SlideShare uma empresa Scribd logo

Hardware support for efficient virtualization

Transferir como PPTX, PDF
Lennox Wu
Lennox Wu

Hardware support for efficient virtualization

Tecnologia
1 de 53
HARDWARE SUPPORT FOR EFFICIENT VIRTUALIZATION Lennox Wu 1
Outline • Classifications • Processor virtualization Two main Software-based solutions • Challenges to virtualize Intel x86(software-only) • Hardware-based Virtualization • Intel VT-x : x86 • Intel VT-I :Itanium (X) • Intel EPT/AMD NPT • AMD-V • Sun SPARC (X) • ARM Virtualization Extensions(X) • IBM Power(X) • • I/O virtualization • Intel VT-d • AMD IOMMU(AMD-V) • Intel VT-c • Dose these techniques work? 2
Classifications • VMM(virtual machine monitor) = hypervisor • By techniques Full Virtualization • Paravirtualization • Hardware Assisted Virtualization • • Robert P. Goldberg(Harvard University,1973) • Type 1/native/bare metal hypervisors Hypervisors run directly on the host's hardware to control the hardware and to manage guest operating systems. • Oracle VM Server for SPARC, the Citrix XenServer, KVM, VMware ESX/ESXi, and Microsoft Hyper-V hypervisor. • • Type 2/hosted hypervisors Hypervisors run within a conventional operating system environment. • VMware Workstation/player, Microsoft Virtual PC and VirtualBox • 3
TYPE1/TYPE2 hypervisors 4
PROCESSOR VIRTUALIZATION 5
Two main Software-based solutions(1) • Full virtualization using binary translation • Transforming guest OS binaries on-the-fly • • Guest applications don’t use privilege instructions Pros Support unmodified OSs (The only way of pure-software solutions) • Offer best isolation and security • Simplify migration and portability of guest OS • Cons: low performance • Examples: VMware, MS Virtual PC, Virtual box • • Disable HW virtualization 6
Full virtualization using binary translation 7
• Two main Software-based OS assisted virtualization or paravirtualization solutions(2) guest OSs help the VMM OS assisted virtualization • • • paravirtualization refers to communication between the guest OS and the VMM to improve performance and efficiency Modify the guest OS to cooperate with the VMM • Modify the OS kernel to replace non-virtualizable instructions with hypercalls(the functions provided by the VMM) Pros: Offer higher performance • Cons: Need the source code of an OS • Example: Xen, KVM(*), VMware(*) • (*) Vmware tool uses some paravirtualization techniques • optimize virtual device drivers • time synchronization • logging and guest shutdown. • Vmxnet is a paravirtualized I/O device driver • 8
OS assisted virtualization or paravirtualization 9
KVM KVM 10
Challenges to virtualize Intel x86(software-only)(1/3) • Ring Aliasing • Guest-OSes run at the Ring3 • • Original: OS:Ring 0, APP:Ring 3 (Ring0>ring3) A guest OS can know its run level • Address-Space Compression VMM must use some of the guest’s virtual-address space to manage transition between guest OS and VMM • VMM’s address spaces must be protected • • Guest could detect that it is running in a VM 11
Challenges to virtualize Intel x86(software-only)(2/3) • Non-Faulting Access to Privileged State • Some instructions should be intercepted by VMM do not involve faults • Adverse Impact on Guest System Calls • VMM must emulate every system calls • Interrupt Virtualization A VMM may manage external interrupts and deny guest to control interrupt masking • Some OS frequently mask and unmask • • VMM must process these requests. 12
Challenges to virtualize Intel x86(software-only) (3/3) • Ring Compression • Guest OS runs at the same privilege level as applications • The guest OS can’t protect guest applications • Frequent Access to Privileged Resources • VMM should deny the accesses • Address translation • Guest OS doesn’t know the physical address, so the VMM must intercepted guest page table updates 13
Intel VT-x overview(1/4) • VT=virtualization technology • Two new form of CPU operation VMX root operation : for VMM • VMX non-root operation: for guest-software • Both forms of operation support all four privilege levels(Ring0~Ring3) • • Guest OS can run at its intended privilege level 14
Two new form of CPU operation 15
Intel VT-x overview(2/4) • Two new transitions • VM entry • VMX root operation (VMM) non-root operation(VM) • VM exit • VMX non-root operation (VM) root operation (VMM) • Under VMX non-root operation, many instructions/events cause VM exits • configurable 16
Intel VT-x overview(3/4) • VMCS (Virtual Machine Control Structure) A new data structure includes guest-state area and host-state area • VM entry: load the guest-state area and save the host-state area • VM exit : load the host-state area and save the guest-state area • The exiting conditions controlled by the VM-execution fields • Switch the structure will switch the address space • 17
Intel VT-x overview(4/4) • VMCS supports interrupt virtualization • Determine the conditions of VM to cause VM exit • • • • • All interrupt Whenever guest OS is ready to receive interrupts Which exception? Which port access attempts? Which Model Specific Register access attempts? 18
Intel EPT / AMD NPT(1) • EPT (Extended Page Tables) • • “EPT provides performance gains of up to 48% for MMU-intensive benchmarks and up to 600% for MMU-intensive microbenchmarks.” – VMware AMD’s nested page table (NPT) is similar to EPT • A.k.a Rapid Virtualization Indexing (RVI) • “RVI provides performance gains of up to 42% for MMU-intensive benchmarks and up to 500% for MMU-intensive microbenchmarks.” -VMware 19
Intel EPT / AMD NPT(2) • Software MMU (software-only) Hardware uses the shadow page table • VMM must maintain the shadow page table • 20
Intelmaintains guest page tables EPT / AMD NPT(3) Guest-OS • Hardware MMU • VMM maintains PPN->MPN mappings in an additional level of page tables • The hardware will find the LPN->MPN with the two pages • 21
AMD-V(1/2) • Tagged TLB Add the ASID • Hardware features that facilitate efficient switching between virtual machines for better application responsiveness • • Two new form of CPU operation Host mode : for VMM (similar to Intel’s VMX root operation) • Guest mode : for guest software (similar to Intel’s VMX non-root operation) • new instructions • • • • • vmrun : host mode  guest mode exit : guest mode  host mode vmcall: it lets the operating system and VMM communicate directly A new structure • Virtual Machine Control Block (VMCB) • Similar to Intel’s VMCS 22
AMD-V(2/2) • Nested page table (NPT)/ Rapid Virtualization Indexing (RVI) • VMM migration • Use the CPUID to identify the ability of the processor where the VMM runs, and the VMM use the supported functions. 23
Hardware-base solution with VTx(1/2) • Address-Space Compression • VM Exits / VM Entries change the linear address space • Ring Aliasing • & Ring Compression VT-x allows guest OS to run at its intended privilege level • Nonfaulting Access to Privileged State Either causes transition to VMM • Or becomes unimportant to VMM • 24
Hardware-base solution with VTx(2/2) • Guest System Calls • a guest OS can run at privilege level 0 • Frequent Access to Privileged Resources • VT-x provides TPR shadow. VMM is only involved when the value drops below the threshold VMM only processes the situation it cares. 25
Hardware Assisted Virtualization of x86 26
I/O VIRTUALIZATION 27
Current I/O virtualization techniques • Emulation The VMM supports virtual devices that guest OS can recognize • The virtual device models are responsible to translate commands and data. • Pros. No requirement to modify guest-OSs • Cons. Low performance • • Paravirtualization Modify the guest software (driver)to enhance the performance • Pros. better performance • Cons. Limited applicability. (modify need the source code) • • Direct assignment Bind a specify device to a VM • VMM allow the owning VM to connect directly • Issue command (go) low overhead • DMA? (back) • 28
DMA on a virtualizing system • DMA Driver issue a packet consists of command, physical address, etc. • DMA controller read/write data from/to the physical address • Challenge? • A physical address that a Guest-OS knows is not really physical ! • The really physical address space is managed by the VMM • The DMA controller will incorrectly write data to an address. • 29
Intel VT-d(1/2) • Need the support of the North bridge • Two functions • Bind devices to a specify VM • • DMA remapping Interrupt virtualization • Interrupt remapping • DMA remapping DVA (DMA Virtual Address), GPA(Guest Physical Address), HPA(Host Physical Address) • A guest-OS issue a DMA request with DVA(=GPA) • The VT-d hardware will translate the DVA to HPA • • The concept: lookup tables 30
DMA remapping 31
Intel VT-d (2/2) • Interrupt Remapping • Assign an interrupt attribute • • Destination processor, vector, etc. A VMM enables the interrupt requests from the I/O device to target the physical CPUs running the appropriate virtual CPUs of the legacy VM • AMD IOMMU is similar to Intel VT-d 32
Intel VT-c • Virtualization Technology for Connectivity • Virtualization on devices • A collection of technologies that improve the performance of network I/O on a virtualized system • VT-c is comprised of two components • VMDq (Virtual Machine Device Queues) A hardware-base enhancement • Target: throughput • • VMDc (Virtual Machine Direct Connect) Virtualizing physical I/O ports of a network controller into multiple virtual I/O ports, and then to map the virtual ports to individual VMs • Target :VT-x + VT-d + VT-c  nearly native performance • 33
Why VMDq? 34
35
VMDc 36
DO THESE TECHNIQUES WORK? 37
Ubuntu 11.10: Xen vs. KVM vs. VirtualBox(1) 38
Ubuntu 11.10: Xen vs. KVM vs. VirtualBox(2) 39
Ubuntu 11.10: Xen vs. KVM vs. VirtualBox(3) 40
Ubuntu 12.10: KVM vs. Xen (1) 41
Ubuntu 12.10: KVM vs. Xen (2) 42
Ubuntu 12.10: KVM vs. Xen (3) 43
Ubuntu 12.10: KVM vs. Xen (4) 44
Ubuntu 12.04 KVM/Xen Virtualization: Intel vs. AMD(1) • Ubuntu 12.04 LTS, an Intel Core i7 3960X "Sandy Bridge" Extreme Edition and AMD FX-8150 "Bulldozer" systems were used. 45
Ubuntu 12.04 KVM/Xen Virtualization: Intel vs. AMD(2) 46
Intel Ivy Bridge Linux Virtualization Performance(1) 47
Intel Ivy Bridge Linux Virtualization Performance(2) 48
Summarization of Hardware Assisted Virtualization • Hardware provides some mechanisms to reduce overheads of virtualization to improve performance • Pros. The highest performance in theory (a counter example, 2006 VMware) • Support unmodified Oss • Simplify the development of VMM • • Cons. • Need newer processors • Example • KVM(basic requirements) 49
References • Performance Evaluation of Intel EPT Hardware Assist, VMware • I/O Virtualization and AMD's IOMMU • • Processor-Based Virtualization, AMD64 Style, Part I • • http://developer.amd.com/documentation/articles/pages/630200614.aspx Processor-Based Virtualization, AMD64 Style, Part II • • http://developer.amd.com/documentation/articles/pages/892006101.aspx http://developer.amd.com/documentation/articles/pages/630200615.aspx Intel technology Journal, vol 10, issue 3, 2006 Intel virtualization technology: Hardware Support for Efficient processor virtualization • Intel virtualization technology for Directed I/O • • ARM virtualization Extension Architecture Specification • A Comparison of software and hardware techniques for x86 virtualization,Vmware • http://www.intel.com/network/connectivity/solutions/vmdc.htm • http://www.intel.com/network/connectivity/solutions/vmdq.htm • http://software.intel.com/en-us/blogs/2009/09/30/understanding-vt-c-virtualizationtechnology-for-connectivity/ 50
References • Ubuntu 11.10: Xen vs. KVM vs. VirtualBox http://www.phoronix.com/scan.php?page=article&item=ubuntu_11 10_xenkvm&num=1 • Ubuntu 12.04 KVM/Xen Virtualization: Intel vs. AMD http://www.phoronix.com/scan.php?page=article&item=ubuntu_12 04_virt&num=1 • Intel Ivy Bridge Linux Virtualization Performance http://www.phoronix.com/scan.php?page=article&item=intel_iv y_virtualization&num=5 • http://en.wikipedia.org/wiki/Hypervisor 51
Q&A 52
THANK YOU 53

Recomendados

Hardware supports for Virtualization
Hardware supports for VirtualizationHardware supports for Virtualization
Hardware supports for VirtualizationYoonje Choi
 
Memory Virtualization
Memory VirtualizationMemory Virtualization
Memory VirtualizationTsuyoshi OZAWA
 
Scheduler Support for Video-oriented Multimedia on Client-side Virtualization
Scheduler Support for Video-oriented Multimedia on Client-side VirtualizationScheduler Support for Video-oriented Multimedia on Client-side Virtualization
Scheduler Support for Video-oriented Multimedia on Client-side VirtualizationHwanju Kim
 
Hypervisor seminar
Hypervisor seminarHypervisor seminar
Hypervisor seminar용환 노
 
Virtualization Basics
Virtualization BasicsVirtualization Basics
Virtualization BasicsSrikantMishra12
 
Virtualization basics
Virtualization basics Virtualization basics
Virtualization basics Chandrani Ray Chowdhury
 
3. CPU virtualization and scheduling
3. CPU virtualization and scheduling3. CPU virtualization and scheduling
3. CPU virtualization and schedulingHwanju Kim
 
2. OS vs. VMM
2. OS vs. VMM2. OS vs. VMM
2. OS vs. VMMHwanju Kim
 

Recomendados

Hardware supports for Virtualization
Hardware supports for VirtualizationHardware supports for Virtualization
Hardware supports for VirtualizationYoonje Choi
 
Memory Virtualization
Memory VirtualizationMemory Virtualization
Memory VirtualizationTsuyoshi OZAWA
 
Scheduler Support for Video-oriented Multimedia on Client-side Virtualization
Scheduler Support for Video-oriented Multimedia on Client-side VirtualizationScheduler Support for Video-oriented Multimedia on Client-side Virtualization
Scheduler Support for Video-oriented Multimedia on Client-side VirtualizationHwanju Kim
 
Hypervisor seminar
Hypervisor seminarHypervisor seminar
Hypervisor seminar용환 노
 
Virtualization Basics
Virtualization BasicsVirtualization Basics
Virtualization BasicsSrikantMishra12
 
Virtualization basics
Virtualization basics Virtualization basics
Virtualization basics Chandrani Ray Chowdhury
 
3. CPU virtualization and scheduling
3. CPU virtualization and scheduling3. CPU virtualization and scheduling
3. CPU virtualization and schedulingHwanju Kim
 
2. OS vs. VMM
2. OS vs. VMM2. OS vs. VMM
2. OS vs. VMMHwanju Kim
 
Hypervisors and Virtualization - VMware, Hyper-V, XenServer, and KVM
Hypervisors and Virtualization - VMware, Hyper-V, XenServer, and KVMHypervisors and Virtualization - VMware, Hyper-V, XenServer, and KVM
Hypervisors and Virtualization - VMware, Hyper-V, XenServer, and KVMvwchu
 
XS Oracle 2009 Error Detection
XS Oracle 2009 Error DetectionXS Oracle 2009 Error Detection
XS Oracle 2009 Error DetectionThe Linux Foundation
 
XS Boston 2008 Fault Tolerance
XS Boston 2008 Fault ToleranceXS Boston 2008 Fault Tolerance
XS Boston 2008 Fault ToleranceThe Linux Foundation
 
Cloud.pptm
Cloud.pptmCloud.pptm
Cloud.pptmMayank Chaudhari
 
Introduction - vSphere Storage Appliance
Introduction - vSphere Storage ApplianceIntroduction - vSphere Storage Appliance
Introduction - vSphere Storage ApplianceEric Sloof
 
XS Boston 2008 OVF
XS Boston 2008 OVFXS Boston 2008 OVF
XS Boston 2008 OVFThe Linux Foundation
 
FDM webinar v2.1
FDM webinar v2.1FDM webinar v2.1
FDM webinar v2.1Jose Fernando Tucci
 
ARM Architecture-based System Virtualization: Xen ARM open source software pr...
ARM Architecture-based System Virtualization: Xen ARM open source software pr...ARM Architecture-based System Virtualization: Xen ARM open source software pr...
ARM Architecture-based System Virtualization: Xen ARM open source software pr...The Linux Foundation
 
Windows Server 2012 Virtualization: Notes from the Field
Windows Server 2012 Virtualization: Notes from the FieldWindows Server 2012 Virtualization: Notes from the Field
Windows Server 2012 Virtualization: Notes from the FieldMicrosoft TechNet - Belgium and Luxembourg
 
Project ACRN hypervisor introduction
Project ACRN hypervisor introduction Project ACRN hypervisor introduction
Project ACRN hypervisor introduction Project ACRN
 
ACRN vMeet-Up EU 2021 - debug ACRN hypervisor
ACRN vMeet-Up EU 2021 - debug ACRN hypervisorACRN vMeet-Up EU 2021 - debug ACRN hypervisor
ACRN vMeet-Up EU 2021 - debug ACRN hypervisorProject ACRN
 
XS Boston 2008 Malware & Training
XS Boston 2008 Malware & TrainingXS Boston 2008 Malware & Training
XS Boston 2008 Malware & TrainingThe Linux Foundation
 
Virtualization
VirtualizationVirtualization
VirtualizationEdris Nasihat Kon
 
Usenix Invited Talk
Usenix Invited TalkUsenix Invited Talk
Usenix Invited Talkwebhostingguy
 
ACRN vMeet-Up EU 2021 - functional safety design and certification plan
ACRN vMeet-Up EU 2021 - functional safety design and certification planACRN vMeet-Up EU 2021 - functional safety design and certification plan
ACRN vMeet-Up EU 2021 - functional safety design and certification planProject ACRN
 
Hypervisors
HypervisorsHypervisors
HypervisorsSrikantMishra12
 
2014.08.30 Virtual Machine Threat 세미나
2014.08.30 Virtual Machine Threat 세미나2014.08.30 Virtual Machine Threat 세미나
2014.08.30 Virtual Machine Threat 세미나용환 노
 
XPDDS18: The Evolution of Virtualization in the Arm Architecture - Julien Gra...
XPDDS18: The Evolution of Virtualization in the Arm Architecture - Julien Gra...XPDDS18: The Evolution of Virtualization in the Arm Architecture - Julien Gra...
XPDDS18: The Evolution of Virtualization in the Arm Architecture - Julien Gra...The Linux Foundation
 
Xen Memory Management
Xen Memory ManagementXen Memory Management
Xen Memory ManagementThe Linux Foundation
 
Rootlinux17: Hypervisors on ARM - Overview and Design Choices by Julien Grall...
Rootlinux17: Hypervisors on ARM - Overview and Design Choices by Julien Grall...Rootlinux17: Hypervisors on ARM - Overview and Design Choices by Julien Grall...
Rootlinux17: Hypervisors on ARM - Overview and Design Choices by Julien Grall...The Linux Foundation
 
17-virtualization.pptx
17-virtualization.pptx17-virtualization.pptx
17-virtualization.pptxKowsalyaJayakumar2
 
5. IO virtualization
5. IO virtualization5. IO virtualization
5. IO virtualizationHwanju Kim
 

Mais conteúdo relacionado

Mais procurados

Hypervisors and Virtualization - VMware, Hyper-V, XenServer, and KVM
Hypervisors and Virtualization - VMware, Hyper-V, XenServer, and KVMHypervisors and Virtualization - VMware, Hyper-V, XenServer, and KVM
Hypervisors and Virtualization - VMware, Hyper-V, XenServer, and KVMvwchu
 
Introduction - vSphere Storage Appliance
Introduction - vSphere Storage ApplianceIntroduction - vSphere Storage Appliance
Introduction - vSphere Storage ApplianceEric Sloof
 
ARM Architecture-based System Virtualization: Xen ARM open source software pr...
ARM Architecture-based System Virtualization: Xen ARM open source software pr...ARM Architecture-based System Virtualization: Xen ARM open source software pr...
ARM Architecture-based System Virtualization: Xen ARM open source software pr...The Linux Foundation
 
Project ACRN hypervisor introduction
Project ACRN hypervisor introduction Project ACRN hypervisor introduction
Project ACRN hypervisor introduction Project ACRN
 
ACRN vMeet-Up EU 2021 - debug ACRN hypervisor
ACRN vMeet-Up EU 2021 - debug ACRN hypervisorACRN vMeet-Up EU 2021 - debug ACRN hypervisor
ACRN vMeet-Up EU 2021 - debug ACRN hypervisorProject ACRN
 
ACRN vMeet-Up EU 2021 - functional safety design and certification plan
ACRN vMeet-Up EU 2021 - functional safety design and certification planACRN vMeet-Up EU 2021 - functional safety design and certification plan
ACRN vMeet-Up EU 2021 - functional safety design and certification planProject ACRN
 
2014.08.30 Virtual Machine Threat 세미나
2014.08.30 Virtual Machine Threat 세미나2014.08.30 Virtual Machine Threat 세미나
2014.08.30 Virtual Machine Threat 세미나용환 노
 
XPDDS18: The Evolution of Virtualization in the Arm Architecture - Julien Gra...
XPDDS18: The Evolution of Virtualization in the Arm Architecture - Julien Gra...XPDDS18: The Evolution of Virtualization in the Arm Architecture - Julien Gra...
XPDDS18: The Evolution of Virtualization in the Arm Architecture - Julien Gra...The Linux Foundation
 
Rootlinux17: Hypervisors on ARM - Overview and Design Choices by Julien Grall...
Rootlinux17: Hypervisors on ARM - Overview and Design Choices by Julien Grall...Rootlinux17: Hypervisors on ARM - Overview and Design Choices by Julien Grall...
Rootlinux17: Hypervisors on ARM - Overview and Design Choices by Julien Grall...The Linux Foundation
 

Mais procurados (20)

Hypervisors and Virtualization - VMware, Hyper-V, XenServer, and KVM
Hypervisors and Virtualization - VMware, Hyper-V, XenServer, and KVMHypervisors and Virtualization - VMware, Hyper-V, XenServer, and KVM
Hypervisors and Virtualization - VMware, Hyper-V, XenServer, and KVM
 
XS Oracle 2009 Error Detection
XS Oracle 2009 Error DetectionXS Oracle 2009 Error Detection
XS Oracle 2009 Error Detection
 
XS Boston 2008 Fault Tolerance
XS Boston 2008 Fault ToleranceXS Boston 2008 Fault Tolerance
XS Boston 2008 Fault Tolerance
 
Cloud.pptm
Cloud.pptmCloud.pptm
Cloud.pptm
 
Introduction - vSphere Storage Appliance
Introduction - vSphere Storage ApplianceIntroduction - vSphere Storage Appliance
Introduction - vSphere Storage Appliance
 
XS Boston 2008 OVF
XS Boston 2008 OVFXS Boston 2008 OVF
XS Boston 2008 OVF
 
FDM webinar v2.1
FDM webinar v2.1FDM webinar v2.1
FDM webinar v2.1
 
ARM Architecture-based System Virtualization: Xen ARM open source software pr...
ARM Architecture-based System Virtualization: Xen ARM open source software pr...ARM Architecture-based System Virtualization: Xen ARM open source software pr...
ARM Architecture-based System Virtualization: Xen ARM open source software pr...
 
Windows Server 2012 Virtualization: Notes from the Field
Windows Server 2012 Virtualization: Notes from the FieldWindows Server 2012 Virtualization: Notes from the Field
Windows Server 2012 Virtualization: Notes from the Field
 
Project ACRN hypervisor introduction
Project ACRN hypervisor introduction Project ACRN hypervisor introduction
Project ACRN hypervisor introduction
 
ACRN vMeet-Up EU 2021 - debug ACRN hypervisor
ACRN vMeet-Up EU 2021 - debug ACRN hypervisorACRN vMeet-Up EU 2021 - debug ACRN hypervisor
ACRN vMeet-Up EU 2021 - debug ACRN hypervisor
 
XS Boston 2008 Malware & Training
XS Boston 2008 Malware & TrainingXS Boston 2008 Malware & Training
XS Boston 2008 Malware & Training
 
Virtualization
VirtualizationVirtualization
Virtualization
 
Usenix Invited Talk
Usenix Invited TalkUsenix Invited Talk
Usenix Invited Talk
 
ACRN vMeet-Up EU 2021 - functional safety design and certification plan
ACRN vMeet-Up EU 2021 - functional safety design and certification planACRN vMeet-Up EU 2021 - functional safety design and certification plan
ACRN vMeet-Up EU 2021 - functional safety design and certification plan
 
Hypervisors
HypervisorsHypervisors
Hypervisors
 
2014.08.30 Virtual Machine Threat 세미나
2014.08.30 Virtual Machine Threat 세미나2014.08.30 Virtual Machine Threat 세미나
2014.08.30 Virtual Machine Threat 세미나
 
XPDDS18: The Evolution of Virtualization in the Arm Architecture - Julien Gra...
XPDDS18: The Evolution of Virtualization in the Arm Architecture - Julien Gra...XPDDS18: The Evolution of Virtualization in the Arm Architecture - Julien Gra...
XPDDS18: The Evolution of Virtualization in the Arm Architecture - Julien Gra...
 
Xen Memory Management
Xen Memory ManagementXen Memory Management
Xen Memory Management
 
Rootlinux17: Hypervisors on ARM - Overview and Design Choices by Julien Grall...
Rootlinux17: Hypervisors on ARM - Overview and Design Choices by Julien Grall...Rootlinux17: Hypervisors on ARM - Overview and Design Choices by Julien Grall...
Rootlinux17: Hypervisors on ARM - Overview and Design Choices by Julien Grall...
 

Semelhante a Hardware support for efficient virtualization

5. IO virtualization
5. IO virtualization5. IO virtualization
5. IO virtualizationHwanju Kim
 
AsiaBSDCon2023 - Hardening Emulated Devices in OpenBSD’s vmd(8) Hypervisor
AsiaBSDCon2023 - Hardening Emulated Devices in OpenBSD’s vmd(8) HypervisorAsiaBSDCon2023 - Hardening Emulated Devices in OpenBSD’s vmd(8) Hypervisor
AsiaBSDCon2023 - Hardening Emulated Devices in OpenBSD’s vmd(8) HypervisorDave Voutila
 
Virtualization Technology Overview
Virtualization Technology OverviewVirtualization Technology Overview
Virtualization Technology OverviewOpenCity Community
 
Virtualization Primer for Java Developers
Virtualization Primer for Java DevelopersVirtualization Primer for Java Developers
Virtualization Primer for Java DevelopersRichard McDougall
 
Virtualization support by intel
Virtualization support by intelVirtualization support by intel
Virtualization support by intelInzemamul Haque
 
Implementing SR-IOv failover for Windows guests during live migration
Implementing SR-IOv failover for Windows guests during live migrationImplementing SR-IOv failover for Windows guests during live migration
Implementing SR-IOv failover for Windows guests during live migrationYan Vugenfirer
 
Project ACRN Device Passthrough Introduction
Project ACRN Device Passthrough IntroductionProject ACRN Device Passthrough Introduction
Project ACRN Device Passthrough IntroductionProject ACRN
 
Embedded Systems Conference 2014 Presentation
Embedded Systems Conference 2014 PresentationEmbedded Systems Conference 2014 Presentation
Embedded Systems Conference 2014 PresentationManish Jaggi
 
Virtualization in cloud
Virtualization in cloudVirtualization in cloud
Virtualization in cloudAshok Kumar
 
Cloud Computing Virtualization and containers
Cloud Computing Virtualization and containersCloud Computing Virtualization and containers
Cloud Computing Virtualization and containersSelvaraj Kesavan
 
Hypervisor Framework
Hypervisor FrameworkHypervisor Framework
Hypervisor FrameworkEdgar Barbosa
 
What's new in System Center 2012 R2: Virtual Machine Manager
What's new in System Center 2012 R2: Virtual Machine ManagerWhat's new in System Center 2012 R2: Virtual Machine Manager
What's new in System Center 2012 R2: Virtual Machine ManagerTomica Kaniski
 
Virtualization 101 - DeepDive
Virtualization 101 - DeepDiveVirtualization 101 - DeepDive
Virtualization 101 - DeepDiveAmit Agarwal
 
Introduction to failover clustering with sql server
Introduction to failover clustering with sql serverIntroduction to failover clustering with sql server
Introduction to failover clustering with sql serverEduardo Castro
 

Semelhante a Hardware support for efficient virtualization (20)

17-virtualization.pptx
17-virtualization.pptx17-virtualization.pptx
17-virtualization.pptx
 
5. IO virtualization
5. IO virtualization5. IO virtualization
5. IO virtualization
 
AsiaBSDCon2023 - Hardening Emulated Devices in OpenBSD’s vmd(8) Hypervisor
AsiaBSDCon2023 - Hardening Emulated Devices in OpenBSD’s vmd(8) HypervisorAsiaBSDCon2023 - Hardening Emulated Devices in OpenBSD’s vmd(8) Hypervisor
AsiaBSDCon2023 - Hardening Emulated Devices in OpenBSD’s vmd(8) Hypervisor
 
003-vmm.pptx
003-vmm.pptx003-vmm.pptx
003-vmm.pptx
 
virtual machine.ppt
virtual machine.pptvirtual machine.ppt
virtual machine.ppt
 
Server virtualization
Server virtualizationServer virtualization
Server virtualization
 
Hypervisors
HypervisorsHypervisors
Hypervisors
 
Virtualization Technology Overview
Virtualization Technology OverviewVirtualization Technology Overview
Virtualization Technology Overview
 
Virtualization Primer for Java Developers
Virtualization Primer for Java DevelopersVirtualization Primer for Java Developers
Virtualization Primer for Java Developers
 
Virtualization support by intel
Virtualization support by intelVirtualization support by intel
Virtualization support by intel
 
Implementing SR-IOv failover for Windows guests during live migration
Implementing SR-IOv failover for Windows guests during live migrationImplementing SR-IOv failover for Windows guests during live migration
Implementing SR-IOv failover for Windows guests during live migration
 
Project ACRN Device Passthrough Introduction
Project ACRN Device Passthrough IntroductionProject ACRN Device Passthrough Introduction
Project ACRN Device Passthrough Introduction
 
Embedded Systems Conference 2014 Presentation
Embedded Systems Conference 2014 PresentationEmbedded Systems Conference 2014 Presentation
Embedded Systems Conference 2014 Presentation
 
Virtualization in cloud
Virtualization in cloudVirtualization in cloud
Virtualization in cloud
 
Cloud Computing Virtualization and containers
Cloud Computing Virtualization and containersCloud Computing Virtualization and containers
Cloud Computing Virtualization and containers
 
Hypervisor Framework
Hypervisor FrameworkHypervisor Framework
Hypervisor Framework
 
What's new in System Center 2012 R2: Virtual Machine Manager
What's new in System Center 2012 R2: Virtual Machine ManagerWhat's new in System Center 2012 R2: Virtual Machine Manager
What's new in System Center 2012 R2: Virtual Machine Manager
 
Virtualization 101 - DeepDive
Virtualization 101 - DeepDiveVirtualization 101 - DeepDive
Virtualization 101 - DeepDive
 
Wirelessconnect
WirelessconnectWirelessconnect
Wirelessconnect
 
Introduction to failover clustering with sql server
Introduction to failover clustering with sql serverIntroduction to failover clustering with sql server
Introduction to failover clustering with sql server
 

Último

My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfSeasiaInfotech2
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Wonjun Hwang
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 

Último (20)

My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
The Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdfThe Future of Software Development - Devin AI Innovative Approach.pdf
The Future of Software Development - Devin AI Innovative Approach.pdf
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 

Hardware support for efficient virtualization

  • 2. Outline • Classifications • Processor virtualization Two main Software-based solutions • Challenges to virtualize Intel x86(software-only) • Hardware-based Virtualization • Intel VT-x : x86 • Intel VT-I :Itanium (X) • Intel EPT/AMD NPT • AMD-V • Sun SPARC (X) • ARM Virtualization Extensions(X) • IBM Power(X) • • I/O virtualization • Intel VT-d • AMD IOMMU(AMD-V) • Intel VT-c • Dose these techniques work? 2
  • 3. Classifications • VMM(virtual machine monitor) = hypervisor • By techniques Full Virtualization • Paravirtualization • Hardware Assisted Virtualization • • Robert P. Goldberg(Harvard University,1973) • Type 1/native/bare metal hypervisors Hypervisors run directly on the host's hardware to control the hardware and to manage guest operating systems. • Oracle VM Server for SPARC, the Citrix XenServer, KVM, VMware ESX/ESXi, and Microsoft Hyper-V hypervisor. • • Type 2/hosted hypervisors Hypervisors run within a conventional operating system environment. • VMware Workstation/player, Microsoft Virtual PC and VirtualBox • 3
  • 6. Two main Software-based solutions(1) • Full virtualization using binary translation • Transforming guest OS binaries on-the-fly • • Guest applications don’t use privilege instructions Pros Support unmodified OSs (The only way of pure-software solutions) • Offer best isolation and security • Simplify migration and portability of guest OS • Cons: low performance • Examples: VMware, MS Virtual PC, Virtual box • • Disable HW virtualization 6
  • 7. Full virtualization using binary translation 7
  • 8. • Two main Software-based OS assisted virtualization or paravirtualization solutions(2) guest OSs help the VMM OS assisted virtualization • • • paravirtualization refers to communication between the guest OS and the VMM to improve performance and efficiency Modify the guest OS to cooperate with the VMM • Modify the OS kernel to replace non-virtualizable instructions with hypercalls(the functions provided by the VMM) Pros: Offer higher performance • Cons: Need the source code of an OS • Example: Xen, KVM(*), VMware(*) • (*) Vmware tool uses some paravirtualization techniques • optimize virtual device drivers • time synchronization • logging and guest shutdown. • Vmxnet is a paravirtualized I/O device driver • 8
  • 9. OS assisted virtualization or paravirtualization 9
  • 11. Challenges to virtualize Intel x86(software-only)(1/3) • Ring Aliasing • Guest-OSes run at the Ring3 • • Original: OS:Ring 0, APP:Ring 3 (Ring0>ring3) A guest OS can know its run level • Address-Space Compression VMM must use some of the guest’s virtual-address space to manage transition between guest OS and VMM • VMM’s address spaces must be protected • • Guest could detect that it is running in a VM 11
  • 12. Challenges to virtualize Intel x86(software-only)(2/3) • Non-Faulting Access to Privileged State • Some instructions should be intercepted by VMM do not involve faults • Adverse Impact on Guest System Calls • VMM must emulate every system calls • Interrupt Virtualization A VMM may manage external interrupts and deny guest to control interrupt masking • Some OS frequently mask and unmask • • VMM must process these requests. 12
  • 13. Challenges to virtualize Intel x86(software-only) (3/3) • Ring Compression • Guest OS runs at the same privilege level as applications • The guest OS can’t protect guest applications • Frequent Access to Privileged Resources • VMM should deny the accesses • Address translation • Guest OS doesn’t know the physical address, so the VMM must intercepted guest page table updates 13
  • 14. Intel VT-x overview(1/4) • VT=virtualization technology • Two new form of CPU operation VMX root operation : for VMM • VMX non-root operation: for guest-software • Both forms of operation support all four privilege levels(Ring0~Ring3) • • Guest OS can run at its intended privilege level 14
  • 15. Two new form of CPU operation 15
  • 16. Intel VT-x overview(2/4) • Two new transitions • VM entry • VMX root operation (VMM) non-root operation(VM) • VM exit • VMX non-root operation (VM) root operation (VMM) • Under VMX non-root operation, many instructions/events cause VM exits • configurable 16
  • 17. Intel VT-x overview(3/4) • VMCS (Virtual Machine Control Structure) A new data structure includes guest-state area and host-state area • VM entry: load the guest-state area and save the host-state area • VM exit : load the host-state area and save the guest-state area • The exiting conditions controlled by the VM-execution fields • Switch the structure will switch the address space • 17
  • 18. Intel VT-x overview(4/4) • VMCS supports interrupt virtualization • Determine the conditions of VM to cause VM exit • • • • • All interrupt Whenever guest OS is ready to receive interrupts Which exception? Which port access attempts? Which Model Specific Register access attempts? 18
  • 19. Intel EPT / AMD NPT(1) • EPT (Extended Page Tables) • • “EPT provides performance gains of up to 48% for MMU-intensive benchmarks and up to 600% for MMU-intensive microbenchmarks.” – VMware AMD’s nested page table (NPT) is similar to EPT • A.k.a Rapid Virtualization Indexing (RVI) • “RVI provides performance gains of up to 42% for MMU-intensive benchmarks and up to 500% for MMU-intensive microbenchmarks.” -VMware 19
  • 20. Intel EPT / AMD NPT(2) • Software MMU (software-only) Hardware uses the shadow page table • VMM must maintain the shadow page table • 20
  • 21. Intelmaintains guest page tables EPT / AMD NPT(3) Guest-OS • Hardware MMU • VMM maintains PPN->MPN mappings in an additional level of page tables • The hardware will find the LPN->MPN with the two pages • 21
  • 22. AMD-V(1/2) • Tagged TLB Add the ASID • Hardware features that facilitate efficient switching between virtual machines for better application responsiveness • • Two new form of CPU operation Host mode : for VMM (similar to Intel’s VMX root operation) • Guest mode : for guest software (similar to Intel’s VMX non-root operation) • new instructions • • • • • vmrun : host mode  guest mode exit : guest mode  host mode vmcall: it lets the operating system and VMM communicate directly A new structure • Virtual Machine Control Block (VMCB) • Similar to Intel’s VMCS 22
  • 23. AMD-V(2/2) • Nested page table (NPT)/ Rapid Virtualization Indexing (RVI) • VMM migration • Use the CPUID to identify the ability of the processor where the VMM runs, and the VMM use the supported functions. 23
  • 24. Hardware-base solution with VTx(1/2) • Address-Space Compression • VM Exits / VM Entries change the linear address space • Ring Aliasing • & Ring Compression VT-x allows guest OS to run at its intended privilege level • Nonfaulting Access to Privileged State Either causes transition to VMM • Or becomes unimportant to VMM • 24
  • 25. Hardware-base solution with VTx(2/2) • Guest System Calls • a guest OS can run at privilege level 0 • Frequent Access to Privileged Resources • VT-x provides TPR shadow. VMM is only involved when the value drops below the threshold VMM only processes the situation it cares. 25
  • 28. Current I/O virtualization techniques • Emulation The VMM supports virtual devices that guest OS can recognize • The virtual device models are responsible to translate commands and data. • Pros. No requirement to modify guest-OSs • Cons. Low performance • • Paravirtualization Modify the guest software (driver)to enhance the performance • Pros. better performance • Cons. Limited applicability. (modify need the source code) • • Direct assignment Bind a specify device to a VM • VMM allow the owning VM to connect directly • Issue command (go) low overhead • DMA? (back) • 28
  • 29. DMA on a virtualizing system • DMA Driver issue a packet consists of command, physical address, etc. • DMA controller read/write data from/to the physical address • Challenge? • A physical address that a Guest-OS knows is not really physical ! • The really physical address space is managed by the VMM • The DMA controller will incorrectly write data to an address. • 29
  • 30. Intel VT-d(1/2) • Need the support of the North bridge • Two functions • Bind devices to a specify VM • • DMA remapping Interrupt virtualization • Interrupt remapping • DMA remapping DVA (DMA Virtual Address), GPA(Guest Physical Address), HPA(Host Physical Address) • A guest-OS issue a DMA request with DVA(=GPA) • The VT-d hardware will translate the DVA to HPA • • The concept: lookup tables 30
  • 32. Intel VT-d (2/2) • Interrupt Remapping • Assign an interrupt attribute • • Destination processor, vector, etc. A VMM enables the interrupt requests from the I/O device to target the physical CPUs running the appropriate virtual CPUs of the legacy VM • AMD IOMMU is similar to Intel VT-d 32
  • 33. Intel VT-c • Virtualization Technology for Connectivity • Virtualization on devices • A collection of technologies that improve the performance of network I/O on a virtualized system • VT-c is comprised of two components • VMDq (Virtual Machine Device Queues) A hardware-base enhancement • Target: throughput • • VMDc (Virtual Machine Direct Connect) Virtualizing physical I/O ports of a network controller into multiple virtual I/O ports, and then to map the virtual ports to individual VMs • Target :VT-x + VT-d + VT-c  nearly native performance • 33
  • 35. 35
  • 38. Ubuntu 11.10: Xen vs. KVM vs. VirtualBox(1) 38
  • 39. Ubuntu 11.10: Xen vs. KVM vs. VirtualBox(2) 39
  • 40. Ubuntu 11.10: Xen vs. KVM vs. VirtualBox(3) 40
  • 41. Ubuntu 12.10: KVM vs. Xen (1) 41
  • 42. Ubuntu 12.10: KVM vs. Xen (2) 42
  • 43. Ubuntu 12.10: KVM vs. Xen (3) 43
  • 44. Ubuntu 12.10: KVM vs. Xen (4) 44
  • 45. Ubuntu 12.04 KVM/Xen Virtualization: Intel vs. AMD(1) • Ubuntu 12.04 LTS, an Intel Core i7 3960X "Sandy Bridge" Extreme Edition and AMD FX-8150 "Bulldozer" systems were used. 45
  • 47. Intel Ivy Bridge Linux Virtualization Performance(1) 47
  • 48. Intel Ivy Bridge Linux Virtualization Performance(2) 48
  • 49. Summarization of Hardware Assisted Virtualization • Hardware provides some mechanisms to reduce overheads of virtualization to improve performance • Pros. The highest performance in theory (a counter example, 2006 VMware) • Support unmodified Oss • Simplify the development of VMM • • Cons. • Need newer processors • Example • KVM(basic requirements) 49
  • 50. References • Performance Evaluation of Intel EPT Hardware Assist, VMware • I/O Virtualization and AMD's IOMMU • • Processor-Based Virtualization, AMD64 Style, Part I • • http://developer.amd.com/documentation/articles/pages/630200614.aspx Processor-Based Virtualization, AMD64 Style, Part II • • http://developer.amd.com/documentation/articles/pages/892006101.aspx http://developer.amd.com/documentation/articles/pages/630200615.aspx Intel technology Journal, vol 10, issue 3, 2006 Intel virtualization technology: Hardware Support for Efficient processor virtualization • Intel virtualization technology for Directed I/O • • ARM virtualization Extension Architecture Specification • A Comparison of software and hardware techniques for x86 virtualization,Vmware • http://www.intel.com/network/connectivity/solutions/vmdc.htm • http://www.intel.com/network/connectivity/solutions/vmdq.htm • http://software.intel.com/en-us/blogs/2009/09/30/understanding-vt-c-virtualizationtechnology-for-connectivity/ 50
  • 51. References • Ubuntu 11.10: Xen vs. KVM vs. VirtualBox http://www.phoronix.com/scan.php?page=article&item=ubuntu_11 10_xenkvm&num=1 • Ubuntu 12.04 KVM/Xen Virtualization: Intel vs. AMD http://www.phoronix.com/scan.php?page=article&item=ubuntu_12 04_virt&num=1 • Intel Ivy Bridge Linux Virtualization Performance http://www.phoronix.com/scan.php?page=article&item=intel_iv y_virtualization&num=5 • http://en.wikipedia.org/wiki/Hypervisor 51

Notas do Editor

  1. 按照INTEL的說法GOS該放RING3比較好, Ring Compression
  2. Hypercalls不是硬體指令,是VMM開放出來的FUNCTION,供GOS和VMM溝通(*)採用一些優點,但CODE不用改
  3. Performance of HW-based is based on techniques in 2006. Now(2012) the performance is improved! Look later slides.
  4. Ring AliasingThe problem that arise when software is run at a privilege level other than the privilege level for which it was written
  5. Adverse 不利的
  6. Ring Compression:Ring 0-2 在記憶體方面是沒區分的,為了保護VMM,GOS也要放RING3
  7. Address-Space Compression -VM Exits / VM Entries -> switch VMCS->switch address space
  8. Device 1 is binded to domain 1
  9. Switching over to the computationally-intensive tests, beginning with Google's libvpx VP8 encoding test