What is virtualization of a whole machine? What is a VMM? What are the three properties of a virtual of a VMM? What are the dimensions of consideration for virtual machine?
the user can access an instance of a possibly different OS on one physical machine, getting the illusion of a different machine with possibly a different OS.
A VMM is a virtual machine monitor, it provides the execution environment for the virtual machine (guest) and manages it.
A virtual machine property must satisfy the following properties:
- Efficiency: All instructions are executed on the HW directly, without intervention from the control program
- Resource Control: An arbitrary program can not affect the resources allocated to the virtual machine (such as total memory available to the system)
- Equivalence: Any program with a control program resident performs in a manner indistinguishable from the case where the control program does not exist and the program has whatever freedom of access to privileged instructions that the programmer had intended.
The dimension of consideration to run a VM are:
- Simulation of machine elements (CPU, memory, I/O)
- Different architectures at host side
- Different requirements for VM (guest) OS.
How to ensure simulation of machine element: CPU
- CPU:
In case of a CPU with a different instruction set:
* Implement as Emulator: Simply a processor simulator in user space with case-statements to implement individual operation codes and the register as variable.
This however leads to poor performance as it breaks the efficiency property as virtual processor instructions are now executed by several host instructions and interrupts are handled through software and not HW (i.e. instructions are not executed on the HW directly).
An optimization here would be to use Just in Time compilation (JIT) where guest code is compiled on the fly to host code and check for interrupts periodically (where theoretically, interrupt check happens after CPU instruction).
In case of a CPU with the same instruction set:
* Instead of emulation, use the host processor directly: VM becomes a process on host and host processor executes its instructions.
However, some instructions may affect the host (blocking its own IRQ).
According to Popek and Goldberg, the construction of an efficient VMM is possible if the set of sensitive instructions (instructions that change system resources configs and instructions that depend on these configs) can be all executed in system/privileged mode. In this case, emulate the privileged (including the sensitive) instructions by a handler in the VMM then return to VM.
If the criteria does not hold (some sensitive instructions are not privileged and can run in user mode) then adapt t he VM in a way that no instructions that are sensitive in user mode can be executed directly but rather have them emulated
What is the difference between trap and interrupt?
The trap is a signal raised by a user program instructing the operating system to perform some functionality immediately. In contrast, the interrupt is a signal to the CPU emitted by hardware that indicates an event that requires immediate attention.
Trap: raised by user program
Interrupt: raised by HW
How to ensure simulation of machine element: Memory?
- Memory of the VM is just a large memory region of the host where VM instructions can only access this region of memory and the host’s MMU allows for address mapping/translation.
The problem here is how to handle virtual memory and memory protection inside the VM?
- Software solution: emulate MMU behavior in VM with guest page tables as data structures in VMM while VMM creates shadow page tables for host MMU. This creates high overhead due to VMM interventions.
- Hardware Solution: SLAT (Second Level Address Translation) on HW level that separates memory management of VM and VMM in HW allowing the VM to changes its page tables without VMM intervention.
How to ensure simulation of machine element: I/O?
- Emulation: Devices are emulated with all functionality (data busses, interrupt mechanisms, memory mappings). This allows any arbitrary device independent from the physical host HW. Virtualization SF then maps accesses to real devices. For each device the guest would have its guest driver that will communicate with the emulation software that maps it into the host driver which then communicates with the actual physical device.
- Paravirtualization: Avoid overhead of simulation by saving “translations”/”mappings” in data structures in VMM so that guest driver maps OPs directly to host driver.
- Access to Host Devices: Guest driver access host devices directly and natively. In this case Host should not access the device.
- Access to Virtualizable Devices of Host: Direct access to host devices but the device itself is virtualizable is divided into sections/instances that can be mapped and used exclusively for each different VM.
How to ensure different architectures at host side?
- VM as Userland process of Host OS: suitable for emulators but problematic for HW supported solutions because privileged mode requires OS intervention
- VM as Userland process of Host OS with VMM in Host OS Kernel: VMM in host OS Kernel allows for access to privileged component (suitable for HW supported virtualization)
- Dedicated OS only for Execution of VMs (Hypervisor): Hypervisor is some kind of OS that mainly manages virtualization drivers with special scheduling that is virtualization aware instead of having the VMs subject to usual CPU scheduling as in the other two options. The VMMs and virtualization drivers are integrated into the hypervisor
How to ensure different requirements for guest OS?
- Unmodified Guest Operating Systems (full virtualization): VM behaves the same way as it behaves with real hardware. This requires emulation for at least some I/O devices.
- Paravirtualization: Guest OS is adapted to be aware of virtual environment. No need for emulation because guest accesses real functionality in a more direct way (mapping to functions of host OS). Problematic code instructions are replaced by code that directly accesses appropriate hypervisor functionality.
