What are the goals of a VMM?
- Fidelity - Provide identical environment to VM
- Performance - no difference in performance
- Safety/Isolation - VMM is in complete control of system resources
What are some benefits of virtualization?
- Consolidation - can have multiple machines on one physical machine
- Easy to migrate or clone a machine
- Improved security (because of isolated virtual machine)
- Better debugging
- Support for legacy OSes
What are the types of virtualization models?
Bare-metal/hypervisor based (type 1) and hosted (type 2)
What is a bare-metal / hypervisor based VM?
No OS, hypervisor runs directly on top of hardware. Usually runs a privileged VM which controls hardware
What is hosted virtualization?
VMM runs within/on top of OS, can run VM and native applications. Host owns hardware not VMM
Describe trap-and-emulate
When the processor executes guest instructions natively, but traps when a privilege instruction executes. The VMM then decides what to do - throw exception or emulate the instruction
What is binary translation?
In order to be able to run an unmodified binary, the VM is rewritten to not use privileged instructions that do not trap. While a binary is running, the VM checks it see if it is going to use one of those instructions and if so, replaces it with code that doesn’t use it
What is paravirtualization?
Focused on performance, not running unmodified guest. Guest knows that it is virtualized and can make specific calls to the hypervisor to perform operations (hypercall)
What are the types of memory in virtualization?
Virtual (what programs see)
Physical (what VMs see)
Machine (the actual physical memory)
What are the two ways to virtualize memory when doing full virtualization?
- Have two tables (VA->PA) and (PA->MA) — expensive!
2. Guest keeps track of VA->PA, but hypervisor has shadow table to map VA->MA
How do you virtualize memory in a paravirtualized environment?
Because the guest knows it is virtualized, it can explicitly register page tables with the hypervisor
What are the ways to virtualize devices?
Passthrough, hypervisor direct, and split device driver
What is passthrough virtualization?
VMM device driver configures device access permissions and Guest VMs device drivers can access device directly.
What are the cons of passthrough virtualization?
- device sharing is difficult / impossible
- VMM must have the exact type of device expected by the VM
- VM migration is hard since the VM is now hardware-dependent
What is hypervisor direct virtualization?
Hypervisor intercepts all device accesses and emulates the device (translate generic I/O request to hypervisor’s device driver). (-) slow and need device drivers for hypervisor
What is split device driver virtualization?
Have two drivers: front-end (in guest VM) and back-end (in server VM or host, this is the real driver). Only works in paravirtualized environment
What are ways that hardware can support virtualization?
- Remove bad instructions
- Add root/non-root privilege rings
- Extended page tables and TLB with VM tag
- Multiqueue devices - multiple logical interfaces that each VM can connect to
