![Page 1: QEMU Binary Translation412/lectures/L05_QEMU_BT.pdf · Quick EMUlation (QEMU) Ø Machine Emulator Ø Virtualizer QEMU modes: Ø User-mode emulation – Allows a process built for](https://reader030.vdocuments.site/reader030/viewer/2022040205/5f031a577e708231d4078c75/html5/thumbnails/1.jpg)
QEMU Binary Translation
Ashish Kaila (akaila)
Maneet Singh (maneets)
1
![Page 2: QEMU Binary Translation412/lectures/L05_QEMU_BT.pdf · Quick EMUlation (QEMU) Ø Machine Emulator Ø Virtualizer QEMU modes: Ø User-mode emulation – Allows a process built for](https://reader030.vdocuments.site/reader030/viewer/2022040205/5f031a577e708231d4078c75/html5/thumbnails/2.jpg)
Virtualization Techniques
Ø Full Virtualization using Binary Translation
2
![Page 3: QEMU Binary Translation412/lectures/L05_QEMU_BT.pdf · Quick EMUlation (QEMU) Ø Machine Emulator Ø Virtualizer QEMU modes: Ø User-mode emulation – Allows a process built for](https://reader030.vdocuments.site/reader030/viewer/2022040205/5f031a577e708231d4078c75/html5/thumbnails/3.jpg)
Virtualization Techniques
Ø OS Assisted Virtualization or Paravirtualization
3
![Page 4: QEMU Binary Translation412/lectures/L05_QEMU_BT.pdf · Quick EMUlation (QEMU) Ø Machine Emulator Ø Virtualizer QEMU modes: Ø User-mode emulation – Allows a process built for](https://reader030.vdocuments.site/reader030/viewer/2022040205/5f031a577e708231d4078c75/html5/thumbnails/4.jpg)
Virtualization Techniques
Ø Hardware Assisted Virtualization
4
![Page 5: QEMU Binary Translation412/lectures/L05_QEMU_BT.pdf · Quick EMUlation (QEMU) Ø Machine Emulator Ø Virtualizer QEMU modes: Ø User-mode emulation – Allows a process built for](https://reader030.vdocuments.site/reader030/viewer/2022040205/5f031a577e708231d4078c75/html5/thumbnails/5.jpg)
Binary Translation
Ø VMWare Software Virtualization
Source Inst Stream (binary)
IR1IR2
.
.IRn
Translation Units (TU)
IR1IR2
.
.IRn
Target Inst Stream (binary)
Compiled Code Fragment (CCF)
Dynamic Binary Translator
5
![Page 6: QEMU Binary Translation412/lectures/L05_QEMU_BT.pdf · Quick EMUlation (QEMU) Ø Machine Emulator Ø Virtualizer QEMU modes: Ø User-mode emulation – Allows a process built for](https://reader030.vdocuments.site/reader030/viewer/2022040205/5f031a577e708231d4078c75/html5/thumbnails/6.jpg)
Binary Translation
Ø QEMU Binary Translation in brief
Source Inst Stream (binary)
Micro-operations
implemented in C
Object file
Target Inst Stream (binary)
dyngen
6
![Page 7: QEMU Binary Translation412/lectures/L05_QEMU_BT.pdf · Quick EMUlation (QEMU) Ø Machine Emulator Ø Virtualizer QEMU modes: Ø User-mode emulation – Allows a process built for](https://reader030.vdocuments.site/reader030/viewer/2022040205/5f031a577e708231d4078c75/html5/thumbnails/7.jpg)
Quick EMUlation (QEMU)
Ø Machine Emulator
Ø Virtualizer
QEMU modes:
Ø User-mode emulation – Allows a process built for one CPU to be
executed on another.
Ø System-mode emulation – Allows emulation of a full system,
including processor and assorted peripherals.7
![Page 8: QEMU Binary Translation412/lectures/L05_QEMU_BT.pdf · Quick EMUlation (QEMU) Ø Machine Emulator Ø Virtualizer QEMU modes: Ø User-mode emulation – Allows a process built for](https://reader030.vdocuments.site/reader030/viewer/2022040205/5f031a577e708231d4078c75/html5/thumbnails/8.jpg)
References
• A comparison of software and hardware techniques for x86 virtualization – Keith Adams, Ole Agesen, ASPLOS’06
• Understanding Full Virtualization, Paravirtualization and Hardware Assist – VMware Whitepaper
• QEMU, a fast and portable Dynamic Translator – Fabrice Bellard
• QEMU Wiki: wiki.qemu.org
8
![Page 9: QEMU Binary Translation412/lectures/L05_QEMU_BT.pdf · Quick EMUlation (QEMU) Ø Machine Emulator Ø Virtualizer QEMU modes: Ø User-mode emulation – Allows a process built for](https://reader030.vdocuments.site/reader030/viewer/2022040205/5f031a577e708231d4078c75/html5/thumbnails/9.jpg)
QEMU Deep Dive
Source: wiki.qemu.org
9
![Page 10: QEMU Binary Translation412/lectures/L05_QEMU_BT.pdf · Quick EMUlation (QEMU) Ø Machine Emulator Ø Virtualizer QEMU modes: Ø User-mode emulation – Allows a process built for](https://reader030.vdocuments.site/reader030/viewer/2022040205/5f031a577e708231d4078c75/html5/thumbnails/10.jpg)
10
![Page 11: QEMU Binary Translation412/lectures/L05_QEMU_BT.pdf · Quick EMUlation (QEMU) Ø Machine Emulator Ø Virtualizer QEMU modes: Ø User-mode emulation – Allows a process built for](https://reader030.vdocuments.site/reader030/viewer/2022040205/5f031a577e708231d4078c75/html5/thumbnails/11.jpg)
11
![Page 12: QEMU Binary Translation412/lectures/L05_QEMU_BT.pdf · Quick EMUlation (QEMU) Ø Machine Emulator Ø Virtualizer QEMU modes: Ø User-mode emulation – Allows a process built for](https://reader030.vdocuments.site/reader030/viewer/2022040205/5f031a577e708231d4078c75/html5/thumbnails/12.jpg)
12
![Page 13: QEMU Binary Translation412/lectures/L05_QEMU_BT.pdf · Quick EMUlation (QEMU) Ø Machine Emulator Ø Virtualizer QEMU modes: Ø User-mode emulation – Allows a process built for](https://reader030.vdocuments.site/reader030/viewer/2022040205/5f031a577e708231d4078c75/html5/thumbnails/13.jpg)
13
![Page 14: QEMU Binary Translation412/lectures/L05_QEMU_BT.pdf · Quick EMUlation (QEMU) Ø Machine Emulator Ø Virtualizer QEMU modes: Ø User-mode emulation – Allows a process built for](https://reader030.vdocuments.site/reader030/viewer/2022040205/5f031a577e708231d4078c75/html5/thumbnails/14.jpg)
14
![Page 15: QEMU Binary Translation412/lectures/L05_QEMU_BT.pdf · Quick EMUlation (QEMU) Ø Machine Emulator Ø Virtualizer QEMU modes: Ø User-mode emulation – Allows a process built for](https://reader030.vdocuments.site/reader030/viewer/2022040205/5f031a577e708231d4078c75/html5/thumbnails/15.jpg)
15
![Page 16: QEMU Binary Translation412/lectures/L05_QEMU_BT.pdf · Quick EMUlation (QEMU) Ø Machine Emulator Ø Virtualizer QEMU modes: Ø User-mode emulation – Allows a process built for](https://reader030.vdocuments.site/reader030/viewer/2022040205/5f031a577e708231d4078c75/html5/thumbnails/16.jpg)
16
![Page 17: QEMU Binary Translation412/lectures/L05_QEMU_BT.pdf · Quick EMUlation (QEMU) Ø Machine Emulator Ø Virtualizer QEMU modes: Ø User-mode emulation – Allows a process built for](https://reader030.vdocuments.site/reader030/viewer/2022040205/5f031a577e708231d4078c75/html5/thumbnails/17.jpg)
QEMU ARCHITECTURE
17
![Page 18: QEMU Binary Translation412/lectures/L05_QEMU_BT.pdf · Quick EMUlation (QEMU) Ø Machine Emulator Ø Virtualizer QEMU modes: Ø User-mode emulation – Allows a process built for](https://reader030.vdocuments.site/reader030/viewer/2022040205/5f031a577e708231d4078c75/html5/thumbnails/18.jpg)
18
![Page 19: QEMU Binary Translation412/lectures/L05_QEMU_BT.pdf · Quick EMUlation (QEMU) Ø Machine Emulator Ø Virtualizer QEMU modes: Ø User-mode emulation – Allows a process built for](https://reader030.vdocuments.site/reader030/viewer/2022040205/5f031a577e708231d4078c75/html5/thumbnails/19.jpg)
1919
![Page 20: QEMU Binary Translation412/lectures/L05_QEMU_BT.pdf · Quick EMUlation (QEMU) Ø Machine Emulator Ø Virtualizer QEMU modes: Ø User-mode emulation – Allows a process built for](https://reader030.vdocuments.site/reader030/viewer/2022040205/5f031a577e708231d4078c75/html5/thumbnails/20.jpg)
Thank you
20