CSE 120 Principles of Operating Systems Winter 2007 Lecture 16 Virtual Machine Monitors Keith Marzullo and Geoffrey M M Voelker Virtual Machine Monitors z Virtual Machine Monitors VMMs are a hot topic in industry and academia Industry commitment Software VMware Xen Microsoft Virtual PC Hardware Intel VT AMD V z z If Intel and AMD add it to their chips you know it s serious Academia lots of VMM based projects and papers An old idea actually developed by IBM in 60s and 70s Today What is it what problems have to be solved how to solve them Survey some virtualization systems Briefly outline cool things you can do with virtualization March 7 2007 CSE 120 Lecture 16 Virtual Machine Monitors 2007 Keith Marzullo and Geoffrey M Voelker 2 1 What is a VMM z We have seen that an OS already virtualizes z Syscalls processes virtual memory file system sockets etc Applications program to this interface A VMM virtualizes an entire physical machine Interface supported is the hardware OS defines a higher level interface z VMM provides the illusion that software has full control over the hardware of course VMM is in control VMM applications run in virtual machines c f OS processes Implications You can boot an operating system in a virtual machine Run multiple instances of an OS on same physical machine Run different OSes simultaneously on the same machine Linux on Windows Windows on Mac etc March 7 2007 CSE 120 Lecture 16 Virtual Machine Monitors 2007 Keith Marzullo and Geoffrey M Voelker 3 Why in tarnation would you do such a crazy thing z Resource utilization Machines todayy are p powerful want to multiplex p their hardware Can migrate VMs from one machine to another without shutdown e g ISP hosting can divvy up a physical machine to customers z Software use and development Can run multiple OSes simultaneously Can do system e g OS development at user level No need to dual boot z Many other cool applications z Debugging emulation security speculation fault tolerance Common theme is manipulating applications services at the granularity of a machine Specific version of OS libraries applications etc as package March 7 2007 CSE 120 Lecture 16 Virtual Machine Monitors 2007 Keith Marzullo and Geoffrey M Voelker 4 2 VMM Requirements z Fidelity OSes and applications work the same without modification although we may modify the OS a bit z Isolation z VMM protects resources and VMs from each other Performance VMM is another layer of software and therefore overhead VMware As with OS want to minimize this overhead CPU intensive apps 2 10 overhead I O intensive apps 25 60 overhead March 7 2007 CSE 120 Lecture 16 Virtual Machine Monitors 2007 Keith Marzullo and Geoffrey M Voelker 5 Rough VMM Model z VMM runs with privilege z Want to run OS code in a VM directly on CPU z Think in terms of making the OS a user level process What OS code can run directly what will cause problems Ideally want privileged instructions to trap z OS in VM runs at lesser lesser privilege think user user level level VMM multiplexes resources among VMs Exception vectors to VMM VMM it emulates operation operation returns Nothing modified running unprivileged is transparant Known as trap and emulate Unfortunately on architectures like x86 not so easy March 7 2007 CSE 120 Lecture 16 Virtual Machine Monitors 2007 Keith Marzullo and Geoffrey M Voelker 6 3 Virtualizing the x86 z Ease of virtualization influenced by the architecture z x86 is perhaps the last architecture you would choose But it s what everyone uses so that s what we deal with Issues Unvirtualizable events popf does not trap when it cannot modify system flags Hardware managed TLB VMM cannot easily interpose on a TLB miss more in a bit Untagged TLB Have to flush on context switches just a performance issue z Why Intel and AMD have added virtualization support March 7 2007 CSE 120 Lecture 16 Virtual Machine Monitors 2007 Keith Marzullo and Geoffrey M Voelker 7 Xen z Uses paravirtualization z Fancyy word for we have to modifyy recompile p the OS Since you re modifying the OS make life easy for yourself Create a VMM interface to minimize porting and overhead Xen hypervisor VMM implements interface VMM runs at privilege VMs domains run unprivileged Trusted OS Linux runs in own domain Domain0 Use Domain0 to manage system operate devices etc z Most recent version of Xen does not require OS mods z Because of Intel AMD hardware support Commercialized via XenSource but also open source March 7 2007 CSE 120 Lecture 16 Virtual Machine Monitors 2007 Keith Marzullo and Geoffrey M Voelker 8 4 Xen Architecture March 7 2007 CSE 120 Lecture 16 Virtual Machine Monitors 2007 Keith Marzullo and Geoffrey M Voelker 9 VMware z VMware workstation uses hosted model z VMware ESX server uses hypervisor model z VMM runs unprivileged unprivileged installed on base OS Relies upon base OS for device functionality Similar to Xen but no guest domain OS VMware uses software virtualization Dynamic binary rewriting translates code executed in VM Rewrite privileged instructions with emulation code may trap CPU only executes translated code Think JIT compilation for JVM but Incurs overhead but can be well tuned small hit full binary x86 IR code safe subset of x86 March 7 2007 CSE 120 Lecture 16 Virtual Machine Monitors 2007 Keith Marzullo and Geoffrey M Voelker 10 5 VMware Hosted Architecture March 7 2007 CSE 120 Lecture 16 Virtual Machine Monitors 2007 Keith Marzullo and Geoffrey M Voelker 11 What needs to be virtualized z Exactly what you would expect z CPU Events exceptions and interrupts Memory I O devices Isn t this just duplicating OS functionality in a VMM Yes and no Approaches will be similar to what we do with OSes Simpler in functionality though VMM much smaller than OS But implements a different abstraction Hardware interface vs OS interface March 7 2007 CSE 120 Lecture 16 Virtual Machine Monitors 2007 Keith Marzullo and Geoffrey M Voelker 12 6 Virtualizing Privileged Insts z OSes can no longer successfully execute privileged instructions z For those instructions that cause an exception z Virtual memory registers interrupts I O halt etc Trap to VMM take care of business return to OS in VM For those that do not Xen modify OS to hypervisor call into VMM VMware rewrite OS instructions to emulate or call into VMM March 7 2007 CSE 120 Lecture 16 Virtual Machine Monitors 2007 Keith Marzullo and Geoffrey M Voelker 13 Virtualizing the CPU z z VMM needs to multiplex VMs on CPU How Just as you would expect z
View Full Document
Unlocking...