cs152/252 spring 2018 computer architecture and...

WU UCB CS152/252 SP18

CS152/252 Spring 2018Computer Architecture and Engineering

Graduate Computer Architecture

Lecture 22:Virtual Machines

Lisa Wu, Krste Asanovichttp://inst.eecs.berkeley.edu/~cs152/sp18

©KrsteAsanovic,2015CS252,Fall2015,Lecture17

Outline

§ WhatareVirtualMachinesandwhydoweneedthem?

§ TypesofVirtualMachine-User-level- System-level

§ Techniquesforimplementingallorpartsofanon-nativeISAonahostmachine:- Interpreter- Staticbinarytranslation- Dynamicbinarytranslation- Hardwareemulation

2


A Computer System Abstraction

3


What are Virtual Machines (VMs)?

4

“Virtual Machines (VMs) eliminate real machine constraints and enable a much higher degree of portability and flexibility.”

“Virtual Machines: Architectures, Implementations and Applications”, J. E. Smith and Ravi Nair, Morgan Kaufmann Publishers, 2004

“A virtual machine may have an operating system, instruction set, or both, that differ from those implemented on the underlying real hardware.”

“A virtual machine is implemented by adding software to an execution platform to give it the appearance of a different platform or for that matter, to give the appearance of multiple platforms.”


TypesofVirtualMachine(VM)§ User/ProcessVirtualMachinesrunasingleapplicationaccordingtosomestandardapplicationbinaryinterface(ABI).- ExampleuserABIsincludeWin32forwindowsandJavaVirtualMachine(JVM)

§ (Operating)SystemVirtualMachines provideacompletesystem-levelenvironment- E.g.,IBMVM/370,VMwareESXServer,andXen- SinglecomputerrunsmultipleVMs,andcansupportamultiple,differentOSes- Onconventionalplatform,singleOS“owns”allHWresources- WithaVM,multipleOSes allshareHWresources

§ UnderlyingHWplatformiscalledthehost,whereitsresourcesusedtorunguestVMs(userand/orsystem)

5


User(Process) Virtual Machines

6

http://www.ittc.ku.edu/~kulkarni/teaching/EECS768/slides/chapter1.pdf“Virtual Machines: Architectures, Implementations and Applications”, J. E. Smith and Ravi Nair, Morgan Kaufmann Publishers, 2004


System Virtual Machines

7



SoftwareApplications

§ Howisasoftwareapplicationencoded?-Whatareyougettingwhenyoubuyasoftwareapplication?

-Whatmachineswillitworkon?-Whodoyoublameifitdoesn’twork,i.e.,whatcontract(s)wereviolated?

8


Interoperability

9



UserVirtualMachine=ISA+EnvironmentISAalonenotsufficienttowriteusefulprograms,needI/Otoo!§ DirectaccesstomemorymappedI/Oviaload/storeinstructionsproblematic- time-sharedsystems- portability

§ Operatingsystem usuallyresponsibleforI/O- sharingdevicesandmanagingsecurity- hidingdifferenttypesofhardware(e.g.,EIDEvs.SCSIdisks)

§ ISAcommunicateswithoperatingsystemthroughsomestandardmechanism,i.e.,syscall instructions- exampleconventiontoopenfile:addi x1, x0, 27 # 27 is code for file openaddu x2, x0, rfname # x2 points to filename string

syscall # cause trap into OS# On return from syscall, x1 holds file descriptor

10

WU UCB CS152/252 SP1811

System Interfaces“Virtual Machines: Architectures, Implementations and Applications”, J. E. Smith and Ravi Nair, Morgan Kaufmann Publishers, 2004


ApplicationBinaryInterface(ABI)

§ TheABIisaspecificationofthebinaryformatusedtoencodeprogramsforavirtualmachine,encodesprogramtext(instructions)andinitialvaluesofsomedatasegments

§ Virtualmachinespecificationsinclude-whatstateisavailableatprocesscreation-whichinstructionsareavailable(theISA)-whatsystemcallsarepossible(I/O,ortheenvironment)

§ Operatingsystemimplementsthevirtualmachine- atprocessstartup,OSreadsthebinaryprogram,createsanenvironmentforit,thenbeginstoexecutethecode,handlingtrapsforI/Ocalls,emulation,etc.

12


OSCanSupportMultipleUserVMs

§ Virtualmachinefeatureschangeovertimewithnewversionsofoperatingsystem- newISAinstructionsadded- newtypesofI/Oareadded(e.g.,asynchronousfileI/O)

§ CommontoprovidebackwardscompatibilitysooldbinariesrunonnewOS- SunOS5(SystemVRelease4Unix,Solaris)canrunbinariescompiledforSunOS4(BSD-styleUnix)

-Windows98runsMS-DOSprograms§ IfABIneedsinstructionsnotsupportedbynativehardware,OScanprovideinsoftware

13


ISAImplementationsPartlyinSoftware

§ OftengoodideatoimplementpartofISAinsoftware:§ ExpensivebutrarelyusedinstructionscancausetraptoOSemulationroutine:- e.g.,decimalarithmeticinstructionsinMicroVaximplementationofVAXISA

§ Infrequentbutdifficultoperandvaluescancausetrap- e.g.,IEEEfloating-pointdenormals causetrapsinmanyfloating-pointunitimplementations

§ Oldmachinecantrapunusedopcodes,allowsbinariesfornewISAtorunonoldhardware- e.g.,SunSPARCv8addedintegermultiplyinstructions,olderv7CPUstrapandemulate

14


SupportingNon-NativeISAs§ RunprogramsforoneISAonhardwarewithdifferentISA§ SoftwareInterpreter(OSsoftwareinterpretsinstructionsatrun-time)- E.g.,OS9forPowerPCMacshadinterpreterfor68000code

§ BinaryTranslation(convertatinstalland/orloadtime)- IBMAS/400tomodifiedPowerPCcores- DECtoolsforVAX->MIPS->Alpha

§ DynamicTranslation(non-nativeISAtonativeISAatruntime)- Sun’sHotSpot JavaJIT(just-in-time)compiler- Transmeta Crusoe,x86->VLIWcodemorphing- OSXforIntelMacshasdynamicbinarytranslatorforPowerPC(Rosetta)

§ Run-timeHardwareEmulation- IBM360hadoptionalIBM1401emulatorinmicrocode- IntelItaniumconvertsx86tonativeVLIW(twosoftware-visibleISAs)- ARMcoressupport32-bitARM,16-bitThumb,andJVM(threesoftware-visibleISAs!)

15


SoftwareInterpreter

16

§ Fetchanddecodeoneinstructionatatimeinsoftware

MemoryimageofguestVMlivesinhost

interpreterdatamemory

InterpreterData

InterpreterCode

InterpreterStack

while(!stop){inst=Code[PC];PC+=4;execute(inst);}

fetch-decodeloop

GuestISACode

GuestISAData

ExecutableonDisk

GuestISACode

GuestISAData

GuestStack

Loadintointerpreterprocessmemory


SoftwareInterpreter

§ Easytocode,smallcodefootprint§ Slow,approximately100xslowerthannativeexecutionforRISCISAhostedonRISCISA

§ Problemistimetakentodecodeinstructions- fetchinstructionfrommemory- switchtablestodecodeopcodes- extractregisterspecifiersusingbitshifts- accessregisterfiledatastructure- executeoperation- returntomainfetchloop

17


BinaryTranslation

§ EachguestISAinstructiontranslatesintosomesetofhost(ornative)ISAinstructions

§ Insteadofdynamicallyfetchinganddecodinginstructionsatrun-time,translateentirebinaryprogramandsaveresultasnewnativeISAexecutable

§ Removesinterpretivefetch-decodeoverhead§ Candocompileroptimizationsontranslatedcodetoimproveperformance- registerallocationforvaluesflowingbetweenguestISAinstructions- nativeinstructionschedulingtoimproveperformance- removeunreachablecode- inlineassemblyprocedures

18


BinaryTranslation,Take1

19

Guest ISA

Code

Guest ISA Data

Executable on Disk

Native ISA

Code

Guest ISA Data

Executable on Disk

Native DataTranslate to

native ISA code

Data unchanged

Native translation might need extra data

workspace


BinaryTranslationProblems

20

BranchandJumptargets- guestcode:

j L1...

L1: lw r1, (r4)jr (r1)

- nativecodej

translation

lwtranslation

jrtranslation

nativejumpatendofblockjumpstonativetranslationoflw

Whereshouldthejumpregistergo?


PCMappingTable§ TablegivestranslatedPCforeachguestPC§ Indirectjumpstranslatedintocodethatlooksintabletofindwheretojumpto- canoptimizewell-behavedguestcodeforsubroutinecall/returnbyusingnativePCinreturnlinks

§ IfcanbranchtoanyguestPC,thenneedonetableentryforeveryinstructioninhostedprogramè bigtable

§ IfcanbranchtoanyPC,theneither- limitinter-instructionoptimizations- largecodeexplosiontoholdoptimizationsforeachpossibleentryintosequentialcodesequence

§ Onlyminorityofguestinstructionsareindirectjumptargets,wanttofindthese- designahighlystructuredVMdesign- userun-timefeedbackoftargetlocations

21


BinaryTranslationProblems

22

§ Self-modifyingcode!- sw r1, (r2)# r2 points into code space

§ Rareinmostcode,buthastobehandledifallowedbyguestISA

§ Usuallyhandledbyincludinginterpreterandmarkingmodifiedcodepagesas“interpretonly”

§ Havetoinvalidateallnativebranchesintomodifiedcodepages


BinaryTranslation,Take2

23

GuestISACode

GuestISAData

ExecutableonDisk

NativeISACode

ExecutableonDisk

PCMappingTable

GuestISACode

GuestISAData

NativeInterpreter

TranslatetonativeISAcode

Keepcopyofcodeanddatain

nativedatasegment

Interpreterusedforrun-timemodifiedcode,checksforjumpsbackinto

nativecodeusingPCmappingtable

Translationhastocheckformodified

codepagesthenjumptointerpeter

Mappingtableusedforindirectjumpsand

tojumpfrominterpreterbackintonativetranslations


IBMSystem/38andAS/400

24

§ System/38announced1978- AS/400isfollow-online,nowcalled“SystemI”or“iSeries”

§ High-levelinstructionsetinterfacedesignedforbinarytranslation§ Memory-memory instructionset,neverdirectlyexecutedbyhardware

HardwareMachine

HorizontalMicrocode

VerticalMicrocode

High-LevelArchitectureInterface

Languages,Database,Utilities

ControlProgramFacility

UserApplications

ReplacedbymodifiedPowerPCcoresin

newer iSeries machinesUsed48-bitCISCengineinearlier

machines


DynamicTranslation

§ Translatecodesequencesasneededatrun-time,butcacheresults

§ Canoptimizecodesequencesbasedondynamicinformation(e.g.,branchtargetsencountered)

§ Tradeoffbetweenoptimizerrun-timeandtimesavedbyoptimizationsintranslatedcode

§ TechniqueusedinJavaJIT(Just-In-Time)compilers,andVirtualMachineMonitors(forsystemVMs)

§ Also,Transmeta Crusoeforx86emulation

25


SystemVMs:SupportingMultipleOSsonSameHardware

§ Canvirtualizetheenvironmentthatanoperatingsystemsees,anOS-levelVM,orsystemVM

§ HypervisorlayerimplementssharingofrealhardwareresourcesbymultipleOSVMsthateachthinktheyhaveacompletecopyofthemachine- PopularinearlydaystoallowmainframetobesharedbymultiplegroupsdevelopingOScode

-UsedinmodernmainframestoallowmultipleversionsofOStoberunningsimultaneouslyè OSupgradeswithnodowntime!

- ExampleforPCs:VMwareallowsWindowsOStorunontopofLinux(orvice-versa)

§ Requirestraponaccesstoprivilegedhardwarestate- easierifOSinterfacetohardwarewelldefined

26


IntroductiontoSystemVirtualMachines

§ VMsdevelopedinlate1960s- Remainedimportantinmainframecomputingovertheyears- Largelyignoredinsingleusercomputersof1980sand1990s

§ Recentlyregainedpopularitydueto- increasingimportanceofisolationandsecurityinmodernsystems,- failuresinsecurityandreliabilityofstandardoperatingsystems,- sharingofasinglecomputeramongmanyunrelatedusers,- andthedramaticincreasesinrawspeedofprocessors,whichmakestheoverheadofVMsmoreacceptable

27


VirtualMachineMonitors(VMMs)

§ Virtualmachinemonitor (VMM)orhypervisor issoftwarethatsupportsVMs

§ VMMdetermineshowtomapvirtualresourcestophysicalresources

§ Physicalresourcemaybetime-shared,partitioned,oremulatedinsoftware

§ VMMismuchsmallerthanatraditionalOS;- isolationportionofaVMMis» 10,000linesofcode

28


VMMOverhead?§ Dependsontheworkload§ User-levelprocessor-bound programs(e.g.,SPEC)havezero-virtualizationoverhead- RunsatnativespeedssinceOSrarelyinvoked

§ I/O-intensiveworkloads thatareOS-intensive executemanysystemcallsandprivilegedinstructions,canresultinhighvirtualizationoverhead- ForSystemVMs,goalofarchitectureandVMMistorunalmostallinstructionsdirectlyonnativehardware

§ IfI/O-intensiveworkloadisalsoI/O-bound, lowprocessorutilizationsincewaitingforI/O- processorvirtualizationcanbehidden,solowvirtualizationoverhead

29


OtherUsesofVMs

1. ManagingSoftware- VMs provideanabstractionthatcanrunthecompleteSWstack,evenincludingoldOSes likeDOS

- Typicaldeployment:someVMs runninglegacyOSes,manyrunningcurrentstableOSrelease,fewtestingnextOSrelease

2. ManagingHardware- VMs allowseparateSWstackstorunindependentlyyetshareHW,therebyconsolidatingnumberofservers-SomeruneachapplicationwithcompatibleversionofOSonseparatecomputers,asseparationhelpsdependability

- MigraterunningVMtoadifferentcomputer-EithertobalanceloadortoevacuatefromfailingHW

30


Example Use Cases of VMs

31



RequirementsofaVirtualMachineMonitor

§ AVMMonitor- PresentsaSWinterfacetoguestsoftware,- Isolatesstateofguestsfromeachother,and- Protectsitselffromguestsoftware(includingguestOSes)

§ GuestsoftwareshouldbehaveonaVMexactlyasifrunningonthenativeHW- Exceptforperformance-relatedbehaviororlimitationsoffixedresourcessharedbymultipleVMs

§ Guestsoftwareshouldnotbeabletochangeallocationofrealsystemresourcesdirectly

§ Hence,VMMmustcontrol» everythingeventhoughguestVMandOScurrentlyrunningistemporarilyusingthem- Accesstoprivilegedstate,Addresstranslation,I/O,ExceptionsandInterrupts,…

32


RequirementsofaVirtualMachineMonitor

§ VMMmustbeathigherprivilegelevelthanguestVM,whichgenerallyruninusermodeÞExecutionofprivilegedinstructionshandledbyVMM

§ E.g.,Timerinterrupt:VMMsuspendscurrentlyrunningguestVM,savesitsstate,handlesinterrupt,determinewhichguestVMtorunnext,andthenloaditsstate- GuestVMsthatrelyontimerinterruptprovidedwith

virtualtimerandanemulatedtimerinterruptbyVMM§ Requirementsofsystemvirtualmachinesare

sameaspaged-virtualmemory:1. Atleast2processormodes,systemanduser2. Privilegedsubsetofinstructionsavailableonlyin

systemmode,trapifexecutedinusermode- Allsystemresourcescontrollableonlyviathese

instructions

33


ISASupportforVirtualMachines§ IfVMs areplannedforduringdesignofISA,easytoreduceinstructionsthatmustbeexecutedbyaVMMandhowlongittakestoemulatethem- SinceVMs havebeenconsideredfordesktop/PCserverappsonlyrecently,mostISAs werecreatedwithoutvirtualizationinmind,including80x86andmostRISCarchitectures

§ VMMmustensurethatguestsystemonlyinteractswithvirtualresourcesÞ conventionalguestOSrunsasusermodeprogramontopofVMM- IfguestOSattemptstoaccessormodifyinformationrelatedtoHWresourcesviaaprivilegedinstruction--forexample,readingorwritingthepagetablepointer--itwilltraptotheVMM

§ Ifnot,VMMmustinterceptinstructionandsupportavirtualversionofthesensitiveinformationastheguestOSexpects(examplessoon)

34


ImpactofVMsonVirtualMemory§ VirtualizationofvirtualmemoryifeachguestOSineveryVMmanagesitsownsetofpagetables?

§ VMMseparatesreal andphysicalmemory- Makesrealmemoryaseparate,intermediatelevelbetweenvirtualmemoryandphysicalmemory

- Someusethetermsvirtualmemory,physicalmemory,andmachinememory tonamethe3levels

- GuestOSmapsvirtualmemorytorealmemoryviaitspagetables,andVMMpagetablesmaprealmemorytophysicalmemory

- InRISC-V,user-virtualaddresses,plussupervisor-physical,hypervisor-physical,machine-physicaladdresses

§ VMMmaintainsashadowpagetable thatmapsdirectlyfromtheguestvirtualaddressspacetothephysicaladdressspaceofHW- Ratherthanpayextralevelofindirectiononeverymemoryaccess- VMMmusttrapanyattemptbyguestOStochangeitspagetableortoaccessthepagetablepointer

35


ISASupportforVMs&VirtualMemory

§ IBM370architectureaddedadditionallevelofindirectionthatismanagedbytheVMM- GuestOSkeepsitspagetablesasbefore,sotheshadowpagesareunnecessary

§ Tovirtualize softwareTLB,VMMmanagestherealTLBandhasacopyofthecontentsoftheTLBofeachguestVM- AnyinstructionthataccessestheTLBmusttrap- TLBs withProcessIDtagssupportamixofentriesfromdifferentVMs andtheVMM,therebyavoidingflushingoftheTLBonaVMswitch

§ RecentprocessordesignshaveaddedsimilarmechanismstoaccelerateVMMs

36


ImpactofVirtualizationonI/O§ Mostdifficultpartofvirtualization- IncreasingnumberofI/Odevicesattachedtothecomputer- IncreasingdiversityofI/Odevicetypes- SharingofarealdeviceamongmultipleVMs,- Supportingthemyriadofdevicedriversthatarerequired,

especiallyifdifferentguestOSes aresupportedonthesameVMsystem

§ GiveeachVMgenericversionsofeachtypeofI/Odevicedriver,andletVMMhandlerealI/O

§ MethodformappingvirtualtophysicalI/Odevicedependsonthetypeofdevice:- DiskspartitionedbyVMMtocreatevirtualdisksforguest

VMs- NetworkinterfacessharedbetweenVMs inshorttime

slices,andVMMtracksmessagesforvirtualnetworkaddressestoensurethatguestVMs onlyreceivetheirmessages

37


Extra Resource for Learning VM• Recommended Reading:

• “An Overview of Virtual Machine Architectures”, J. E. Smith and Ravi Nair, 21-page article

• “Virtual Machines: Architectures, Implementations and Applications”, J. E. Smith and Ravi Nair, Textbook 2004

38


Acknowledgements

§ ThiscourseispartlyinspiredbypreviousMIT6.823andBerkeleyCS252computerarchitecturecoursescreatedbymycollaboratorsandcolleagues:- Arvind (MIT)- JoelEmer (Intel/MIT)- JamesHoe(CMU)- JohnKubiatowicz (UCB)- DavidPatterson(UCB)

39

cs152/252 spring 2018 computer architecture and...

Documents