November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #29-1 Chapter 33: Virtual Machines Virtual Machine Structure Virtual Machine.

Slides:

Advertisements

Similar presentations

Computer-System Structures Er.Harsimran Singh

Advertisements

Virtualization Technology

CSC 360- Instructor: K. Wu Overview of Operating Systems.

Bart Miller. Outline Definition and goals Paravirtualization System Architecture The Virtual Machine Interface Memory Management CPU Device I/O Network,

Lecture Objectives: 1)Explain the limitations of flash memory. 2)Define wear leveling. 3)Define the term IO Transaction 4)Define the terms synchronous.

1 Operating Systems and Protection CS Goals of Today’s Lecture How multiple programs can run at once  Processes  Context switching  Process.

OS2-1 Chapter 2 Computer System Structures. OS2-2 Outlines Computer System Operation I/O Structure Storage Structure Storage Hierarchy Hardware Protection.

OS Fall ’ 02 Introduction Operating Systems Fall 2002.

G Robert Grimm New York University Disco.

Disco Running Commodity Operating Systems on Scalable Multiprocessors.

OS Spring’03 Introduction Operating Systems Spring 2003.

Cs238 Lecture 3 Operating System Structures Dr. Alan R. Davis.

Computer System Structures memory memory controller disk controller disk controller printer controller printer controller tape-drive controller tape-drive.

OS Spring’04 Introduction Operating Systems Spring 2004.

Slide 3-1 Copyright © 2004 Pearson Education, Inc. Operating Systems: A Modern Perspective, Chapter 3 Operating System Organization.

Virtual Machine Monitors CSE451 Andrew Whitaker. Hardware Virtualization Running multiple operating systems on a single physical machine Examples:  VMWare,

Virtualization Technology Prof D M Dhamdhere CSE Department IIT Bombay Moving towards Virtualization… Department of Computer Science and Engineering, IIT.

Tanenbaum 8.3 See references

General System Architecture and I/O.  I/O devices and the CPU can execute concurrently.  Each device controller is in charge of a particular device.

Zen and the Art of Virtualization Paul Barham, et al. University of Cambridge, Microsoft Research Cambridge Published by ACM SOSP’03 Presented by Tina.

Disco : Running commodity operating system on scalable multiprocessor Edouard et al. Presented by Jonathan Walpole (based on a slide set from Vidhya Sivasankaran)

CS533 Concepts of Operating Systems Jonathan Walpole.

Chapter 1. Introduction What is an Operating System? Mainframe Systems

Operating System Review September 10, 2012Introduction to Computer Security ©2004 Matt Bishop Slide #1-1.

Operating System Support for Virtual Machines Samuel T. King, George W. Dunlap,Peter M.Chen Presented By, Rajesh 1 References [1] Virtual Machines: Supporting.

Composition and Evolution of Operating Systems Introduction to Operating Systems: Module 2.

1 CSE Department MAITSandeep Tayal Computer-System Structures Computer System Operation I/O Structure Storage Structure Storage Hierarchy Hardware Protection.

Recall: Three I/O Methods Synchronous: Wait for I/O operation to complete. Asynchronous: Post I/O request and switch to other work. DMA (Direct Memory.

Operating Systems ECE344 Ashvin Goel ECE University of Toronto OS-Related Hardware.

Chapter 2: Computer-System Structures Computer System Operation I/O Structure Storage Structure Storage Hierarchy Hardware Protection Network Structure.

 Virtual machine systems: simulators for multiple copies of a machine on itself.  Virtual machine (VM): the simulated machine.  Virtual machine monitor.

Operating Systems Lecture November 2015© Copyright Virtual University of Pakistan 2 Agenda for Today Review of previous lecture Hardware (I/O, memory,

Disco : Running commodity operating system on scalable multiprocessor Edouard et al. Presented by Vidhya Sivasankaran.

We will focus on operating system concepts What does it do? How is it implemented? Apply to Windows, Linux, Unix, Solaris, Mac OS X. Will discuss differences.

CE Operating Systems Lecture 2 Low level hardware support for operating systems.

1 CS.217 Operating System By Ajarn..Sutapart Sappajak,METC,MSIT Chapter 2 Computer-System Structures Slide 1 Chapter 2 Computer-System Structures.

Introduction to virtualization

Silberschatz, Galvin and Gagne  Applied Operating System Concepts Chapter 2: Computer-System Structures Computer System Architecture and Operation.

Full and Para Virtualization

Lecture 26 Virtual Machine Monitors. Virtual Machines Goal: run an guest OS over an host OS Who has done this? Why might it be useful? Examples: Vmware,

1 Lecture 1: Computer System Structures We go over the aspects of computer architecture relevant to OS design  overview  input and output (I/O) organization.

Protection of Processes Security and privacy of data is challenging currently. Protecting information – Not limited to hardware. – Depends on innovation.

CSE 451: Operating Systems Winter 2015 Module 25 Virtual Machine Monitors Mark Zbikowski Allen Center 476 © 2013 Gribble, Lazowska,

Chapter 2: Computer-System Structures(Hardware) or Architecture or Organization Computer System Operation I/O Structure Storage Structure Storage Hierarchy.

Concepts and Structures. Main difficulties with OS design synchronization ensure a program waiting for an I/O device receives the signal mutual exclusion.

Interrupts and Exception Handling. Execution We are quite aware of the Fetch, Execute process of the control unit of the CPU –Fetch and instruction as.

Running Commodity Operating Systems on Scalable Multiprocessors Edouard Bugnion, Scott Devine and Mendel Rosenblum Presentation by Mark Smith.

1.1 Silberschatz, Galvin and Gagne ©2013 Operating System Concepts – 9 th Edition Chapter 1: Introduction What Operating Systems Do √ Computer-System Organization.

CSCE451/851 Introduction to Operating Systems

Virtual Machine Monitors

Chapter 2: Computer-System Structures(Hardware)

Chapter 2: Computer-System Structures

Introduction to Operating Systems

OS Virtualization.

Computer-System Architecture

Module 2: Computer-System Structures

Chapter 33: Virtual Machines

Morgan Kaufmann Publishers Memory Hierarchy: Virtual Memory

Operating Systems Lecture 3.

Computer Security: Art and Science, 2nd Edition

Module 2: Computer-System Structures

CSE 451: Operating Systems Autumn Module 24 Virtual Machine Monitors

Operating Systems: A Modern Perspective, Chapter 3

Chapter 2: Computer-System Structures

Chapter 2: Computer-System Structures

Module 2: Computer-System Structures

Module 2: Computer-System Structures

Chapter 33: Virtual Machines

Presentation transcript:

November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #29-1 Chapter 33: Virtual Machines Virtual Machine Structure Virtual Machine Monitor

November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #29-2 Overview Virtual Machine Structure Virtual Machine Monitor –Privilege –Physical Resources –Paging

November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #29-3 What Is It? Virtual machine monitor (VMM) virtualizes system resources –Runs directly on hardware –Provides interface to give each program running on it the illusion that it is the only process on the system and is running directly on hardware –Provides illusion of contiguous memory beginning at address 0, a CPU, and secondary storage to each program

November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #29-4 Example: IBM VM/370 Adapted from Dietel, pp. 606–607

November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #29-5 Privileged Instructions 1.VMM running operating system o, which is running process p –p tries to read—privileged operation traps to hardware 2.VMM invoked, determines trap occurred in o –VMM updates state of o to make it look like hardware invoked o directly, so o tries to read, causing trap 3.VMM does read –Updates o to make it seem like o did read –Transfers control to o

November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #29-6 Privileged Instructions 4.o tries to switch context to p, causing trap 5.VMM updates virtual machine of o to make it appear o did context switch successfully –Transfers control to o, which (as o apparently did a context switch to p) has the effect of returning control to p

November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #29-7 Privileged Instructions p o VMM hard ware issue read system call read context switch to p invoked by hardware trapread finished return from read call

November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #29-8 Privilege and VMs Sensitive instruction discloses or alters state of processor privilege Sensitive data structure contains information about state of processor privilege

November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #29-9 When Is VM Possible? Can virtualize an architecture when: 1.All sensitive instructions cause traps when executed by processes at lower levels of privilege 2.All references to sensitive data structures cause traps when executed by processes at lower levels of privilege

November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #29-10 Example: VAX System 4 levels of privilege (user, supervisor, executive, kernel) –CHMK changes privilege to kernel level; sensitive instruction Causes trap except when executed in kernel mode; meets rule 1 –Page tables have copy of PSL, containing privilege level; sensitive data structure If user level processes prevented from altering page tables, trying to do so will cause a trap; this meets rule 2

November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #29-11 Multiple Levels of Privilege Hardware supports n levels of privilege –VM must also support n levels –VM monitor runs at highest level, so n–1 levels of privilege left! Solution: virtualize levels of privilege –Called ring compression

November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #29-12 Example: VAX VMM System VMM at kernel level VMM maps virtual kernel and executive level to (real) executive mode –Called VM kernel level, VM executive level –Virtual machine bit added to PSL If set, current process running on VM –Special register, VMPSL, records PSL of currently running VM –All sensitive instructions that could reveal level of privilege get this information from VMPSL or trap to the VMM, which then emulates the instruction

November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #29-13 Alternate Approach Divide users into different classes Control access to system by limiting access of each class

November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #29-14 Example: IBM VM/370 Each control program command associated with user privilege classes –“G” (general user) class can start a VM –“A” (primary system operator) class can control accounting, VM availability, other system resources –“Any” class can gain or surrender access to VM

November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #29-15 Physical Resources and VMs Distributes resources among VMs as appropriate –Each VM appears to have reduced amount of resources from real system –Example: VMM to create 10 VMs means real disk split into 10 minidisks Minidisks may have different sizes VMM does mapping between minidisk addresses, real disk addresses

November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #29-16 Example: Disk I/O VM’s OS tries to write to disk –I/O instruction privileged, traps to VMM VMM checks request, services it –Translates addresses involved –Verifies I/O references disk space allocated to that VM –Services request VMM returns control to VM when appropriate –If I/O synchronous, when service complete –If I/O asynchronous, when service begun

November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #29-17 Paging and VMs Like ordinary disk I/O, but 2 problems –Some pages may be available only at highest level of privilege VM must remap level of privilege of these pages –Performance issues VMM paging its own pages is transparent to VMs VM paging is handled by VMM; if VM’s OS does lots of paging, this may introduce significant delays

November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #29-18 Example: VAX/VMS On VAX/VMS, only kernel level processes can read some pages –What happens if process at VM kernel level needs to read such a page? Fails, as VM kernel level is at real executive level –VMM reduces level of page to executive, then it works Note: security risk! –In practice, OK, as VMS allows executive level processes to change to kernel level

November 1, 2004Introduction to Computer Security ©2004 Matt Bishop Slide #29-19 Example: IBM VM/370 Supports several different operating systems –OS/MFT, OS/MVT designed to access disk storage If jobs being run under those systems depend on timings, delay caused by VM may affect success of job –If system supports virtual paging (like MVS), either MVS or VMM may cause paging The VMM paging may introduce overhead (delays) that cause programs to fail that would not were the programs run directly on the hardware