DE IT 1 Advent and Evolution of KVM Introduced to make VT-x/AMD-V available to user space  Exposes virtualization features securely  Interface: /dev/kvm Merged quickly  Available since (2006)  From first LKML posting to merge: 3 months  One reason: originally 100% orthogonal to core kernel Evolved significantly since then  Ported to further architectures (s390, PowerPC, IA64)  Always with latest x86 virtualization features  Became recognized & driving part of Linux

Slide © Siemens AG, Corporate TechnologyJan Kiszka, CT T DE IT 1 The KVM Model Processes can create virtual machines VMs can contain  Memory  Virtual CPUs  In-kernel device models Guest physical memory part of creating process' address space VCPUs run in process execution contexts  Process usually maps VCPUs on threads Hyper- visor Process Linux Kernel Guest Memory CP U VCP U Threa d CP U KVM Threa d

Slide © Siemens AG, Corporate TechnologyJan Kiszka, CT T DE IT 1 Architectural Advantages of the KVM Model Proximity of guest and user space hypervisor  Only one address space switch: guest ↔ host  Less rescheduling Massive Linux kernel reuse  Scheduler  Memory management with swapping (though you don't what this)  I/O stacks  Power management  Host CPU hot-plugging  … Massive Linux user land reuse  Network configuration  Handling VM images  Logging, tracing, debugging ...

Slide © Siemens AG, Corporate TechnologyJan Kiszka, CT T DE IT 1 VCPU Execution Flow (KVM View) Execute native guest code Run Update context, raise IRQs Save Host, Load Guest State Update guest state VM entry VM exit (with reason) Save Guest, Load Host State Handle I/O Invalid states... Handle Signal Handle In-Kernel I/O [vMMU]... Handle Host IRQ Kerne l User Space CP U

Slide © Siemens AG, Corporate TechnologyJan Kiszka, CT T DE IT 1 KVM Memory Model Slot-based guest memory  Maps guest physical to host virtual memory  Reconfigurable  Supports dirty tracking In-Kernel Virtual MMU Coalesced MMIO  Optimizes guest access to RAM-like virtual MMIO regions Out of scope  Memory ballooning (guest ↔ user space hypervisor)  Kernel Same-page Merging (not KVM-specific) Hypervisor Address Space RAM Coalesced MMIO RAM Unassigne d RAM Guest Address Space

Slide © Siemens AG, Corporate TechnologyJan Kiszka, CT T DE IT 1 KVM API Overview Step #1: open /dev/kvm Three groups of IOCTLs  System-level requests  VM-level requests  VCPU-level requests Per-group file descriptors  /dev/kvm fd for system level  Creating a VM or VCPU returns new fd mmap on file descriptors  VCPU: fast kernel-user communication segment  Frequently read/modified part of VCPU state  Includes coalesced MMIO backlog  VM: map guest physical memory (deprecated)

Slide © Siemens AG, Corporate TechnologyJan Kiszka, CT T DE IT 1 Basic KVM IOCTLs KVM_CREATE_VM KVM_SET_USER_MEMORY_REGION KVM_CREATE_IRQCHIP /...PIT(x86) KVM_CREATE_VCPU KVM_SET_REGS /...SREGS /...FPU /... KVM_SET_CPUID /...MSRS /...VCPU_EVENTS /...(x86) KVM_SET_LAPIC(x86) KVM_RUN

Slide © Siemens AG, Corporate TechnologyJan Kiszka, CT T DE IT 1 Optimizations of KVM Hardware evolves quickly  Near-native performance in guest mode  Decreasing costs of mode switches  Additional features avoid software solutions, thus exits  Nested page tables  TLB tagging  APIC virtualization ... What will continue to consume cycles?  Code path between VM-exit and VM-entry  Mode switches, i.e. the need to exit at all

Slide © Siemens AG, Corporate TechnologyJan Kiszka, CT T DE IT 1 Lightweight vs. Heavy-weight VM-Exits Exits cost time!  Basic state switch in hardware  Additional state switches in software  Analyze exit reason  Return to user space  Analyze exit reason  Obtain KVM state (VCPU, devices)  Handle exit cause  Write back states  Invoke KVM_RUN  Software-managed state switch  Hardware state switch > cycles >7.000 cycles In-kernel APIC In-kernel IO-APIC + PIC Coalescing MMIO In-kernel instruction interpreter (detect MMIO access) In-kernel network stub (vhost-net) In-kernel APIC In-kernel IO-APIC + PIC Coalescing MMIO In-kernel instruction interpreter (detect MMIO access) In-kernel network stub (vhost-net)

Slide © Siemens AG, Corporate TechnologyJan Kiszka, CT T DE IT 1 Optimizing Lightweight Exits Let's get lazy!  Perform only partial state switches  Complete at latest possible point  Late restoring for guest and host state Candidates (x86)  FPU  Debug registers  Model-specific registers (MSRs) Requirements  Usage detection when in guest mode  Depends on hardware support  Demand detection while in host mode  Preemption notifiers  User-return notifier z z z

Slide © Siemens AG, Corporate TechnologyJan Kiszka, CT T DE IT 1 Lazy MSR Switching Why is this possible?  Some MSRs unused by Linux  Some MSRs only relevant when in user space  Some are identical for host & guest Approach  Keep guest values of certain MSRs until...  sched-out fires  KVM_RUN IOCTL returns  Keep others until user-return fires (Intel only) Optimizations are vendor-specific Exemplary saving:  2000 cycles for guest → idle thread → guest

Slide © Siemens AG, Corporate TechnologyJan Kiszka, CT T DE IT 1 Paravirtual Devices Advantages  Reduce VM exits or make them lightweight  Improve I/O throughput & latency (less emulation)  Compensates virtualization effects  Enable direct host-guest interaction Available interfaces & implementions  virtio (PCI or alternative transports)  Network  Block  Serial I/O (console, host-guest channel, …)  Memory balloon  File system (9P)  Clock (x86 only)  Via shared page + MSRs  Enables safe TM TSC guest usage user space business (primarily) KVM business

Slide © Siemens AG, Corporate TechnologyJan Kiszka, CT T DE IT 1 An Almost-In-Kernel Device – vhost-net Goal: high throughput / low latency guest networking  Avoid heavy exits  Reduce packet copying  No in-kernel QEMU, please! vhost- net worker kthread KVM VCP U Linux network stack virtio ring & buffer s memo ry slot table ioeventf d memory r/w r/w r irqfd hypervisor process The vhost-net model  Host user space opens and configures kernel helper  virtio as guest-host interface  KVM interface: eventfd  TX trigger→ ioeventfd  RX signal→ irqfd  Linux interface vie tap or macvtap Enables multi-gigabit throughput

Slide © Siemens AG, Corporate TechnologyJan Kiszka, CT T DE IT 1 What's next? Generic Linux improvements  Transparent huge pages (mm topic)  NUMA optimizations (scheduler topic) Improve spin-lock-holder preemption effects Zero-copy & multi-queue vhost-net Further optimize exits  Instruction interpretation (hardware may help)  Faster in-kernel device dispatching Nested virtualization as standard feature  AMD-V bits already merged and working  VT-x more complex but likely solvable Hardware-assisted virtualization on non-x86  PowerPC ISA 2.06  ARMv7-A “Eagle” extensions …

Slide © Siemens AG, Corporate TechnologyJan Kiszka, CT T DE IT 1 Thanks you for listening! Questions?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.