1. System Virtualization 1 Learning Objective: –To understand the implementation choices and details of System Virtualization COMP25212 1

2. Aims and Definitions COMP25212 2 Application Operating System Hardware Applications Guest A Operating System Virtual Machine Monitor/Hypervisor Applications Host Hardware Guest B Operating System UnvirtualizedVirtualized Host: Guest:

3. Hosted Virtualization COMP25212 3 Applications Guest A Operating System Applications Host Hardware Guest B Operating System Application Host Operating System Virtual Machine Monitor/Hypervisor Advantages? Disadvantages?

4. Xen Guest 0 Virtualization COMP25212 4 Applications Guest 0 Operating System Applications Host Hardware Guest B Operating System Application Virtual Machine Monitor/Hypervisor Advantages? Disadvantages? Guest A Operating System

5. Revision: OS Protection/Privilege OS handles physical resources: –Privileged Application isolated from resources: –Non-privileged COMP25212 5 Application Operating System Hardware Unvirtualized

6. Virtualization: Protection/Privilege VMM handles physical resources: –Privileged Guest OS isolated from resources –non- (less- )privileged COMP25212 6 Applications Guest A Operating System Virtual Machine Monitor/Hypervisor Applications Host Hardware Guest B Operating System Virtualized VMM gets control on every guest OS access to physical resource

7. What Physical Resources are Guarded? Timers CPU registers: –Interrupt Enable –Page Table Base Device Control Registers –Programmed I/O? –Interrupt I/O? –DMA I/O? Interrupts (may be for different Guest?) Memory Mapping (page tables) COMP25212 7

8. How does Guest Cause VMM Entry? VMM designers are (a bit) lucky: –Many Guest accesses to physical resources cause trap in non-privileged mode –So, running the OS in non-privileged mode suffices BUT some instructions behave differently (without trapping) in privileged and non- priv mode e.g. Intel “Store into Flags” COMP25212 8

9. Memory Accessing in Virtualization COMP25212 9 Virtual Address VMMPage Tables Physical Address Virtualized Virtual Address OS Page Tables (+ TLBs for efficiency) Physical Address Unvirtualized OS Page Tables TLBs ??

10. Interfacing Guest OS and VMM Three solutions today: a)Software (static) b)Software (dynamic) c)Hardware (dynamic) COMP25212 10

11. ParaVirtualization Modify Guest OS to be Virtualization-aware: a)call VMM for all privileged operations b)cooperate with VMM over shared page tables c)call VMM for input-output Advantages? Disadvantages? COMP25212 11

12. Detect and Fix Interfaces in VMM Detection: –Write-protect Guest OS page tables –Code-scan (Dynamic Binary Translation?) Guest OS for unsafe instructions – plant traps Fixing: –Use write-error trap to detect guest page-table writes –Provide “shadow page tables” for hardware TLBs –Use “illegal instruction” and “trap” traps COMP25212 12

13. Detect and Fix Interfaces in Hardware Requirement: –VMM runs more-privileged than Guest OS Hardware provides Application/OS and VMM modes When Virtualization is active, all OS accesses to physical resources trap to VMM Advantages? Disadvantages? COMP25212 13

14. The Manchester Solution … watch this space … or help make it happen! COMP25212 14