SlideShare a Scribd company logo

AOS Lab 11: Virtualization

Zubair Nabi
Zubair Nabi
Technology
1 of 82
Download to read offline
Lab 11: Virtualization Advanced Operating Systems Zubair Nabi zubair.nabi@itu.edu.pk April 17, 2013
Background • Years ago, IBM used to sell expensive and bulky mainframes
Background • Years ago, IBM used to sell expensive and bulky mainframes • They ran into a problem: what if organizations wanted to run different operating systems on the same machine at the same time?
Background • Years ago, IBM used to sell expensive and bulky mainframes • They ran into a problem: what if organizations wanted to run different operating systems on the same machine at the same time? • For instance, some applications have been developed on one OS and others on different ones
Background • Years ago, IBM used to sell expensive and bulky mainframes • They ran into a problem: what if organizations wanted to run different operating systems on the same machine at the same time? • For instance, some applications have been developed on one OS and others on different ones • IBM solved this by adding another level of indirection, called a virtual memory monitor or hypervisor
Virtual Memory Monitor • Sits between one or more operating systems and the hardware
Virtual Memory Monitor • Sits between one or more operating systems and the hardware • Gives the illusion to each running OS that it has full control over the hardware (A taste of its own medicine?)
Virtual Memory Monitor • Sits between one or more operating systems and the hardware • Gives the illusion to each running OS that it has full control over the hardware (A taste of its own medicine?) • Multiplexes the hardware across OSes
Virtual Memory Monitor • Sits between one or more operating systems and the hardware • Gives the illusion to each running OS that it has full control over the hardware (A taste of its own medicine?) • Multiplexes the hardware across OSes • In essence, a VMM is an OS for OSes
Advantages • Server Consolidation • In many settings, services are run on different machines
Advantages • Server Consolidation • In many settings, services are run on different machines • In some cases, these machines also run different OSes
Advantages • Server Consolidation • In many settings, services are run on different machines • In some cases, these machines also run different OSes • At the same time, the machines are underutilized
Advantages • Server Consolidation • • • • In many settings, services are run on different machines In some cases, these machines also run different OSes At the same time, the machines are underutilized Virtualization leads to consolidation by multiplexing multiple OSes over fewer physical servers
Advantages • Server Consolidation • • • • In many settings, services are run on different machines In some cases, these machines also run different OSes At the same time, the machines are underutilized Virtualization leads to consolidation by multiplexing multiple OSes over fewer physical servers • Increased Desktop Functionality • Many users wish to run one operating system
Advantages • Server Consolidation • • • • In many settings, services are run on different machines In some cases, these machines also run different OSes At the same time, the machines are underutilized Virtualization leads to consolidation by multiplexing multiple OSes over fewer physical servers • Increased Desktop Functionality • Many users wish to run one operating system • But want to have access to native applications on a different OS platform
Advantages (2) • Testing and Debugging • Code is mostly written on one main platform
Advantages (2) • Testing and Debugging • Code is mostly written on one main platform • But developers want to debug and test it on many diverse platforms
Advantages (2) • Testing and Debugging • Code is mostly written on one main platform • But developers want to debug and test it on many diverse platforms • Virtualization enables this by running mutiple OSes over a single machine
Resurgence • Resurgence took place in the 90s
Resurgence • Resurgence took place in the 90s • Primarily led by Mendel Rosenblum at Stanford
Resurgence • Resurgence took place in the 90s • Primarily led by Mendel Rosenblum at Stanford • Engineered Disco, a VMM for the MIPS processor
Resurgence • Resurgence took place in the 90s • Primarily led by Mendel Rosenblum at Stanford • Engineered Disco, a VMM for the MIPS processor • Led to VMWare (Total assets of over $8 billion)
Running a VM • Similar to running an application on top of an OS
Running a VM • Similar to running an application on top of an OS • Through limited direct execution
Running a VM • Similar to running an application on top of an OS • Through limited direct execution • Each time a new OS boots atop the VMM, jump to the address of the first instruction
Running a VM • Similar to running an application on top of an OS • Through limited direct execution • Each time a new OS boots atop the VMM, jump to the address of the first instruction • The OS starts executing
Multiplexing the CPU • Similar to a process context switch but now a VMM performs a machine switch between different VMs
Multiplexing the CPU • Similar to a process context switch but now a VMM performs a machine switch between different VMs 1 The VMM must save the entire state of one OS
Multiplexing the CPU • Similar to a process context switch but now a VMM performs a machine switch between different VMs 1 The VMM must save the entire state of one OS • This state includes registers, PC, and any privileged hardware state (not applicable to a context switch)
Multiplexing the CPU • Similar to a process context switch but now a VMM performs a machine switch between different VMs 1 The VMM must save the entire state of one OS • This state includes registers, PC, and any privileged hardware state 2 Restore the state of the to-be-run VM (not applicable to a context switch)
Multiplexing the CPU • Similar to a process context switch but now a VMM performs a machine switch between different VMs 1 The VMM must save the entire state of one OS • This state includes registers, PC, and any privileged hardware state (not applicable to a context switch) Restore the state of the to-be-run VM 3 Jump to the PC of the to-be-run VM 2
Multiplexing the CPU • Similar to a process context switch but now a VMM performs a machine switch between different VMs 1 The VMM must save the entire state of one OS • This state includes registers, PC, and any privileged hardware state (not applicable to a context switch) Restore the state of the to-be-run VM 3 Jump to the PC of the to-be-run VM • The PC may be within the OS kernel or within a process 2
Privileged Operations • Things get more interesting when the running OS tries to perform some privileged operation
Privileged Operations • Things get more interesting when the running OS tries to perform some privileged operation • For instance, on a system with a software-managed TLB, the OS uses privileged instructions to update the TLB
Privileged Operations • Things get more interesting when the running OS tries to perform some privileged operation • For instance, on a system with a software-managed TLB, the OS uses privileged instructions to update the TLB • In a virtualized environment, the OS cannot be allowed to do this
Privileged Operations • Things get more interesting when the running OS tries to perform some privileged operation • For instance, on a system with a software-managed TLB, the OS uses privileged instructions to update the TLB • In a virtualized environment, the OS cannot be allowed to do this • If it is allowed to do so, the OS will control the underlying machine rather than the VMM
Privileged Operations • Things get more interesting when the running OS tries to perform some privileged operation • For instance, on a system with a software-managed TLB, the OS uses privileged instructions to update the TLB • In a virtualized environment, the OS cannot be allowed to do this • If it is allowed to do so, the OS will control the underlying machine rather than the VMM • The VMM must intercept privileged operations from OSes and retain control of the machine
System Calls • The VMM needs to intercept all system calls, such as open(), read(), and fork()
System Calls • The VMM needs to intercept all system calls, such as open(), read(), and fork() • On physical hardware a system call is achieved through a special instruction
System Calls • The VMM needs to intercept all system calls, such as open(), read(), and fork() • On physical hardware a system call is achieved through a special instruction • trap in case of MIPS and int 0x80 in case of x86
System Calls • The VMM needs to intercept all system calls, such as open(), read(), and fork() • On physical hardware a system call is achieved through a special instruction • trap in case of MIPS and int 0x80 in case of x86 • For instance, the open() system call takes three arguments: int open(char *path, int flags, mode_t mode)
System Calls • The VMM needs to intercept all system calls, such as open(), read(), and fork() • On physical hardware a system call is achieved through a special instruction • trap in case of MIPS and int 0x80 in case of x86 • For instance, the open() system call takes three arguments: int open(char *path, int flags, mode_t mode) • The system call number for open() is 5
Code: open open: push dword mode push dword flags push dword path mov eax, 5 push eax int 80h
Normal System Call Flow Process 1. System call: Trap to OS Operating System 2. OS trap handler: Decode trap and execute appropriate syscall route When done: Return from trap 3. Resume execution (@PC after trap)
System Call Flow with Virtualization Process 1. System call: Trap to OS Operating System VMM 2. Process trapped: Call OS trap handler (at reduced privilege) 3. OS trap handler: Decode trap and execute syscall When done: issue return-from-trap
System Call Flow with Virtualization (2) Process 5. Resume execution (@PC after trap) Operating System VMM 4. OS tried return from trap: Do real return from trap
System Call Implications • Increase in number of instructions so slower system calls
System Call Implications • Increase in number of instructions so slower system calls • Which mode should the OS run in?
System Call Implications • Increase in number of instructions so slower system calls • Which mode should the OS run in? • Cannot run in a privileged mode any longer, because it would have unrestricted access to the hardware!
System Call Implications • Increase in number of instructions so slower system calls • Which mode should the OS run in? • Cannot run in a privileged mode any longer, because it would have unrestricted access to the hardware! • In case of MIPS, it would run in the supervisor mode
System Call Implications • Increase in number of instructions so slower system calls • Which mode should the OS run in? • Cannot run in a privileged mode any longer, because it would have unrestricted access to the hardware! • In case of MIPS, it would run in the supervisor mode • No access to privileged instructions but more memory
System Call Implications • Increase in number of instructions so slower system calls • Which mode should the OS run in? • Cannot run in a privileged mode any longer, because it would have unrestricted access to the hardware! • In case of MIPS, it would run in the supervisor mode • No access to privileged instructions but more memory • In case of x86, the guest OS runs in ring 1 while the VMM runs in ring 0
System Call Implications • Increase in number of instructions so slower system calls • Which mode should the OS run in? • Cannot run in a privileged mode any longer, because it would have unrestricted access to the hardware! • In case of MIPS, it would run in the supervisor mode • No access to privileged instructions but more memory • In case of x86, the guest OS runs in ring 1 while the VMM runs in ring 0 • What if the hardware has no extra modes?
System Call Implications • Increase in number of instructions so slower system calls • Which mode should the OS run in? • Cannot run in a privileged mode any longer, because it would have unrestricted access to the hardware! • In case of MIPS, it would run in the supervisor mode • No access to privileged instructions but more memory • In case of x86, the guest OS runs in ring 1 while the VMM runs in ring 0 • What if the hardware has no extra modes? • The OS runs in user mode and the VMM uses memory protection (page tables and TLBs) to protect OS data structures
Virtual Memory • OSes virtualize physical memory to give each process the illusion of a private address space
Virtual Memory • OSes virtualize physical memory to give each process the illusion of a private address space • In case of virtualization, need to add another layer of virtual memory
Virtual Memory • OSes virtualize physical memory to give each process the illusion of a private address space • In case of virtualization, need to add another layer of virtual memory • The three-tier hierarchy: virtual memory, physical memory, and machine memory
Virtual Memory • OSes virtualize physical memory to give each process the illusion of a private address space • In case of virtualization, need to add another layer of virtual memory • The three-tier hierarchy: virtual memory, physical memory, and machine memory • The OS maps virtual-to-physical addresses via its per-process page tables
Virtual Memory • OSes virtualize physical memory to give each process the illusion of a private address space • In case of virtualization, need to add another layer of virtual memory • The three-tier hierarchy: virtual memory, physical memory, and machine memory • The OS maps virtual-to-physical addresses via its per-process page tables • The VMM maps the resulting physical mappings to underlying machine addresses via its per-OS page tables
VMM Memory Virtualization
Normal TLB Miss Flow Process 1. Load from memory: TLB miss: Trap Operating System 2. OS TLB miss handler: Extract VPN from VA; Do page table lookup; If present and valid: get PFN, update TLB; Return from trap 3. Resume execution (@PC of trapping instruction); Instruction is retried; Results in TLB hit
TLB Miss Flow with Virtualization Process 1. Load from memory TLB miss: Trap Operating System VMM 2. VMM TLB miss handler: Call into OS TLB handler (reduced privilege) 3. OS TLB miss handler: Extract VPN from VA; Do page table lookup; If present and valid: get PFN, update TLB
TLB Miss Flow with Virtualization (2) Process Operating System 5. Return from trap VMM 4. Trap handler: Unprivileged code trying to update the TLB; OS is trying to install VPN-to-PFN mapping; Update TLB instead with VPN-to-MFN (privileged); Jump back to OS (reducing privilege)
TLB Miss Flow with Virtualization (3) Process 7. Resume execution (@PC of instruction); Instruction is retried; Results in TLB hit Operating System VMM 6. Trap handler: Unprivileged code trying to return from a trap; Return from trap
Virtual Memory Implications • Similar to system calls, virtualized virtual memory consists of more instructions and is hence slower
Virtual Memory Implications • Similar to system calls, virtualized virtual memory consists of more instructions and is hence slower • To deal with this overhead, VMMs implement “software TLB”
Virtual Memory Implications • Similar to system calls, virtualized virtual memory consists of more instructions and is hence slower • To deal with this overhead, VMMs implement “software TLB” • Every virtual-to-physical mapping is recorded by the VMM within this data structure
Virtual Memory Implications • Similar to system calls, virtualized virtual memory consists of more instructions and is hence slower • To deal with this overhead, VMMs implement “software TLB” • Every virtual-to-physical mapping is recorded by the VMM within this data structure • In case of a TLB miss, the VMM first consults this software TLB
Virtual Memory Implications • Similar to system calls, virtualized virtual memory consists of more instructions and is hence slower • To deal with this overhead, VMMs implement “software TLB” • Every virtual-to-physical mapping is recorded by the VMM within this data structure • In case of a TLB miss, the VMM first consults this software TLB • If the translation is found, the VMM simply installs the virtual-to-machine mapping directly into the hardware TLB
Information Gap • The OS does not know too much about what the application programs really want
Information Gap • The OS does not know too much about what the application programs really want • Must make general “one-size-fits-all” policies
Information Gap • The OS does not know too much about what the application programs really want • Must make general “one-size-fits-all” policies • Similarly, the VMM does not know too much about what the OS is doing or wanting
Information Gap • The OS does not know too much about what the application programs really want • Must make general “one-size-fits-all” policies • Similarly, the VMM does not know too much about what the OS is doing or wanting • This lack of knowledge, is dubbed as the information gap between the VMM and the OS
Information Gap (2) • What if the OS is in a busy loop?
Information Gap (2) • What if the OS is in a busy loop? • In case of virtualization, if there is another OS which is doing something useful then the VMM should give it more resources as opposed to the one which is in a busy loop
Information Gap (2) • What if the OS is in a busy loop? • In case of virtualization, if there is another OS which is doing something useful then the VMM should give it more resources as opposed to the one which is in a busy loop • Similarly, pages need to be zeroed before being mapped into a process’s address space
Information Gap (2) • What if the OS is in a busy loop? • In case of virtualization, if there is another OS which is doing something useful then the VMM should give it more resources as opposed to the one which is in a busy loop • Similarly, pages need to be zeroed before being mapped into a process’s address space • In case of virtualization, this would be redundantly done twice: Once by the VMM and then again by the OS
Information Gap (2) • What if the OS is in a busy loop? • In case of virtualization, if there is another OS which is doing something useful then the VMM should give it more resources as opposed to the one which is in a busy loop • Similarly, pages need to be zeroed before being mapped into a process’s address space • In case of virtualization, this would be redundantly done twice: Once by the VMM and then again by the OS • Two solutions exist to this problem:
Information Gap (2) • What if the OS is in a busy loop? • In case of virtualization, if there is another OS which is doing something useful then the VMM should give it more resources as opposed to the one which is in a busy loop • Similarly, pages need to be zeroed before being mapped into a process’s address space • In case of virtualization, this would be redundantly done twice: Once by the VMM and then again by the OS • Two solutions exist to this problem: 1 Implicit information: The OS can implicitly try to figure out the behaviour of each OS
Information Gap (2) • What if the OS is in a busy loop? • In case of virtualization, if there is another OS which is doing something useful then the VMM should give it more resources as opposed to the one which is in a busy loop • Similarly, pages need to be zeroed before being mapped into a process’s address space • In case of virtualization, this would be redundantly done twice: Once by the VMM and then again by the OS • Two solutions exist to this problem: Implicit information: The OS can implicitly try to figure out the behaviour of each OS 2 Paravirtualization: The guest OSes need to be modified to be made aware of virtualization 1
Today’s task • Design paravirtualization hooks for xv6
Reading(s) • Section “Virtual Machine Monitors” from “Operating Systems: Three Easy Pieces” by Remzi H. Arpaci-Dusseau and Andrea C. Arpaci-Dusseau. Online: http://pages.cs.wisc.edu/ ~remzi/OSTEP/vmm-intro.pdf

Recommended

AOS Lab 6: Scheduling
AOS Lab 6: SchedulingAOS Lab 6: Scheduling
AOS Lab 6: Scheduling
Zubair Nabi
 
AOS Lab 4: If you liked it, then you should have put a “lock” on it
AOS Lab 4: If you liked it, then you should have put a “lock” on itAOS Lab 4: If you liked it, then you should have put a “lock” on it
AOS Lab 4: If you liked it, then you should have put a “lock” on it
Zubair Nabi
 
AOS Lab 8: Interrupts and Device Drivers
AOS Lab 8: Interrupts and Device DriversAOS Lab 8: Interrupts and Device Drivers
AOS Lab 8: Interrupts and Device Drivers
Zubair Nabi
 
AOS Lab 5: System calls
AOS Lab 5: System callsAOS Lab 5: System calls
AOS Lab 5: System calls
Zubair Nabi
 
AOS Lab 1: Hello, Linux!
AOS Lab 1: Hello, Linux!AOS Lab 1: Hello, Linux!
AOS Lab 1: Hello, Linux!
Zubair Nabi
 
Kernel Recipes 2015: Solving the Linux storage scalability bottlenecks
Kernel Recipes 2015: Solving the Linux storage scalability bottlenecksKernel Recipes 2015: Solving the Linux storage scalability bottlenecks
Kernel Recipes 2015: Solving the Linux storage scalability bottlenecks
Anne Nicolas
 
LinuxCon_2013_NA_Eckermann_Filesystems_btrfs.pdf
LinuxCon_2013_NA_Eckermann_Filesystems_btrfs.pdfLinuxCon_2013_NA_Eckermann_Filesystems_btrfs.pdf
LinuxCon_2013_NA_Eckermann_Filesystems_btrfs.pdf
degarden
 
Stateless Hypervisors at Scale
Stateless Hypervisors at ScaleStateless Hypervisors at Scale
Stateless Hypervisors at Scale
Antony Messerl
 

Recommended

AOS Lab 6: Scheduling
AOS Lab 6: SchedulingAOS Lab 6: Scheduling
AOS Lab 6: Scheduling
Zubair Nabi
 
AOS Lab 4: If you liked it, then you should have put a “lock” on it
AOS Lab 4: If you liked it, then you should have put a “lock” on itAOS Lab 4: If you liked it, then you should have put a “lock” on it
AOS Lab 4: If you liked it, then you should have put a “lock” on it
Zubair Nabi
 
AOS Lab 8: Interrupts and Device Drivers
AOS Lab 8: Interrupts and Device DriversAOS Lab 8: Interrupts and Device Drivers
AOS Lab 8: Interrupts and Device Drivers
Zubair Nabi
 
AOS Lab 5: System calls
AOS Lab 5: System callsAOS Lab 5: System calls
AOS Lab 5: System calls
Zubair Nabi
 
AOS Lab 1: Hello, Linux!
AOS Lab 1: Hello, Linux!AOS Lab 1: Hello, Linux!
AOS Lab 1: Hello, Linux!
Zubair Nabi
 
Kernel Recipes 2015: Solving the Linux storage scalability bottlenecks
Kernel Recipes 2015: Solving the Linux storage scalability bottlenecksKernel Recipes 2015: Solving the Linux storage scalability bottlenecks
Kernel Recipes 2015: Solving the Linux storage scalability bottlenecks
Anne Nicolas
 
LinuxCon_2013_NA_Eckermann_Filesystems_btrfs.pdf
LinuxCon_2013_NA_Eckermann_Filesystems_btrfs.pdfLinuxCon_2013_NA_Eckermann_Filesystems_btrfs.pdf
LinuxCon_2013_NA_Eckermann_Filesystems_btrfs.pdf
degarden
 
Stateless Hypervisors at Scale
Stateless Hypervisors at ScaleStateless Hypervisors at Scale
Stateless Hypervisors at Scale
Antony Messerl
 
Modern Linux Tracing Landscape
Modern Linux Tracing LandscapeModern Linux Tracing Landscape
Modern Linux Tracing Landscape
Kernel TLV
 
High Performance Storage Devices in the Linux Kernel
High Performance Storage Devices in the Linux KernelHigh Performance Storage Devices in the Linux Kernel
High Performance Storage Devices in the Linux Kernel
Kernel TLV
 
Kernel Recipes 2015: Kernel packet capture technologies
Kernel Recipes 2015: Kernel packet capture technologiesKernel Recipes 2015: Kernel packet capture technologies
Kernel Recipes 2015: Kernel packet capture technologies
Anne Nicolas
 
Making Linux do Hard Real-time
Making Linux do Hard Real-timeMaking Linux do Hard Real-time
Making Linux do Hard Real-time
National Cheng Kung University
 
Kernel Recipes 2015 - So you want to write a Linux driver framework
Kernel Recipes 2015 - So you want to write a Linux driver frameworkKernel Recipes 2015 - So you want to write a Linux driver framework
Kernel Recipes 2015 - So you want to write a Linux driver framework
Anne Nicolas
 
Hardware Probing in the Linux Kernel
Hardware Probing in the Linux KernelHardware Probing in the Linux Kernel
Hardware Probing in the Linux Kernel
Kernel TLV
 
Block I/O Layer Tracing: blktrace
Block I/O Layer Tracing: blktraceBlock I/O Layer Tracing: blktrace
Block I/O Layer Tracing: blktrace
Babak Farrokhi
 
Linux Interrupts
Linux InterruptsLinux Interrupts
Linux Interrupts
Kernel TLV
 
Windows Internals for Linux Kernel Developers
Windows Internals for Linux Kernel DevelopersWindows Internals for Linux Kernel Developers
Windows Internals for Linux Kernel Developers
Kernel TLV
 
The Linux Scheduler: a Decade of Wasted Cores
The Linux Scheduler: a Decade of Wasted CoresThe Linux Scheduler: a Decade of Wasted Cores
The Linux Scheduler: a Decade of Wasted Cores
yeokm1
 
Tuned
TunedTuned
Tuned
Reanimation Bk
 
SecureCore RTAS2013
SecureCore RTAS2013SecureCore RTAS2013
SecureCore RTAS2013
mkyoon83
 
Broken Linux Performance Tools 2016
Broken Linux Performance Tools 2016Broken Linux Performance Tools 2016
Broken Linux Performance Tools 2016
Brendan Gregg
 
The Linux Block Layer - Built for Fast Storage
The Linux Block Layer - Built for Fast StorageThe Linux Block Layer - Built for Fast Storage
The Linux Block Layer - Built for Fast Storage
Kernel TLV
 
What Linux can learn from Solaris performance and vice-versa
What Linux can learn from Solaris performance and vice-versaWhat Linux can learn from Solaris performance and vice-versa
What Linux can learn from Solaris performance and vice-versa
Brendan Gregg
 
Preempt_rt realtime patch
Preempt_rt realtime patchPreempt_rt realtime patch
Preempt_rt realtime patch
Emre Can Kucukoglu
 
Linux Kernel I/O Schedulers
Linux Kernel I/O SchedulersLinux Kernel I/O Schedulers
Linux Kernel I/O Schedulers
RajKumar Rampelli
 
DTrace Topics: Introduction
DTrace Topics: IntroductionDTrace Topics: Introduction
DTrace Topics: Introduction
Brendan Gregg
 
Os lectures
Os lecturesOs lectures
Os lectures
Adnan Ghafoor
 
Understand and optimize Linux I/O
Understand and optimize Linux I/OUnderstand and optimize Linux I/O
Understand and optimize Linux I/O
Andrea Righi
 
Server virtualization
Server virtualizationServer virtualization
Server virtualization
Kingston Smiler
 
virtual machine.ppt
virtual machine.pptvirtual machine.ppt
virtual machine.ppt
SushantShinde74
 

More Related Content

What's hot

Modern Linux Tracing Landscape
Modern Linux Tracing LandscapeModern Linux Tracing Landscape
Modern Linux Tracing Landscape
Kernel TLV
 
Kernel Recipes 2015: Kernel packet capture technologies
Kernel Recipes 2015: Kernel packet capture technologiesKernel Recipes 2015: Kernel packet capture technologies
Kernel Recipes 2015: Kernel packet capture technologies
Anne Nicolas
 
Kernel Recipes 2015 - So you want to write a Linux driver framework
Kernel Recipes 2015 - So you want to write a Linux driver frameworkKernel Recipes 2015 - So you want to write a Linux driver framework
Kernel Recipes 2015 - So you want to write a Linux driver framework
Anne Nicolas
 
Windows Internals for Linux Kernel Developers
Windows Internals for Linux Kernel DevelopersWindows Internals for Linux Kernel Developers
Windows Internals for Linux Kernel Developers
Kernel TLV
 
SecureCore RTAS2013
SecureCore RTAS2013SecureCore RTAS2013
SecureCore RTAS2013
mkyoon83
 
Broken Linux Performance Tools 2016
Broken Linux Performance Tools 2016Broken Linux Performance Tools 2016
Broken Linux Performance Tools 2016
Brendan Gregg
 

What's hot (20)

Modern Linux Tracing Landscape
Modern Linux Tracing LandscapeModern Linux Tracing Landscape
Modern Linux Tracing Landscape
 
High Performance Storage Devices in the Linux Kernel
High Performance Storage Devices in the Linux KernelHigh Performance Storage Devices in the Linux Kernel
High Performance Storage Devices in the Linux Kernel
 
Kernel Recipes 2015: Kernel packet capture technologies
Kernel Recipes 2015: Kernel packet capture technologiesKernel Recipes 2015: Kernel packet capture technologies
Kernel Recipes 2015: Kernel packet capture technologies
 
Making Linux do Hard Real-time
Making Linux do Hard Real-timeMaking Linux do Hard Real-time
Making Linux do Hard Real-time
 
Kernel Recipes 2015 - So you want to write a Linux driver framework
Kernel Recipes 2015 - So you want to write a Linux driver frameworkKernel Recipes 2015 - So you want to write a Linux driver framework
Kernel Recipes 2015 - So you want to write a Linux driver framework
 
Hardware Probing in the Linux Kernel
Hardware Probing in the Linux KernelHardware Probing in the Linux Kernel
Hardware Probing in the Linux Kernel
 
Block I/O Layer Tracing: blktrace
Block I/O Layer Tracing: blktraceBlock I/O Layer Tracing: blktrace
Block I/O Layer Tracing: blktrace
 
Linux Interrupts
Linux InterruptsLinux Interrupts
Linux Interrupts
 
Windows Internals for Linux Kernel Developers
Windows Internals for Linux Kernel DevelopersWindows Internals for Linux Kernel Developers
Windows Internals for Linux Kernel Developers
 
The Linux Scheduler: a Decade of Wasted Cores
The Linux Scheduler: a Decade of Wasted CoresThe Linux Scheduler: a Decade of Wasted Cores
The Linux Scheduler: a Decade of Wasted Cores
 
Tuned
TunedTuned
Tuned
 
SecureCore RTAS2013
SecureCore RTAS2013SecureCore RTAS2013
SecureCore RTAS2013
 
Broken Linux Performance Tools 2016
Broken Linux Performance Tools 2016Broken Linux Performance Tools 2016
Broken Linux Performance Tools 2016
 
The Linux Block Layer - Built for Fast Storage
The Linux Block Layer - Built for Fast StorageThe Linux Block Layer - Built for Fast Storage
The Linux Block Layer - Built for Fast Storage
 
What Linux can learn from Solaris performance and vice-versa
What Linux can learn from Solaris performance and vice-versaWhat Linux can learn from Solaris performance and vice-versa
What Linux can learn from Solaris performance and vice-versa
 
Preempt_rt realtime patch
Preempt_rt realtime patchPreempt_rt realtime patch
Preempt_rt realtime patch
 
Linux Kernel I/O Schedulers
Linux Kernel I/O SchedulersLinux Kernel I/O Schedulers
Linux Kernel I/O Schedulers
 
DTrace Topics: Introduction
DTrace Topics: IntroductionDTrace Topics: Introduction
DTrace Topics: Introduction
 
Os lectures
Os lecturesOs lectures
Os lectures
 
Understand and optimize Linux I/O
Understand and optimize Linux I/OUnderstand and optimize Linux I/O
Understand and optimize Linux I/O
 

Similar to AOS Lab 11: Virtualization

Similar to AOS Lab 11: Virtualization (20)

Server virtualization
Server virtualizationServer virtualization
Server virtualization
 
virtual machine.ppt
virtual machine.pptvirtual machine.ppt
virtual machine.ppt
 
Hypervisors
HypervisorsHypervisors
Hypervisors
 
Hypervisors
HypervisorsHypervisors
Hypervisors
 
003-vmm.pptx
003-vmm.pptx003-vmm.pptx
003-vmm.pptx
 
17-virtualization.pptx
17-virtualization.pptx17-virtualization.pptx
17-virtualization.pptx
 
Virtual Machine
Virtual MachineVirtual Machine
Virtual Machine
 
Deployment of WebObjects applications on CentOS Linux
Deployment of WebObjects applications on CentOS LinuxDeployment of WebObjects applications on CentOS Linux
Deployment of WebObjects applications on CentOS Linux
 
Virtual machines and their architecture
Virtual machines and their architectureVirtual machines and their architecture
Virtual machines and their architecture
 
Overview.ppt
Overview.pptOverview.ppt
Overview.ppt
 
Virtual machine
Virtual machineVirtual machine
Virtual machine
 
Cloud
CloudCloud
Cloud
 
Operating system 16 virtual machines
Operating system 16 virtual machinesOperating system 16 virtual machines
Operating system 16 virtual machines
 
Simplifying Hyper-V Management for VMware Administrators
Simplifying Hyper-V Management for VMware AdministratorsSimplifying Hyper-V Management for VMware Administrators
Simplifying Hyper-V Management for VMware Administrators
 
Virtual machine
Virtual machineVirtual machine
Virtual machine
 
IBM informix: compared performance efficiency between physical server and Vir...
IBM informix: compared performance efficiency between physical server and Vir...IBM informix: compared performance efficiency between physical server and Vir...
IBM informix: compared performance efficiency between physical server and Vir...
 
IaaS - Virtualization_Cambridge.pdf
IaaS - Virtualization_Cambridge.pdfIaaS - Virtualization_Cambridge.pdf
IaaS - Virtualization_Cambridge.pdf
 
What is Virtualization and its types & Techniques.What is hypervisor and its ...
What is Virtualization and its types & Techniques.What is hypervisor and its ...What is Virtualization and its types & Techniques.What is hypervisor and its ...
What is Virtualization and its types & Techniques.What is hypervisor and its ...
 
Virtualization Basics
Virtualization BasicsVirtualization Basics
Virtualization Basics
 
11. operating-systems-part-2
11. operating-systems-part-211. operating-systems-part-2
11. operating-systems-part-2
 

More from Zubair Nabi

AOS Lab 12: Network Communication
AOS Lab 12: Network CommunicationAOS Lab 12: Network Communication
AOS Lab 12: Network Communication
Zubair Nabi
 
AOS Lab 10: File system -- Inodes and beyond
AOS Lab 10: File system -- Inodes and beyondAOS Lab 10: File system -- Inodes and beyond
AOS Lab 10: File system -- Inodes and beyond
Zubair Nabi
 
AOS Lab 9: File system -- Of buffers, logs, and blocks
AOS Lab 9: File system -- Of buffers, logs, and blocksAOS Lab 9: File system -- Of buffers, logs, and blocks
AOS Lab 9: File system -- Of buffers, logs, and blocks
Zubair Nabi
 
AOS Lab 7: Page tables
AOS Lab 7: Page tablesAOS Lab 7: Page tables
AOS Lab 7: Page tables
Zubair Nabi
 
AOS Lab 2: Hello, xv6!
AOS Lab 2: Hello, xv6!AOS Lab 2: Hello, xv6!
AOS Lab 2: Hello, xv6!
Zubair Nabi
 
AOS Lab 1: Hello, Linux!
AOS Lab 1: Hello, Linux!AOS Lab 1: Hello, Linux!
AOS Lab 1: Hello, Linux!
Zubair Nabi
 
The Big Data Stack
The Big Data StackThe Big Data Stack
The Big Data Stack
Zubair Nabi
 
Raabta: Low-cost Video Conferencing for the Developing World
Raabta: Low-cost Video Conferencing for the Developing WorldRaabta: Low-cost Video Conferencing for the Developing World
Raabta: Low-cost Video Conferencing for the Developing World
Zubair Nabi
 
The Anatomy of Web Censorship in Pakistan
The Anatomy of Web Censorship in PakistanThe Anatomy of Web Censorship in Pakistan
The Anatomy of Web Censorship in Pakistan
Zubair Nabi
 

More from Zubair Nabi (20)

AOS Lab 12: Network Communication
AOS Lab 12: Network CommunicationAOS Lab 12: Network Communication
AOS Lab 12: Network Communication
 
AOS Lab 10: File system -- Inodes and beyond
AOS Lab 10: File system -- Inodes and beyondAOS Lab 10: File system -- Inodes and beyond
AOS Lab 10: File system -- Inodes and beyond
 
AOS Lab 9: File system -- Of buffers, logs, and blocks
AOS Lab 9: File system -- Of buffers, logs, and blocksAOS Lab 9: File system -- Of buffers, logs, and blocks
AOS Lab 9: File system -- Of buffers, logs, and blocks
 
AOS Lab 7: Page tables
AOS Lab 7: Page tablesAOS Lab 7: Page tables
AOS Lab 7: Page tables
 
AOS Lab 2: Hello, xv6!
AOS Lab 2: Hello, xv6!AOS Lab 2: Hello, xv6!
AOS Lab 2: Hello, xv6!
 
AOS Lab 1: Hello, Linux!
AOS Lab 1: Hello, Linux!AOS Lab 1: Hello, Linux!
AOS Lab 1: Hello, Linux!
 
The Big Data Stack
The Big Data StackThe Big Data Stack
The Big Data Stack
 
Raabta: Low-cost Video Conferencing for the Developing World
Raabta: Low-cost Video Conferencing for the Developing WorldRaabta: Low-cost Video Conferencing for the Developing World
Raabta: Low-cost Video Conferencing for the Developing World
 
The Anatomy of Web Censorship in Pakistan
The Anatomy of Web Censorship in PakistanThe Anatomy of Web Censorship in Pakistan
The Anatomy of Web Censorship in Pakistan
 
MapReduce and DBMS Hybrids
MapReduce and DBMS HybridsMapReduce and DBMS Hybrids
MapReduce and DBMS Hybrids
 
MapReduce Application Scripting
MapReduce Application ScriptingMapReduce Application Scripting
MapReduce Application Scripting
 
Topic 15: Datacenter Design and Networking
Topic 15: Datacenter Design and NetworkingTopic 15: Datacenter Design and Networking
Topic 15: Datacenter Design and Networking
 
Topic 14: Operating Systems and Virtualization
Topic 14: Operating Systems and VirtualizationTopic 14: Operating Systems and Virtualization
Topic 14: Operating Systems and Virtualization
 
Topic 13: Cloud Stacks
Topic 13: Cloud StacksTopic 13: Cloud Stacks
Topic 13: Cloud Stacks
 
Lab 5: Interconnecting a Datacenter using Mininet
Lab 5: Interconnecting a Datacenter using MininetLab 5: Interconnecting a Datacenter using Mininet
Lab 5: Interconnecting a Datacenter using Mininet
 
Topic 12: NoSQL in Action
Topic 12: NoSQL in ActionTopic 12: NoSQL in Action
Topic 12: NoSQL in Action
 
Lab 4: Interfacing with Cassandra
Lab 4: Interfacing with CassandraLab 4: Interfacing with Cassandra
Lab 4: Interfacing with Cassandra
 
Topic 10: Taxonomy of Data and Storage
Topic 10: Taxonomy of Data and StorageTopic 10: Taxonomy of Data and Storage
Topic 10: Taxonomy of Data and Storage
 
Topic 11: Google Filesystem
Topic 11: Google FilesystemTopic 11: Google Filesystem
Topic 11: Google Filesystem
 
Lab 3: Writing a Naiad Application
Lab 3: Writing a Naiad ApplicationLab 3: Writing a Naiad Application
Lab 3: Writing a Naiad Application
 

Recently uploaded

Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdf
Overkill Security
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Angeliki Cooney
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Orbitshub
 

Recently uploaded (20)

Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
CNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In PakistanCNIC Information System with Pakdata Cf In Pakistan
CNIC Information System with Pakdata Cf In Pakistan
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Cyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdfCyberprint. Dark Pink Apt Group [EN].pdf
Cyberprint. Dark Pink Apt Group [EN].pdf
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024AXA XL - Insurer Innovation Award Americas 2024
AXA XL - Insurer Innovation Award Americas 2024
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024FWD Group - Insurer Innovation Award 2024
FWD Group - Insurer Innovation Award 2024
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...
 

AOS Lab 11: Virtualization

  • 1. Lab 11: Virtualization Advanced Operating Systems Zubair Nabi zubair.nabi@itu.edu.pk April 17, 2013
  • 2. Background • Years ago, IBM used to sell expensive and bulky mainframes
  • 3. Background • Years ago, IBM used to sell expensive and bulky mainframes • They ran into a problem: what if organizations wanted to run different operating systems on the same machine at the same time?
  • 4. Background • Years ago, IBM used to sell expensive and bulky mainframes • They ran into a problem: what if organizations wanted to run different operating systems on the same machine at the same time? • For instance, some applications have been developed on one OS and others on different ones
  • 5. Background • Years ago, IBM used to sell expensive and bulky mainframes • They ran into a problem: what if organizations wanted to run different operating systems on the same machine at the same time? • For instance, some applications have been developed on one OS and others on different ones • IBM solved this by adding another level of indirection, called a virtual memory monitor or hypervisor
  • 6. Virtual Memory Monitor • Sits between one or more operating systems and the hardware
  • 7. Virtual Memory Monitor • Sits between one or more operating systems and the hardware • Gives the illusion to each running OS that it has full control over the hardware (A taste of its own medicine?)
  • 8. Virtual Memory Monitor • Sits between one or more operating systems and the hardware • Gives the illusion to each running OS that it has full control over the hardware (A taste of its own medicine?) • Multiplexes the hardware across OSes
  • 9. Virtual Memory Monitor • Sits between one or more operating systems and the hardware • Gives the illusion to each running OS that it has full control over the hardware (A taste of its own medicine?) • Multiplexes the hardware across OSes • In essence, a VMM is an OS for OSes
  • 10. Advantages • Server Consolidation • In many settings, services are run on different machines
  • 11. Advantages • Server Consolidation • In many settings, services are run on different machines • In some cases, these machines also run different OSes
  • 12. Advantages • Server Consolidation • In many settings, services are run on different machines • In some cases, these machines also run different OSes • At the same time, the machines are underutilized
  • 13. Advantages • Server Consolidation • • • • In many settings, services are run on different machines In some cases, these machines also run different OSes At the same time, the machines are underutilized Virtualization leads to consolidation by multiplexing multiple OSes over fewer physical servers
  • 14. Advantages • Server Consolidation • • • • In many settings, services are run on different machines In some cases, these machines also run different OSes At the same time, the machines are underutilized Virtualization leads to consolidation by multiplexing multiple OSes over fewer physical servers • Increased Desktop Functionality • Many users wish to run one operating system
  • 15. Advantages • Server Consolidation • • • • In many settings, services are run on different machines In some cases, these machines also run different OSes At the same time, the machines are underutilized Virtualization leads to consolidation by multiplexing multiple OSes over fewer physical servers • Increased Desktop Functionality • Many users wish to run one operating system • But want to have access to native applications on a different OS platform
  • 16. Advantages (2) • Testing and Debugging • Code is mostly written on one main platform
  • 17. Advantages (2) • Testing and Debugging • Code is mostly written on one main platform • But developers want to debug and test it on many diverse platforms
  • 18. Advantages (2) • Testing and Debugging • Code is mostly written on one main platform • But developers want to debug and test it on many diverse platforms • Virtualization enables this by running mutiple OSes over a single machine
  • 19. Resurgence • Resurgence took place in the 90s
  • 20. Resurgence • Resurgence took place in the 90s • Primarily led by Mendel Rosenblum at Stanford
  • 21. Resurgence • Resurgence took place in the 90s • Primarily led by Mendel Rosenblum at Stanford • Engineered Disco, a VMM for the MIPS processor
  • 22. Resurgence • Resurgence took place in the 90s • Primarily led by Mendel Rosenblum at Stanford • Engineered Disco, a VMM for the MIPS processor • Led to VMWare (Total assets of over $8 billion)
  • 23. Running a VM • Similar to running an application on top of an OS
  • 24. Running a VM • Similar to running an application on top of an OS • Through limited direct execution
  • 25. Running a VM • Similar to running an application on top of an OS • Through limited direct execution • Each time a new OS boots atop the VMM, jump to the address of the first instruction
  • 26. Running a VM • Similar to running an application on top of an OS • Through limited direct execution • Each time a new OS boots atop the VMM, jump to the address of the first instruction • The OS starts executing
  • 27. Multiplexing the CPU • Similar to a process context switch but now a VMM performs a machine switch between different VMs
  • 28. Multiplexing the CPU • Similar to a process context switch but now a VMM performs a machine switch between different VMs 1 The VMM must save the entire state of one OS
  • 29. Multiplexing the CPU • Similar to a process context switch but now a VMM performs a machine switch between different VMs 1 The VMM must save the entire state of one OS • This state includes registers, PC, and any privileged hardware state (not applicable to a context switch)
  • 30. Multiplexing the CPU • Similar to a process context switch but now a VMM performs a machine switch between different VMs 1 The VMM must save the entire state of one OS • This state includes registers, PC, and any privileged hardware state 2 Restore the state of the to-be-run VM (not applicable to a context switch)
  • 31. Multiplexing the CPU • Similar to a process context switch but now a VMM performs a machine switch between different VMs 1 The VMM must save the entire state of one OS • This state includes registers, PC, and any privileged hardware state (not applicable to a context switch) Restore the state of the to-be-run VM 3 Jump to the PC of the to-be-run VM 2
  • 32. Multiplexing the CPU • Similar to a process context switch but now a VMM performs a machine switch between different VMs 1 The VMM must save the entire state of one OS • This state includes registers, PC, and any privileged hardware state (not applicable to a context switch) Restore the state of the to-be-run VM 3 Jump to the PC of the to-be-run VM • The PC may be within the OS kernel or within a process 2
  • 33. Privileged Operations • Things get more interesting when the running OS tries to perform some privileged operation
  • 34. Privileged Operations • Things get more interesting when the running OS tries to perform some privileged operation • For instance, on a system with a software-managed TLB, the OS uses privileged instructions to update the TLB
  • 35. Privileged Operations • Things get more interesting when the running OS tries to perform some privileged operation • For instance, on a system with a software-managed TLB, the OS uses privileged instructions to update the TLB • In a virtualized environment, the OS cannot be allowed to do this
  • 36. Privileged Operations • Things get more interesting when the running OS tries to perform some privileged operation • For instance, on a system with a software-managed TLB, the OS uses privileged instructions to update the TLB • In a virtualized environment, the OS cannot be allowed to do this • If it is allowed to do so, the OS will control the underlying machine rather than the VMM
  • 37. Privileged Operations • Things get more interesting when the running OS tries to perform some privileged operation • For instance, on a system with a software-managed TLB, the OS uses privileged instructions to update the TLB • In a virtualized environment, the OS cannot be allowed to do this • If it is allowed to do so, the OS will control the underlying machine rather than the VMM • The VMM must intercept privileged operations from OSes and retain control of the machine
  • 38. System Calls • The VMM needs to intercept all system calls, such as open(), read(), and fork()
  • 39. System Calls • The VMM needs to intercept all system calls, such as open(), read(), and fork() • On physical hardware a system call is achieved through a special instruction
  • 40. System Calls • The VMM needs to intercept all system calls, such as open(), read(), and fork() • On physical hardware a system call is achieved through a special instruction • trap in case of MIPS and int 0x80 in case of x86
  • 41. System Calls • The VMM needs to intercept all system calls, such as open(), read(), and fork() • On physical hardware a system call is achieved through a special instruction • trap in case of MIPS and int 0x80 in case of x86 • For instance, the open() system call takes three arguments: int open(char *path, int flags, mode_t mode)
  • 42. System Calls • The VMM needs to intercept all system calls, such as open(), read(), and fork() • On physical hardware a system call is achieved through a special instruction • trap in case of MIPS and int 0x80 in case of x86 • For instance, the open() system call takes three arguments: int open(char *path, int flags, mode_t mode) • The system call number for open() is 5
  • 43. Code: open open: push dword mode push dword flags push dword path mov eax, 5 push eax int 80h
  • 44. Normal System Call Flow Process 1. System call: Trap to OS Operating System 2. OS trap handler: Decode trap and execute appropriate syscall route When done: Return from trap 3. Resume execution (@PC after trap)
  • 45. System Call Flow with Virtualization Process 1. System call: Trap to OS Operating System VMM 2. Process trapped: Call OS trap handler (at reduced privilege) 3. OS trap handler: Decode trap and execute syscall When done: issue return-from-trap
  • 46. System Call Flow with Virtualization (2) Process 5. Resume execution (@PC after trap) Operating System VMM 4. OS tried return from trap: Do real return from trap
  • 47. System Call Implications • Increase in number of instructions so slower system calls
  • 48. System Call Implications • Increase in number of instructions so slower system calls • Which mode should the OS run in?
  • 49. System Call Implications • Increase in number of instructions so slower system calls • Which mode should the OS run in? • Cannot run in a privileged mode any longer, because it would have unrestricted access to the hardware!
  • 50. System Call Implications • Increase in number of instructions so slower system calls • Which mode should the OS run in? • Cannot run in a privileged mode any longer, because it would have unrestricted access to the hardware! • In case of MIPS, it would run in the supervisor mode
  • 51. System Call Implications • Increase in number of instructions so slower system calls • Which mode should the OS run in? • Cannot run in a privileged mode any longer, because it would have unrestricted access to the hardware! • In case of MIPS, it would run in the supervisor mode • No access to privileged instructions but more memory
  • 52. System Call Implications • Increase in number of instructions so slower system calls • Which mode should the OS run in? • Cannot run in a privileged mode any longer, because it would have unrestricted access to the hardware! • In case of MIPS, it would run in the supervisor mode • No access to privileged instructions but more memory • In case of x86, the guest OS runs in ring 1 while the VMM runs in ring 0
  • 53. System Call Implications • Increase in number of instructions so slower system calls • Which mode should the OS run in? • Cannot run in a privileged mode any longer, because it would have unrestricted access to the hardware! • In case of MIPS, it would run in the supervisor mode • No access to privileged instructions but more memory • In case of x86, the guest OS runs in ring 1 while the VMM runs in ring 0 • What if the hardware has no extra modes?
  • 54. System Call Implications • Increase in number of instructions so slower system calls • Which mode should the OS run in? • Cannot run in a privileged mode any longer, because it would have unrestricted access to the hardware! • In case of MIPS, it would run in the supervisor mode • No access to privileged instructions but more memory • In case of x86, the guest OS runs in ring 1 while the VMM runs in ring 0 • What if the hardware has no extra modes? • The OS runs in user mode and the VMM uses memory protection (page tables and TLBs) to protect OS data structures
  • 55. Virtual Memory • OSes virtualize physical memory to give each process the illusion of a private address space
  • 56. Virtual Memory • OSes virtualize physical memory to give each process the illusion of a private address space • In case of virtualization, need to add another layer of virtual memory
  • 57. Virtual Memory • OSes virtualize physical memory to give each process the illusion of a private address space • In case of virtualization, need to add another layer of virtual memory • The three-tier hierarchy: virtual memory, physical memory, and machine memory
  • 58. Virtual Memory • OSes virtualize physical memory to give each process the illusion of a private address space • In case of virtualization, need to add another layer of virtual memory • The three-tier hierarchy: virtual memory, physical memory, and machine memory • The OS maps virtual-to-physical addresses via its per-process page tables
  • 59. Virtual Memory • OSes virtualize physical memory to give each process the illusion of a private address space • In case of virtualization, need to add another layer of virtual memory • The three-tier hierarchy: virtual memory, physical memory, and machine memory • The OS maps virtual-to-physical addresses via its per-process page tables • The VMM maps the resulting physical mappings to underlying machine addresses via its per-OS page tables
  • 61. Normal TLB Miss Flow Process 1. Load from memory: TLB miss: Trap Operating System 2. OS TLB miss handler: Extract VPN from VA; Do page table lookup; If present and valid: get PFN, update TLB; Return from trap 3. Resume execution (@PC of trapping instruction); Instruction is retried; Results in TLB hit
  • 62. TLB Miss Flow with Virtualization Process 1. Load from memory TLB miss: Trap Operating System VMM 2. VMM TLB miss handler: Call into OS TLB handler (reduced privilege) 3. OS TLB miss handler: Extract VPN from VA; Do page table lookup; If present and valid: get PFN, update TLB
  • 63. TLB Miss Flow with Virtualization (2) Process Operating System 5. Return from trap VMM 4. Trap handler: Unprivileged code trying to update the TLB; OS is trying to install VPN-to-PFN mapping; Update TLB instead with VPN-to-MFN (privileged); Jump back to OS (reducing privilege)
  • 64. TLB Miss Flow with Virtualization (3) Process 7. Resume execution (@PC of instruction); Instruction is retried; Results in TLB hit Operating System VMM 6. Trap handler: Unprivileged code trying to return from a trap; Return from trap
  • 65. Virtual Memory Implications • Similar to system calls, virtualized virtual memory consists of more instructions and is hence slower
  • 66. Virtual Memory Implications • Similar to system calls, virtualized virtual memory consists of more instructions and is hence slower • To deal with this overhead, VMMs implement “software TLB”
  • 67. Virtual Memory Implications • Similar to system calls, virtualized virtual memory consists of more instructions and is hence slower • To deal with this overhead, VMMs implement “software TLB” • Every virtual-to-physical mapping is recorded by the VMM within this data structure
  • 68. Virtual Memory Implications • Similar to system calls, virtualized virtual memory consists of more instructions and is hence slower • To deal with this overhead, VMMs implement “software TLB” • Every virtual-to-physical mapping is recorded by the VMM within this data structure • In case of a TLB miss, the VMM first consults this software TLB
  • 69. Virtual Memory Implications • Similar to system calls, virtualized virtual memory consists of more instructions and is hence slower • To deal with this overhead, VMMs implement “software TLB” • Every virtual-to-physical mapping is recorded by the VMM within this data structure • In case of a TLB miss, the VMM first consults this software TLB • If the translation is found, the VMM simply installs the virtual-to-machine mapping directly into the hardware TLB
  • 70. Information Gap • The OS does not know too much about what the application programs really want
  • 71. Information Gap • The OS does not know too much about what the application programs really want • Must make general “one-size-fits-all” policies
  • 72. Information Gap • The OS does not know too much about what the application programs really want • Must make general “one-size-fits-all” policies • Similarly, the VMM does not know too much about what the OS is doing or wanting
  • 73. Information Gap • The OS does not know too much about what the application programs really want • Must make general “one-size-fits-all” policies • Similarly, the VMM does not know too much about what the OS is doing or wanting • This lack of knowledge, is dubbed as the information gap between the VMM and the OS
  • 74. Information Gap (2) • What if the OS is in a busy loop?
  • 75. Information Gap (2) • What if the OS is in a busy loop? • In case of virtualization, if there is another OS which is doing something useful then the VMM should give it more resources as opposed to the one which is in a busy loop
  • 76. Information Gap (2) • What if the OS is in a busy loop? • In case of virtualization, if there is another OS which is doing something useful then the VMM should give it more resources as opposed to the one which is in a busy loop • Similarly, pages need to be zeroed before being mapped into a process’s address space
  • 77. Information Gap (2) • What if the OS is in a busy loop? • In case of virtualization, if there is another OS which is doing something useful then the VMM should give it more resources as opposed to the one which is in a busy loop • Similarly, pages need to be zeroed before being mapped into a process’s address space • In case of virtualization, this would be redundantly done twice: Once by the VMM and then again by the OS
  • 78. Information Gap (2) • What if the OS is in a busy loop? • In case of virtualization, if there is another OS which is doing something useful then the VMM should give it more resources as opposed to the one which is in a busy loop • Similarly, pages need to be zeroed before being mapped into a process’s address space • In case of virtualization, this would be redundantly done twice: Once by the VMM and then again by the OS • Two solutions exist to this problem:
  • 79. Information Gap (2) • What if the OS is in a busy loop? • In case of virtualization, if there is another OS which is doing something useful then the VMM should give it more resources as opposed to the one which is in a busy loop • Similarly, pages need to be zeroed before being mapped into a process’s address space • In case of virtualization, this would be redundantly done twice: Once by the VMM and then again by the OS • Two solutions exist to this problem: 1 Implicit information: The OS can implicitly try to figure out the behaviour of each OS
  • 80. Information Gap (2) • What if the OS is in a busy loop? • In case of virtualization, if there is another OS which is doing something useful then the VMM should give it more resources as opposed to the one which is in a busy loop • Similarly, pages need to be zeroed before being mapped into a process’s address space • In case of virtualization, this would be redundantly done twice: Once by the VMM and then again by the OS • Two solutions exist to this problem: Implicit information: The OS can implicitly try to figure out the behaviour of each OS 2 Paravirtualization: The guest OSes need to be modified to be made aware of virtualization 1
  • 81. Today’s task • Design paravirtualization hooks for xv6
  • 82. Reading(s) • Section “Virtual Machine Monitors” from “Operating Systems: Three Easy Pieces” by Remzi H. Arpaci-Dusseau and Andrea C. Arpaci-Dusseau. Online: http://pages.cs.wisc.edu/ ~remzi/OSTEP/vmm-intro.pdf