virtualization support by intel
TRANSCRIPT
Virtualization Support by Intel
Inzemamul Haque
20 Feb 2015
History
• Virtual Machine concept introduced by IBM in late 1960s.
History
• Virtual Machine concept introduced by IBM in late 1960s.
• It was difficult for Intel x86 to virtualize because it was not satisfying the constraints
Problem in Intel x86
Hardware
Problem in Intel x86
Hardware
Operating System Kernel
User Applications
Different techniques before Virtualization Support by Hardware• Binary Translation
Different techniques before Virtualization Support by Hardware• Binary Translation
• Paravirtualization or OS assisted virtualization
Binary Translation
Hardware
Operating System Kernel
User Applications
VMM
Paravirtualization
Hardware
ParavirtualizedOS
User Applications
Virtualization Layer
Hardware Support – Bird’s-eye View
• In 2006, Intel introduced VT-x
Hardware
OS
User Applications
VMM
Hardware Support – Bird’s-eye View
• In 2006, Intel introduced VT-x
Hardware
OS
User Applications
VMMVMX Root Mode
VMX Non-Root Mode
VT-x Operating Modes
• Set of processor operations called VMX operations
VT-x Operating Modes
• Set of processor operations called VMX operations
• Two kinds of VMX operation
VT-x Operating Modes
• Set of processor operations called VMX operations
• Two kinds of VMX operation• VMX root operation
• Fully privileged, generally for VMM
VT-x Operating Modes
• Set of processor operations called VMX operations
• Two kinds of VMX operation• VMX root operation
• Fully privileged, generally for VMM
• VMX non-root operation• Not fully privileged, generally for guest
• Reduces the privilege of guest software developed to operate in ring 0
VM Entry and Exit
• Two types of transitions
VM Entry and Exit
• Two types of transitions• VM entry
• Transition from VM root operation to VM non root operation
• Loads guest state from VMCS
• Stores VMM state to VMCS
VM Entry and Exit
• Two types of transitions• VM entry
• Transition from VM root operation to VM non root operation
• Loads guest state from VMCS
• Stores VMM state to VMCS
• VM exit• Transition from VM non-root operation to VM root operation
• Stores guest state to VMCS
• Loads VMM state from VMCS
VM Entry and Exit
Guest 0 Guest 1
VMMVMXON VMXOFF
VM EntryVM Exit VM Exit
Picture: Copied from Intel Manual Sept 2014
Virtual Machine Control Structure
• Control Structures stored in memory
Virtual Machine Control Structure
• Control Structures stored in memory
• One VMCS active per virtual processor at a time
Virtual Machine Control Structure
• Control Structures stored in memory
• One VMCS active per virtual processor at a time
• Stores guest state, host state, VMX controls and VM-exit information
VM Exits in VMX Non-Root Operation
• Some instructions cause VM-exit unconditionally• e.g. CPUID, INVD, XSETBV, INVEPT, VMCLEAR, VMLAUNCH, etc.
VM Exits in VMX Non-Root Operation
• Some instructions cause VM-exit unconditionally• e.g. CPUID, INVD, XSETBV, INVEPT, VMCLEAR, VMLAUNCH, etc.
• Some instructions cause VM-exit conditionally based on VM-execution control settings in VMCS• e.g. HLT, INVLPG, MONITOR, VMREAD, etc.
VM Exits in VMX Non-Root Operation
• Some instructions cause VM-exit unconditionally• e.g. CPUID, INVD, XSETBV, INVEPT, VMCLEAR, VMLAUNCH, etc.
• Some instructions cause VM-exit conditionally based on VM-execution control settings in VMCS• e.g. HLT, INVLPG, MONITOR, VMREAD, etc.
• Exceptions
VM Exits in VMX Non-Root Operation
• Some instructions cause VM-exit unconditionally• e.g. CPUID, INVD, XSETBV, INVEPT, VMCLEAR, VMLAUNCH, etc.
• Some instructions cause VM-exit conditionally based on VM-execution control settings in VMCS• e.g. HLT, INVLPG, MONITOR, VMREAD, etc.
• Exceptions
• Triple Faults
VM Exits in VMX Non-Root Operation
• Some instructions cause VM-exit unconditionally• e.g. CPUID, INVD, XSETBV, INVEPT, VMCLEAR, VMLAUNCH, etc.
• Some instructions cause VM-exit conditionally based on VM-execution control settings in VMCS• e.g. HLT, INVLPG, MONITOR, VMREAD, etc.
• Exceptions
• Triple Faults
• External Interrupts
VM Exits in VMX Non-Root Operation
• Some instructions cause VM-exit unconditionally• e.g. CPUID, INVD, XSETBV, INVEPT, VMCLEAR, VMLAUNCH, etc.
• Some instructions cause VM-exit conditionally based on VM-execution control settings in VMCS• e.g. HLT, INVLPG, MONITOR, VMREAD, etc.
• Exceptions
• Triple Faults
• External Interrupts
• Non-Maskable Interrupts
VM Exits in VMX Non-Root Operation
• Some instructions cause VM-exit unconditionally• e.g. CPUID, INVD, XSETBV, INVEPT, VMCLEAR, VMLAUNCH, etc.
• Some instructions cause VM-exit conditionally based on VM-execution control settings in VMCS• e.g. HLT, INVLPG, MONITOR, VMREAD, etc.
• Exceptions
• Triple Faults
• External Interrupts
• Non-Maskable Interruptsand more…
References
• Intel 64 and IA-32 Architectures Software Developer’s Manual Volume 3
• Understanding Intel Virtualization Technology (Power point presentation) by Narendar B. Sahgal and Dion Rodgers
• Understanding Full Virtualization, Paravirtualization and Hardware-assist by VMware