CSC 660: Advanced Operating SystemsSlide #1 CSC 660: Advanced OS Virtual Machines.

Slides:



Advertisements
Similar presentations
Virtualization Dr. Michael L. Collard
Advertisements

Virtualization Technology
Bart Miller. Outline Definition and goals Paravirtualization System Architecture The Virtual Machine Interface Memory Management CPU Device I/O Network,
CS-3013 & CS-502, Summer 2006 Virtual Machine Systems1 CS-502 Operating Systems Slides excerpted from Silbershatz, Ch. 2.
Xen and the Art of Virtualization A paper from the University of Cambridge, presented by Charlie Schluting For CS533 at Portland State University.
Network Implementation for Xen and KVM Class project for E : Network System Design and Implantation 12 Apr 2010 Kangkook Jee (kj2181)
Disco Running Commodity Operating Systems on Scalable Multiprocessors.
OS Spring’03 Introduction Operating Systems Spring 2003.
Cs238 Lecture 3 Operating System Structures Dr. Alan R. Davis.
A. Frank - P. Weisberg Operating Systems Structure of Operating Systems.
Xen and the Art of Virtualization Paul Barham, Boris Dragovic, Keir Fraser, Steven Hand, Tim Harris, Alex Ho, Rolf Neugebauer, Ian Pratt, Andrew Warfield.
Xen and the Art of Virtualization. Introduction  Challenges to build virtual machines Performance isolation  Scheduling priority  Memory demand  Network.
虛擬化技術 Virtualization and Virtual Machines
Virtual Machine Monitors. Bibliography 1.“Virtual Machine Monitors: Current Technology And Future Trends”, Mendel Rosenblum and Tal Garfinkel, IEEE Computer,
Virtualization Technology Prof D M Dhamdhere CSE Department IIT Bombay Moving towards Virtualization… Department of Computer Science and Engineering, IIT.
Tanenbaum 8.3 See references
Zen and the Art of Virtualization Paul Barham, et al. University of Cambridge, Microsoft Research Cambridge Published by ACM SOSP’03 Presented by Tina.
Microkernels, virtualization, exokernels Tutorial 1 – CSC469.
Virtual Machines: Versatile Platforms for Systems and Processes
Virtualization The XEN Approach. Virtualization 2 CS5204 – Operating Systems XEN: paravirtualization References and Sources Paul Barham, et.al., “Xen.
Operating System Support for Virtual Machines Samuel T. King, George W. Dunlap,Peter M.Chen Presented By, Rajesh 1 References [1] Virtual Machines: Supporting.
Virtualization Concepts Presented by: Mariano Diaz.
IBM’s VM BY ANIRUDDHA MARATHE (CS-550/SECTION 1).
Xen Overview for Campus Grids Andrew Warfield University of Cambridge Computer Laboratory.
Virtualization Paul Krzyzanowski Distributed Systems Except as otherwise noted, the content of this presentation is licensed.
Virtual Machine Monitors: Technology and Trends Jonathan Kaldor CS614 / F07.
Introduction 1-1 Introduction to Virtual Machines From “Virtual Machines” Smith and Nair Chapter 1.
CS533 Concepts of Operating Systems Jonathan Walpole.
Disco: Running Commodity Operating Systems on Scalable Multiprocessors Edouard Bugnion, Scott Devine, and Mendel Rosenblum Summary By A. Vincent Rayappa.
Virtualization Part 2 – VMware Hardware Support. Virtualization 2 CS 5204 – Fall, 2008 VMware: binary translation Hypervisor VMM Base Functionality (e.g.
 Virtual machine systems: simulators for multiple copies of a machine on itself.  Virtual machine (VM): the simulated machine.  Virtual machine monitor.
Outline for Today Announcements –1 st programming assignment coming soon. Objective of the lecture –OS and Virtual Machines.
We will focus on operating system concepts What does it do? How is it implemented? Apply to Windows, Linux, Unix, Solaris, Mac OS X. Will discuss differences.
Introduction to virtualization
A. Frank - P. Weisberg Operating Systems Structure of Operating Systems.
Full and Para Virtualization
CSC 660: Advanced Operating SystemsSlide #1 CSC 660: Advanced OS Virtual Machines.
Lecture 26 Virtual Machine Monitors. Virtual Machines Goal: run an guest OS over an host OS Who has done this? Why might it be useful? Examples: Vmware,
Lecture 12 Virtualization Overview 1 Dec. 1, 2015 Prof. Kyu Ho Park “Understanding Full Virtualization, Paravirtualization, and Hardware Assist”, White.
Introduction Why are virtual machines interesting?
Protection of Processes Security and privacy of data is challenging currently. Protecting information – Not limited to hardware. – Depends on innovation.
CSE 451: Operating Systems Winter 2015 Module 25 Virtual Machine Monitors Mark Zbikowski Allen Center 476 © 2013 Gribble, Lazowska,
Lecture 5 Rootkits Hoglund/Butler (Chapters 1-3).
E Virtual Machines Lecture 1 What is Virtualization? Scott Devine VMware, Inc.
1 Chapter 2: Operating-System Structures Services Interface provided to users & programmers –System calls (programmer access) –User level access to system.
Virtualization Neependra Khare
1 Virtualization "Virtualization software makes it possible to run multiple operating systems and multiple applications on the same server at the same.
CS 695 Topics in Virtualization and Cloud Computing, Autumn 2012 CS 695 Topics in Virtualization and Cloud Computing More Introduction + Processor Virtualization.
Operating Systems, 2016, Meni Adler, Danny Hendler & Amnon Meisels
Introduction to Virtualization
Virtualization.
Virtual Machine Monitors
Virtualization D. J. Foreman 2009.
Virtualization Technology
Presented by Mike Marty
Presented by Yoon-Soo Lee
Virtualization Dr. Michael L. Collard
Virtual Machines: Versatile Platforms for Systems and Processes
Group 8 Virtualization of the Cloud
OS Virtualization.
Virtualization Techniques
A Survey on Virtualization Technologies
Computer Security: Art and Science, 2nd Edition
CSE 451: Operating Systems Autumn Module 24 Virtual Machine Monitors
Introduction to Virtual Machines
Introduction to Virtual Machines
Xen and the Art of Virtualization
CSE 451: Operating Systems Autumn Module 24 Virtual Machine Monitors
System Virtualization
CS295: Modern Systems Virtualization
Presentation transcript:

CSC 660: Advanced Operating SystemsSlide #1 CSC 660: Advanced OS Virtual Machines

CSC 660: Advanced Operating SystemsSlide #2 Topics 1.What is a VM? 2.Process vs System VMs 3.Virtualizing the Processor 4.Virtualizing Memory 5.Virtualizing I/O 6.VM Performance Issues 7.Intel VT-x Technology 8.Paravirtualization

CSC 660: Advanced Operating SystemsSlide #3 What is a VM? A virtualized system that –Provides a consistent ABI to guest programs. –Runs on a host system (software + hardware.) –Controls resources available to guest programs. –May provide different resources than hardware Different Type (ex: JVML in Java VM) Different Quantity (ex: more/fewer CPUs, disks, etc.) –May be of two major types Process: provides VM to a single process. System: emulates an entire machine w/ guest OS.

CSC 660: Advanced Operating SystemsSlide #4 System Models Non-virtual Machine Virtual Machine

CSC 660: Advanced Operating SystemsSlide #5 Why use Virtual Machines? Portability Run software on a different OS. Run software on a different CPU. Aggregation Modern machines are fast and underused. Put multiple servers in VMs on one real machine. Development Complex software environments. Processor testing and simulation. Debugging Can analyze every aspect of hardware behavior. Security VMs provide greater isolation of software than regular OS.

CSC 660: Advanced Operating SystemsSlide #6 Types of VMs

CSC 660: Advanced Operating SystemsSlide #7 Process VMs Multitasking –Each process in a multitasking OS. –VM = System call interface + ISA + VirtMem Emulators –Allow a process to run on a different OS/ISA. –Types: Interpreter Dynamic binary translator High Level Language VMs –ex: Pascal, JVM, CLR

CSC 660: Advanced Operating SystemsSlide #8 HLL VMs HLL Program Intermediate Code Object Code Memory Image HLL Program Host Instructions Virtual Memory Image Byte Code Compiler Front End Compiler Back End Compiler Loader VM Loader VM Dist

CSC 660: Advanced Operating SystemsSlide #9 System VMs Virtual Machine Monitor (VMM) –Provides illusion of multiple isolated machines. –Manages allocation of and access to hardware resources for multiple guest OSes. –Layer between hardware and guest OS. VMM tasks –State management –Resource control

CSC 660: Advanced Operating SystemsSlide #10 System VMs Applications Guest Apps OS Hardware Guest OS VMM Host OS VMM Guest OS Guest Apps a. Traditional OS b. Native VMMc. User-mode Hosted VMM

CSC 660: Advanced Operating SystemsSlide #11 Resource Virtualization 1.Processor 2.Memory 3.I/O

CSC 660: Advanced Operating SystemsSlide #12 Virtualization Techniques 1.Trap and Emulate 2.Dynamic Binary Translation 3.Paravirtualization

CSC 660: Advanced Operating SystemsSlide #13 IBM VM/370 Mainframe VMM OS. –First VM environment in System/ –Control program was a native VMM. –Each user had VM running single-user CMS. –Principles still used in z/VM on IBM zSeries.

CSC 660: Advanced Operating SystemsSlide #14 Virtualizable Architecture Requirements Equivalence: Software on the VM executes identically to its execution on hardware, barring timing effects. Performance: The vast majority of guest insructions are executed on the hardware without VMM intervention. Safety: The VMM manages all hardware resources.

CSC 660: Advanced Operating SystemsSlide #15 Instruction Types Privileged instructions are those that trap if the processor is in user mode and do not trap if it is in system mode. Control sensitive instructions are those that attempt to change the configuration of resources in the system. Behavior sensitive instructions are those whose behavior or result depends on the configuration of resources (the content of the relocation register or the processor's mode).

CSC 660: Advanced Operating SystemsSlide #16 Virtualizable Architectures An architecture is virtualizable if the sets of behavior and control sensitive instructions are subsets of the set of privileged instructions. On a virtualizable arch, a VMM works using a trap and emulate technique. Normal instructions run directly on processor. Privileged instructions trap into the VMM. The VMM emulates the effect of the privileged instructions for the guest OS.

CSC 660: Advanced Operating SystemsSlide #17 VMM Modes Safety: guest OS may not change hardware resources to impact other VMs or the VMM. Guest OS runs in user mode. VMM runs in supervisor mode. –Tracks virtual mode of VM. –User programs run in virtual user mode. –OS runs in virtual supervisor mode. Exceptions & interrupts invoke VMM. –VMM can handle directly –or produce a virtual exception for guest OS.

CSC 660: Advanced Operating SystemsSlide #18 System VM Execution 1.Timer Interrupt in running VM. 2.Context switch to VMM. 3.VMM saves state of running VM. 4.VMM determines next VM to execute. 5.VMM sets timer interrupt. 6.VMM restores state of next VM. 7.VMM sets PC to timer interrupt handler of next VM. 8.Next VM active.

CSC 660: Advanced Operating SystemsSlide #19 Virtualizing Processor All instructions that read or write privileged state trap when executed in guest OS. Some traps result from instruction type (I/O) Other traps result from VMM protecting structures (memory pages).

CSC 660: Advanced Operating SystemsSlide #20 Handling Privileged Instructions 1.Instruction Trap invokes VMM Dispatcher. 2.Dispatcher calls Instruction Routine. 3.Changes mode to supervisor. 4.Emulates instruction. 5.Computes return target. 6.Restores mode to user. 7.Jumps to target.

CSC 660: Advanced Operating SystemsSlide #21 x86 is not virtualizable x86 architecture is not virtualizable. 17 sensitive non-privileged instructions. Visibility of privileged state: Guest OS can observe that current privilege level (CPS) in code segment selection (%cs) is not kernel. Lack of traps when privileged instructions run at user level: Certain insructions act differently in kernel mode than user mode, but don’t cause a trap in user mode so the VMM can detect this. relocation system.

CSC 660: Advanced Operating SystemsSlide #22 Example x86 Problem: POPF POPF instruction Pops flag registers from stack. Includes interrupt-enable flag. User mode, POPF modifies all but interrupt flag. Kernel mode, POPF modifies all flags.

CSC 660: Advanced Operating SystemsSlide #23 Intel VT Extensions Intel VT allows trap and emulate VMM on newer x86 chips. VMCB –Virtual Machine Control Block –Control state + subset of guest VM state Guest mode –New less privileged execution mode to allow direct execution of guest code. vmrun –New instruction to transfer from host mode to guest mode. –Guest execution proceeds until condition specified in VMCB met, at which point hardware performs an exit operation, saving guest state to VMCB and loading VMM state, then executing VMM in host mode.

CSC 660: Advanced Operating SystemsSlide #24 Intel VT Extensions Instructions –Some sensitive instructions operate on non-root VMX state; others produce a VM exit. –VMCB controls which instructions VM exit. Interrupts –External interrupts cause VM exits. –VMCB controls which exceptions VM exit.

CSC 660: Advanced Operating SystemsSlide #25 Dynamic Binary Translation Translate machine code at runtime. Often x86 to x86 translation, but Apple uses for emulating older processors. VM interleaves translation and execution 1.Translate basic block (BB) of code. 2.Execute translated BB’. 3.Transfer control to next BB. 4.If next BB already translated, execute it. 5.Otherwise goto 1.

CSC 660: Advanced Operating SystemsSlide #26 C Code Example int isPrime(int a) { for (int i = 2; i < a; i++) { if (a % i == 0) return 0; } return 1; }

CSC 660: Advanced Operating SystemsSlide #27 Assembly Version

CSC 660: Advanced Operating SystemsSlide #28 Basic Block Translation Most instructions copied identically. Privileged instructions must be emulated. Jumps must be translated since translation can alter code layout. Each translated BB must end with jump to next translated BB.

CSC 660: Advanced Operating SystemsSlide #29 Translation of isPrime(49) Note that prime: BB never translated since 49 is not primte.

CSC 660: Advanced Operating SystemsSlide #30 VMWare x86 dynamic binary translation VM. –Direct execution in user mode. –Binary translation in kernel mode. VMWare Workstation, Player, Server –Hosted VMM runs on Linux or Windows. –Any x86 OS can be used as guest OS. VMWare ESX Server –Native VMM runs directly on x86 hardware. –VMotion allows VM migration.

CSC 660: Advanced Operating SystemsSlide #31 Virtualizing Memory Virtual Memory: Each process has its own page table managed by the guest OS pointing to real memory of the VM its running in. Real Memory: Memory allocated to each VM by the VMM. It is mapped to the physical memory of the host hardware. Physical Memory: The physical memory of the host hardware.

CSC 660: Advanced Operating SystemsSlide #32 Shadow Page Tables Guest OS maintains its own page tables. –Virtual to real memory mapping. VMM maintains shadow page tables –Virtual to physical memory mapping. –Used by hardware to translate virtual addresses. –VMM validates guest page table updates. –Replicates guest changes in shadow page table. Virtualize page table pointer register. –VMM manages real page table pointer. –Updates page table ptr when switching VMs.

CSC 660: Advanced Operating SystemsSlide #33 Shadow Page Tables MMU Guest OS Hardware Accessed & dirty bits VMM guest writes guest reads Guest Page Table Shadow Page Table Updates

CSC 660: Advanced Operating SystemsSlide #34 Virtualizing I/O VMM must intercept all guest I/O ops. –PC: privileged IN and OUT instructions. –I/O operation may consist of many INs/OUTs. Problem: huge array of diverse hardware –Native VMM needs driver for each device. –Hosted VMM uses host drivers w/ perf penalty.

CSC 660: Advanced Operating SystemsSlide #35 Virtualizing Devices Dedicated Devices –VM has sole control of device. Partitioned Devices –VM has dedicated slice of device, treats as full. –VMM translates virtual full dev parameters to parameters for underlying physical device. Shared Devices –VMM can multiplex devices. –Each VM may have own virtual device state. Nonexistent Devices –Virtual software devices with no physical counterpart.

CSC 660: Advanced Operating SystemsSlide #36 Virtualizing a Network Card

CSC 660: Advanced Operating SystemsSlide #37 VM Performance Why is VM slower than physical hardware? Emulation: Sensitive instructions must be emulated. Interrupt Handling: VMM must handle interrupts, even if eventually passed to guest. Context Switches: VMM must save VM state when controlled transferred to VMM. Bookkeeping: VMM has to do work to simulate behavior of real machine, such as keeping track of time for VMs. Memory: Memory accesses may require access to both shadow and local page tables.

CSC 660: Advanced Operating SystemsSlide #38 VT vs Binary Translation Performance VT performance depends on VM exit rate –Guest that next exits runs at native speed. –Reduce number of exits to improve performance. –VT privileged instructions affect VMCB when possible instead of trapping. –Page faults and I/O still cause VM exits. BT VMWare perf = VT VMWare perf –Software emulated I/O doesn’t require an exit. –Software VM adaptively optimizes away page table writes where possible.

CSC 660: Advanced Operating SystemsSlide #39 Paravirtualization: Xen Provide VM abstraction similar to hardware. –Modifies guest OS to use Xen/x86 architecture. Memory –Guest has read access to hardware page tables. –Updates batched and validated by Xen VMM. CPU –Guest OS installs direct system call handler. –Sensitive instructions replaced with Xen calls. I/O –Event mechanism replaces hardware interrupts.

CSC 660: Advanced Operating SystemsSlide #40 Xen 1.2 Architecture

CSC 660: Advanced Operating SystemsSlide #41 Xen VMM VMM resides in top 64MB. Protected by segmentation, not page tbl for perf. ring 3 Kernel User 4GB 3GB 0GB Xen S S U ring 1 ring 0

CSC 660: Advanced Operating SystemsSlide #42 Xen System Performance LXVU SPEC INT2000 (score) LXVU Linux build time (s) LXVU OSDB-OLTP (tup/s) LXVU SPEC WEB99 (score) Benchmark suite running on Linux (L), Xen (X), VMware Workstation (V), and UML (U)

CSC 660: Advanced Operating SystemsSlide #43 References 1.Keith Adams and Ole Agesen, “A Comparison of Software and Hardware Techniques for x86 Virtualization,” VMWare whitepaper, Paul Barham et. al., “Xen and the Art of Virtualization,” 19 th ACM Symposium on Operating Systems Principles, Oct Gerald J. Popek and Robert P. Goldberg, “Formal Requirements for Virtualizable Third Generation Architectures,” Communications of the ACM, pp , Ian Pratt, “Xen 3.0 and the Art of Virtualization,” Ottawa Linux Symposium John Scott Robin and Cynthia E. Irvine, “Analysis of the Intel Pentium’s Ability to Support a Secure Virtual Machine Monitor,” Proceedings of the 9 th USENIX Security Symposium, Aug Mendel Rosenblum and Tal Garfinkel, “Virtual Machine Monitors: Current Technology and Future Trends,” IEEE Computer, May James E. Smith and Ravi Nair, Virtual Machines, Elsevier, Abraham Silberschatz, Peter Baer Galvin, and Greg Gagne, Operating System Concepts, 6 th edition, Wiley, Jeremy Sugerman, et. al., “Virtualizing I/O Devices on VMware Workstation’s Hosted Virtual Machine Monitor,” Proceedings of the 2001 USENIX Annual Technical Conference, Rich Uhlig et. al., “Intel Virtualization Technology,” IEEE Computer, May 2005.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.