CSE 451: Operating Systems Autumn Module 24 Virtual Machine Monitors

Slides:

Advertisements

Similar presentations

Virtualization Dr. Michael L. Collard

Advertisements

Bart Miller. Outline Definition and goals Paravirtualization System Architecture The Virtual Machine Interface Memory Management CPU Device I/O Network,

Architectural Support for OS March 29, 2000 Instructor: Gary Kimura Slides courtesy of Hank Levy.

Network Implementation for Xen and KVM Class project for E : Network System Design and Implantation 12 Apr 2010 Kangkook Jee (kj2181)

Operating System Structure. Announcements Make sure you are registered for CS 415 First CS 415 project is up –Initial design documents due next Friday,

1 Disco: Running Commodity Operating Systems on Scalable Multiprocessors Edouard Bugnion, Scott Devine, and Mendel Rosenblum, Stanford University, 1997.

Virtualization for Cloud Computing

Virtual Machine Monitors CSE451 Andrew Whitaker. Hardware Virtualization Running multiple operating systems on a single physical machine Examples:  VMWare,

CSE 451: Operating Systems Autumn 2013 Module 6 Review of Processes, Kernel Threads, User-Level Threads Ed Lazowska 570 Allen.

Tanenbaum 8.3 See references

Microkernels, virtualization, exokernels Tutorial 1 – CSC469.

Virtualization Concepts Presented by: Mariano Diaz.

Virtualization Paul Krzyzanowski Distributed Systems Except as otherwise noted, the content of this presentation is licensed.

Virtual Machine Monitors: Technology and Trends Jonathan Kaldor CS614 / F07.

Operating Systems ECE344 Ashvin Goel ECE University of Toronto OS-Related Hardware.

 Virtual machine systems: simulators for multiple copies of a machine on itself.  Virtual machine (VM): the simulated machine.  Virtual machine monitor.

1 CSE451 Architectural Supports for Operating Systems Autumn 2002 Gary Kimura Lecture #2 October 2, 2002.

Introduction to virtualization

Full and Para Virtualization

Lecture 26 Virtual Machine Monitors. Virtual Machines Goal: run an guest OS over an host OS Who has done this? Why might it be useful? Examples: Vmware,

Lecture 12 Virtualization Overview 1 Dec. 1, 2015 Prof. Kyu Ho Park “Understanding Full Virtualization, Paravirtualization, and Hardware Assist”, White.

Operating-System Structures

Protection of Processes Security and privacy of data is challenging currently. Protecting information – Not limited to hardware. – Depends on innovation.

CSE 451: Operating Systems Winter 2015 Module 25 Virtual Machine Monitors Mark Zbikowski Allen Center 476 © 2013 Gribble, Lazowska,

CSE 451: Operating Systems Spring 2010 Module 2 Architectural Support for Operating Systems John Zahorjan 534 Allen Center.

Virtualization Neependra Khare

Lecture 13: Virtual Machines

Introduction to Operating Systems Concepts

Virtualization for Cloud Computing

Introduction to Virtualization

Virtualization.

Virtual Machine Monitors

Presented by Mike Marty

Virtualization Dr. Michael L. Collard

Protection and OS Structure

CSE451 Operating Systems Winter 2012

CS352H: Computer Systems Architecture

Lecture 24 Virtual Machine Monitors

Morgan Kaufmann Publishers Large and Fast: Exploiting Memory Hierarchy

Disco: Running Commodity Operating Systems on Scalable Multiprocessors

Running other code under LINUX

Group 8 Virtualization of the Cloud

OS Virtualization.

CSE 451: Operating Systems Spring 2006 Module 2 Architectural Support for Operating Systems John Zahorjan 534 Allen Center.

Virtualization Techniques

A Survey on Virtualization Technologies

CSE 451: Operating Systems Winter 2006 Module 2 Architectural Support for Operating Systems Ed Lazowska 570 Allen Center 1.

CSE 451: Operating Systems Spring 2012 Module 6 Review of Processes, Kernel Threads, User-Level Threads Ed Lazowska 570 Allen.

Architectural Support for OS

CSE 451: Operating Systems Winter 2007 Module 3 Operating System Components and Structure Ed Lazowska Allen Center

Virtual machines benefits

CSE 451: Operating Systems Autumn 2004 Module 2 Architectural Support for Operating Systems Hank Levy 1.

Computer Security: Art and Science, 2nd Edition

CSE 451: Operating Systems Autumn 2010 Module 2 Architectural Support for Operating Systems Ed Lazowska 570 Allen Center 1.

CSE 451: Operating Systems Autumn 2003 Lecture 2 Architectural Support for Operating Systems Hank Levy 596 Allen Center 1.

CSE 451: Operating Systems Autumn 2001 Lecture 2 Architectural Support for Operating Systems Brian Bershad 310 Sieg Hall 1.

CSE 451: Operating Systems Spring 2005 Module 2 Architectural Support for Operating Systems Ed Lazowska 570 Allen Center 1.

CSE 451: Operating Systems Autumn Module 24 Virtual Machine Monitors

CSE 451: Operating Systems Autumn 2009 Module 3 Operating System Components and Structure Ed Lazowska Allen Center

CSE 451: Operating Systems Winter 2007 Module 2 Architectural Support for Operating Systems Brian Bershad 562 Allen Center 1.

CSE 451: Operating Systems Winter 2003 Lecture 2 Architectural Support for Operating Systems Hank Levy 412 Sieg Hall 1.

Outline Operating System Organization Operating System Examples

Architectural Support for OS

CSE 451: Operating Systems Winter 2004 Module 2 Architectural Support for Operating Systems Ed Lazowska 570 Allen Center 1.

CSE 451: Operating Systems Autumn 2010 Module 3 Operating System Components and Structure Ed Lazowska Allen Center

Steve Gribble (for Hank Levy)

Xen and the Art of Virtualization

CSE 451: Operating Systems Winter 2006 Module 3 Operating System Components and Structure Ed Lazowska Allen Center

System Virtualization

CS295: Modern Systems Virtualization

Presentation transcript:

CSE 451: Operating Systems Autumn 2010 Module 24 Virtual Machine Monitors Ed Lazowska lazowska@cs.washington.edu Allen Center 570 1

© 2010 Gribble, Lazowska, Levy, Zahorjan What do VMMs enable? Running multiple operating systems (called “guest OS’s) and their applications on a single physical computer, as if each were running on its own private virtual computer Efficient – mostly direct execution, rather than simulation Contemporary examples VMware Microsoft’s VirtualPC / VirtualServer Parallels (Mac) Xen 6/26/2019 © 2010 Gribble, Lazowska, Levy, Zahorjan

VMM structure Windows Linux virtual machine monitor hardware Virtual Machine = Guest OS + apps Virtual Machine = Guest OS + apps Windows applications applications Linux virtual machine monitor hardware 6/26/2019 © 2010 Gribble, Lazowska, Levy, Zahorjan

© 2010 Gribble, Lazowska, Levy, Zahorjan Basic ideas When any kind of interrupt / exception / trap occurs, we’ll end up in the VMM rather than the guest OS VMM simulates state changes that would have been made by the hardware, then restarts VM at the guest OS handler address E.g., stuffs the saved PC where the architecture says it should be Guest OS runs in user mode When the guest OS tries to execute a privileged instruction VMM gets control, simulates effect of privileged instruction 6/26/2019 © 2010 Gribble, Lazowska, Levy, Zahorjan

© 2010 Gribble, Lazowska, Levy, Zahorjan VMM History Conceived by IBM in the late 1960’s CP-40, CP-67, VM/360 Sold continuously since then Used first for OS development and debugging, then for time sharing (multiple single-user OS’s, plus a few single-job batch OS’s), eventually for server consolidation Batch processing OS Time sharing OS VM/370 System 370 Machine 6/26/2019 © 2010 Gribble, Lazowska, Levy, Zahorjan

© 2010 Gribble, Lazowska, Levy, Zahorjan VMMs Today OS development and debugging Software compatibility testing Running software from another OS Or, OS version Virtual infrastructure for Internet services (server consolidation) Examples Run Windows on your Mac, or MacOS on your PC VMware in CSE 451 Amazon’s Elastic Compute Cloud (EC2) 6/26/2019 © 2010 Gribble, Lazowska, Levy, Zahorjan

Comparing the Unix and VMM APIs Storage File system (virtual) disk Networking Sockets (virtual) Ethernet Memory Virtual Memory (virtual) Physical memory Display /dev/console (virtual) Keyboard, display device 6/26/2019 © 2010 Gribble, Lazowska, Levy, Zahorjan

Possible Implementation Strategy: Complete machine emulation The VMM implements the complete hardware architecture in software while(true) { Instruction instr = fetch(); // emulate behavior in software instr.emulate(); } Drawback: This is really slow 6/26/2019 © 2010 Gribble, Lazowska, Levy, Zahorjan

Alternative: VMM gets control on privileged instructions only Treat guest operating systems (and their apps) like an application Guest OS (and its apps) run in user mode Most instructions execute natively on the CPU Privileged instructions are trapped and emulated OS + apps OS + apps OS + apps V i r t u a l m a c h i n e s . . . Physical hardware loads,stores, branches, ALU operations machine halt, I/O instructions, MMU manipulation, disabling interrupts Systems lore: make the common case fast, and the uncommon case correct VMM 6/26/2019 © 2010 Gribble, Lazowska, Levy, Zahorjan

Virtualizing the User/Kernel Boundary Both the guest OS and applications run in (physical) user-mode For each virtual machine, the VMM keeps a software mode bit: During a system call, switch to “kernel” mode On system call return, switch to “user” mode What does the VMM do if a VM executes a privileged instruction while in virtual user mode? What does the VMM do if a VM executes a privileged instruction while in virtual kernel mode? 6/26/2019 © 2010 Gribble, Lazowska, Levy, Zahorjan

Tracing Through a File System Read Application Guest OS VMM Hardware read() syscall trap detected trap handler; change VM to “kernel” mode trap handler handle read syscall read from disk() priv insc. detected trap handler; emulate I/O Use the layer of indirection to provide new services. For example, we could provide cryptographic storage, even if the OS/ file system do not implement this behavior . 6/26/2019 © 2010 Gribble, Lazowska, Levy, Zahorjan

© 2010 Gribble, Lazowska, Levy, Zahorjan Questions, to clarify … What if the I/O could be handled from the buffer cache? Does the VMM handle a VM’s I/O request synchronously? There are a zillion different types of disks (and networks and …) … Do the device drivers for these reside in the guest OS or in the VMM? 6/26/2019 © 2010 Gribble, Lazowska, Levy, Zahorjan

© 2010 Gribble, Lazowska, Levy, Zahorjan A possible “gotcha” All instructions that modify hardware state must be privileged (so that VMM can get control, modify the virtual hardware state for that guest, and not modify the physical hardware state) Example: Suppose the ERET instruction (return to a user process after handling an exception) is not privileged ERET sets the PC to the saved PC, and sets CPU mode to user There doesn’t seem to be a reason to prevent user processes from doing this (even if there’s no reason for them to want to) Why would this be a problem for a VMM? 6/26/2019 © 2010 Gribble, Lazowska, Levy, Zahorjan

© 2010 Gribble, Lazowska, Levy, Zahorjan x86 Conditions for an architecture to be virtualizable were defined in 1974 x86 architecture does not satisfy these conditions! Many reasons, but most of them stem from instructions that have different behavior in user mode and kernel mode, and that don’t fault in user mode Approach: binary re-writing When a code page is loaded, scan it, looking for offending instructions Patch these to cause a fault Remember the instruction that used to be there 6/26/2019 © 2010 Gribble, Lazowska, Levy, Zahorjan

© 2010 Gribble, Lazowska, Levy, Zahorjan Other approaches Hardware: Both Intel (VT-x) and AMD (AMD-V) have developed virtualization extensions to the architecture (starting ~2006) Paravirtualization: Export a slight modification of the hardware; port the OS to this new hardware 6/26/2019 © 2010 Gribble, Lazowska, Levy, Zahorjan

© 2010 Gribble, Lazowska, Levy, Zahorjan Memory VMM’s also utilize memory protection (in addition to privileged instructions) to do their job Have not described how memory is virtualized by a VMM, creating “virtual physical memory” for the guest OS’s Approach involves the VMM futzing with the page tables in the guest OS’s 6/26/2019 © 2010 Gribble, Lazowska, Levy, Zahorjan

© 2010 Gribble, Lazowska, Levy, Zahorjan 6/26/2019 © 2010 Gribble, Lazowska, Levy, Zahorjan