aos lab 11: virtualization
DESCRIPTION
TRANSCRIPT
![Page 2: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/2.jpg)
Background
• Years ago, IBM used to sell expensive and bulky mainframes
• They ran into a problem: what if organizations wanted to rundifferent operating systems on the same machine at the sametime?
• For instance, some applications have been developed on one OSand others on different ones
• IBM solved this by adding another level of indirection, called avirtual memory monitor or hypervisor
![Page 3: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/3.jpg)
Background
• Years ago, IBM used to sell expensive and bulky mainframes• They ran into a problem: what if organizations wanted to run
different operating systems on the same machine at the sametime?
• For instance, some applications have been developed on one OSand others on different ones
• IBM solved this by adding another level of indirection, called avirtual memory monitor or hypervisor
![Page 4: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/4.jpg)
Background
• Years ago, IBM used to sell expensive and bulky mainframes• They ran into a problem: what if organizations wanted to run
different operating systems on the same machine at the sametime?
• For instance, some applications have been developed on one OSand others on different ones
• IBM solved this by adding another level of indirection, called avirtual memory monitor or hypervisor
![Page 5: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/5.jpg)
Background
• Years ago, IBM used to sell expensive and bulky mainframes• They ran into a problem: what if organizations wanted to run
different operating systems on the same machine at the sametime?
• For instance, some applications have been developed on one OSand others on different ones
• IBM solved this by adding another level of indirection, called avirtual memory monitor or hypervisor
![Page 6: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/6.jpg)
Virtual Memory Monitor
• Sits between one or more operating systems and the hardware
• Gives the illusion to each running OS that it has full control overthe hardware (A taste of its own medicine?)
• Multiplexes the hardware across OSes
• In essence, a VMM is an OS for OSes
![Page 7: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/7.jpg)
Virtual Memory Monitor
• Sits between one or more operating systems and the hardware
• Gives the illusion to each running OS that it has full control overthe hardware (A taste of its own medicine?)
• Multiplexes the hardware across OSes
• In essence, a VMM is an OS for OSes
![Page 8: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/8.jpg)
Virtual Memory Monitor
• Sits between one or more operating systems and the hardware
• Gives the illusion to each running OS that it has full control overthe hardware (A taste of its own medicine?)
• Multiplexes the hardware across OSes
• In essence, a VMM is an OS for OSes
![Page 9: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/9.jpg)
Virtual Memory Monitor
• Sits between one or more operating systems and the hardware
• Gives the illusion to each running OS that it has full control overthe hardware (A taste of its own medicine?)
• Multiplexes the hardware across OSes
• In essence, a VMM is an OS for OSes
![Page 10: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/10.jpg)
Advantages
• Server Consolidation• In many settings, services are run on different machines
• In some cases, these machines also run different OSes• At the same time, the machines are underutilized• Virtualization leads to consolidation by multiplexing multiple OSes
over fewer physical servers
• Increased Desktop Functionality• Many users wish to run one operating system• But want to have access to native applications on a different OS
platform
![Page 11: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/11.jpg)
Advantages
• Server Consolidation• In many settings, services are run on different machines• In some cases, these machines also run different OSes
• At the same time, the machines are underutilized• Virtualization leads to consolidation by multiplexing multiple OSes
over fewer physical servers
• Increased Desktop Functionality• Many users wish to run one operating system• But want to have access to native applications on a different OS
platform
![Page 12: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/12.jpg)
Advantages
• Server Consolidation• In many settings, services are run on different machines• In some cases, these machines also run different OSes• At the same time, the machines are underutilized
• Virtualization leads to consolidation by multiplexing multiple OSesover fewer physical servers
• Increased Desktop Functionality• Many users wish to run one operating system• But want to have access to native applications on a different OS
platform
![Page 13: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/13.jpg)
Advantages
• Server Consolidation• In many settings, services are run on different machines• In some cases, these machines also run different OSes• At the same time, the machines are underutilized• Virtualization leads to consolidation by multiplexing multiple OSes
over fewer physical servers
• Increased Desktop Functionality• Many users wish to run one operating system• But want to have access to native applications on a different OS
platform
![Page 14: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/14.jpg)
Advantages
• Server Consolidation• In many settings, services are run on different machines• In some cases, these machines also run different OSes• At the same time, the machines are underutilized• Virtualization leads to consolidation by multiplexing multiple OSes
over fewer physical servers
• Increased Desktop Functionality• Many users wish to run one operating system
• But want to have access to native applications on a different OSplatform
![Page 15: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/15.jpg)
Advantages
• Server Consolidation• In many settings, services are run on different machines• In some cases, these machines also run different OSes• At the same time, the machines are underutilized• Virtualization leads to consolidation by multiplexing multiple OSes
over fewer physical servers
• Increased Desktop Functionality• Many users wish to run one operating system• But want to have access to native applications on a different OS
platform
![Page 16: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/16.jpg)
Advantages (2)
• Testing and Debugging• Code is mostly written on one main platform
• But developers want to debug and test it on many diverseplatforms
• Virtualization enables this by running mutiple OSes over a singlemachine
![Page 17: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/17.jpg)
Advantages (2)
• Testing and Debugging• Code is mostly written on one main platform• But developers want to debug and test it on many diverse
platforms
• Virtualization enables this by running mutiple OSes over a singlemachine
![Page 18: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/18.jpg)
Advantages (2)
• Testing and Debugging• Code is mostly written on one main platform• But developers want to debug and test it on many diverse
platforms• Virtualization enables this by running mutiple OSes over a single
machine
![Page 19: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/19.jpg)
Resurgence
• Resurgence took place in the 90s
• Primarily led by Mendel Rosenblum at Stanford
• Engineered Disco, a VMM for the MIPS processor
• Led to VMWare (Total assets of over $8 billion)
![Page 20: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/20.jpg)
Resurgence
• Resurgence took place in the 90s
• Primarily led by Mendel Rosenblum at Stanford
• Engineered Disco, a VMM for the MIPS processor
• Led to VMWare (Total assets of over $8 billion)
![Page 21: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/21.jpg)
Resurgence
• Resurgence took place in the 90s
• Primarily led by Mendel Rosenblum at Stanford
• Engineered Disco, a VMM for the MIPS processor
• Led to VMWare (Total assets of over $8 billion)
![Page 22: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/22.jpg)
Resurgence
• Resurgence took place in the 90s
• Primarily led by Mendel Rosenblum at Stanford
• Engineered Disco, a VMM for the MIPS processor
• Led to VMWare (Total assets of over $8 billion)
![Page 23: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/23.jpg)
Running a VM
• Similar to running an application on top of an OS
• Through limited direct execution
• Each time a new OS boots atop the VMM, jump to the address ofthe first instruction
• The OS starts executing
![Page 24: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/24.jpg)
Running a VM
• Similar to running an application on top of an OS• Through limited direct execution
• Each time a new OS boots atop the VMM, jump to the address ofthe first instruction
• The OS starts executing
![Page 25: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/25.jpg)
Running a VM
• Similar to running an application on top of an OS• Through limited direct execution
• Each time a new OS boots atop the VMM, jump to the address ofthe first instruction
• The OS starts executing
![Page 26: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/26.jpg)
Running a VM
• Similar to running an application on top of an OS• Through limited direct execution
• Each time a new OS boots atop the VMM, jump to the address ofthe first instruction
• The OS starts executing
![Page 27: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/27.jpg)
Multiplexing the CPU
• Similar to a process context switch but now a VMM performs amachine switch between different VMs
1 The VMM must save the entire state of one OS• This state includes registers, PC, and any privileged hardware state
(not applicable to a context switch)
2 Restore the state of the to-be-run VM3 Jump to the PC of the to-be-run VM
• The PC may be within the OS kernel or within a process
![Page 28: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/28.jpg)
Multiplexing the CPU
• Similar to a process context switch but now a VMM performs amachine switch between different VMs
1 The VMM must save the entire state of one OS
• This state includes registers, PC, and any privileged hardware state(not applicable to a context switch)
2 Restore the state of the to-be-run VM3 Jump to the PC of the to-be-run VM
• The PC may be within the OS kernel or within a process
![Page 29: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/29.jpg)
Multiplexing the CPU
• Similar to a process context switch but now a VMM performs amachine switch between different VMs
1 The VMM must save the entire state of one OS• This state includes registers, PC, and any privileged hardware state
(not applicable to a context switch)
2 Restore the state of the to-be-run VM3 Jump to the PC of the to-be-run VM
• The PC may be within the OS kernel or within a process
![Page 30: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/30.jpg)
Multiplexing the CPU
• Similar to a process context switch but now a VMM performs amachine switch between different VMs
1 The VMM must save the entire state of one OS• This state includes registers, PC, and any privileged hardware state
(not applicable to a context switch)
2 Restore the state of the to-be-run VM
3 Jump to the PC of the to-be-run VM• The PC may be within the OS kernel or within a process
![Page 31: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/31.jpg)
Multiplexing the CPU
• Similar to a process context switch but now a VMM performs amachine switch between different VMs
1 The VMM must save the entire state of one OS• This state includes registers, PC, and any privileged hardware state
(not applicable to a context switch)
2 Restore the state of the to-be-run VM3 Jump to the PC of the to-be-run VM
• The PC may be within the OS kernel or within a process
![Page 32: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/32.jpg)
Multiplexing the CPU
• Similar to a process context switch but now a VMM performs amachine switch between different VMs
1 The VMM must save the entire state of one OS• This state includes registers, PC, and any privileged hardware state
(not applicable to a context switch)
2 Restore the state of the to-be-run VM3 Jump to the PC of the to-be-run VM
• The PC may be within the OS kernel or within a process
![Page 33: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/33.jpg)
Privileged Operations
• Things get more interesting when the running OS tries to performsome privileged operation
• For instance, on a system with a software-managed TLB, the OSuses privileged instructions to update the TLB
• In a virtualized environment, the OS cannot be allowed to do this• If it is allowed to do so, the OS will control the underlying machine
rather than the VMM
• The VMM must intercept privileged operations from OSes andretain control of the machine
![Page 34: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/34.jpg)
Privileged Operations
• Things get more interesting when the running OS tries to performsome privileged operation
• For instance, on a system with a software-managed TLB, the OSuses privileged instructions to update the TLB
• In a virtualized environment, the OS cannot be allowed to do this• If it is allowed to do so, the OS will control the underlying machine
rather than the VMM
• The VMM must intercept privileged operations from OSes andretain control of the machine
![Page 35: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/35.jpg)
Privileged Operations
• Things get more interesting when the running OS tries to performsome privileged operation
• For instance, on a system with a software-managed TLB, the OSuses privileged instructions to update the TLB
• In a virtualized environment, the OS cannot be allowed to do this
• If it is allowed to do so, the OS will control the underlying machinerather than the VMM
• The VMM must intercept privileged operations from OSes andretain control of the machine
![Page 36: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/36.jpg)
Privileged Operations
• Things get more interesting when the running OS tries to performsome privileged operation
• For instance, on a system with a software-managed TLB, the OSuses privileged instructions to update the TLB
• In a virtualized environment, the OS cannot be allowed to do this• If it is allowed to do so, the OS will control the underlying machine
rather than the VMM
• The VMM must intercept privileged operations from OSes andretain control of the machine
![Page 37: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/37.jpg)
Privileged Operations
• Things get more interesting when the running OS tries to performsome privileged operation
• For instance, on a system with a software-managed TLB, the OSuses privileged instructions to update the TLB
• In a virtualized environment, the OS cannot be allowed to do this• If it is allowed to do so, the OS will control the underlying machine
rather than the VMM
• The VMM must intercept privileged operations from OSes andretain control of the machine
![Page 38: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/38.jpg)
System Calls
• The VMM needs to intercept all system calls, such as open(),read(), and fork()
• On physical hardware a system call is achieved through a specialinstruction
• trap in case of MIPS and int 0x80 in case of x86
• For instance, the open() system call takes three arguments:int open(char *path, int flags, mode_tmode)
• The system call number for open() is 5
![Page 39: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/39.jpg)
System Calls
• The VMM needs to intercept all system calls, such as open(),read(), and fork()
• On physical hardware a system call is achieved through a specialinstruction
• trap in case of MIPS and int 0x80 in case of x86
• For instance, the open() system call takes three arguments:int open(char *path, int flags, mode_tmode)
• The system call number for open() is 5
![Page 40: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/40.jpg)
System Calls
• The VMM needs to intercept all system calls, such as open(),read(), and fork()
• On physical hardware a system call is achieved through a specialinstruction
• trap in case of MIPS and int 0x80 in case of x86
• For instance, the open() system call takes three arguments:int open(char *path, int flags, mode_tmode)
• The system call number for open() is 5
![Page 41: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/41.jpg)
System Calls
• The VMM needs to intercept all system calls, such as open(),read(), and fork()
• On physical hardware a system call is achieved through a specialinstruction
• trap in case of MIPS and int 0x80 in case of x86
• For instance, the open() system call takes three arguments:int open(char *path, int flags, mode_tmode)
• The system call number for open() is 5
![Page 42: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/42.jpg)
System Calls
• The VMM needs to intercept all system calls, such as open(),read(), and fork()
• On physical hardware a system call is achieved through a specialinstruction
• trap in case of MIPS and int 0x80 in case of x86
• For instance, the open() system call takes three arguments:int open(char *path, int flags, mode_tmode)
• The system call number for open() is 5
![Page 43: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/43.jpg)
Code: open
open:push dword modepush dword flagspush dword pathmov eax, 5push eaxint 80h
![Page 44: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/44.jpg)
Normal System Call Flow
Process Operating System1. System call: Trap to OS
2. OS trap handler:Decode trap and execute appro-priate syscall routeWhen done: Return from trap
3. Resume execution(@PC after trap)
![Page 45: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/45.jpg)
System Call Flow with Virtualization
Process Operating System VMM1. System call: Trapto OS
2. Process trapped:Call OS trap han-dler (at reduced priv-ilege)
3. OS trap handler:Decode trap and ex-ecute syscallWhen done: issuereturn-from-trap
![Page 46: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/46.jpg)
System Call Flow with Virtualization (2)
Process Operating System VMM4. OS tried returnfrom trap:Do real return fromtrap
5. Resume execu-tion(@PC after trap)
![Page 47: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/47.jpg)
System Call Implications
• Increase in number of instructions so slower system calls
• Which mode should the OS run in?• Cannot run in a privileged mode any longer, because it would
have unrestricted access to the hardware!
• In case of MIPS, it would run in the supervisor mode• No access to privileged instructions but more memory
• In case of x86, the guest OS runs in ring 1 while the VMM runs inring 0
• What if the hardware has no extra modes?• The OS runs in user mode and the VMM uses memory protection
(page tables and TLBs) to protect OS data structures
![Page 48: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/48.jpg)
System Call Implications
• Increase in number of instructions so slower system calls• Which mode should the OS run in?
• Cannot run in a privileged mode any longer, because it wouldhave unrestricted access to the hardware!
• In case of MIPS, it would run in the supervisor mode• No access to privileged instructions but more memory
• In case of x86, the guest OS runs in ring 1 while the VMM runs inring 0
• What if the hardware has no extra modes?• The OS runs in user mode and the VMM uses memory protection
(page tables and TLBs) to protect OS data structures
![Page 49: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/49.jpg)
System Call Implications
• Increase in number of instructions so slower system calls• Which mode should the OS run in?
• Cannot run in a privileged mode any longer, because it wouldhave unrestricted access to the hardware!
• In case of MIPS, it would run in the supervisor mode• No access to privileged instructions but more memory
• In case of x86, the guest OS runs in ring 1 while the VMM runs inring 0
• What if the hardware has no extra modes?• The OS runs in user mode and the VMM uses memory protection
(page tables and TLBs) to protect OS data structures
![Page 50: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/50.jpg)
System Call Implications
• Increase in number of instructions so slower system calls• Which mode should the OS run in?
• Cannot run in a privileged mode any longer, because it wouldhave unrestricted access to the hardware!
• In case of MIPS, it would run in the supervisor mode
• No access to privileged instructions but more memory
• In case of x86, the guest OS runs in ring 1 while the VMM runs inring 0
• What if the hardware has no extra modes?• The OS runs in user mode and the VMM uses memory protection
(page tables and TLBs) to protect OS data structures
![Page 51: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/51.jpg)
System Call Implications
• Increase in number of instructions so slower system calls• Which mode should the OS run in?
• Cannot run in a privileged mode any longer, because it wouldhave unrestricted access to the hardware!
• In case of MIPS, it would run in the supervisor mode• No access to privileged instructions but more memory
• In case of x86, the guest OS runs in ring 1 while the VMM runs inring 0
• What if the hardware has no extra modes?• The OS runs in user mode and the VMM uses memory protection
(page tables and TLBs) to protect OS data structures
![Page 52: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/52.jpg)
System Call Implications
• Increase in number of instructions so slower system calls• Which mode should the OS run in?
• Cannot run in a privileged mode any longer, because it wouldhave unrestricted access to the hardware!
• In case of MIPS, it would run in the supervisor mode• No access to privileged instructions but more memory
• In case of x86, the guest OS runs in ring 1 while the VMM runs inring 0
• What if the hardware has no extra modes?• The OS runs in user mode and the VMM uses memory protection
(page tables and TLBs) to protect OS data structures
![Page 53: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/53.jpg)
System Call Implications
• Increase in number of instructions so slower system calls• Which mode should the OS run in?
• Cannot run in a privileged mode any longer, because it wouldhave unrestricted access to the hardware!
• In case of MIPS, it would run in the supervisor mode• No access to privileged instructions but more memory
• In case of x86, the guest OS runs in ring 1 while the VMM runs inring 0
• What if the hardware has no extra modes?
• The OS runs in user mode and the VMM uses memory protection(page tables and TLBs) to protect OS data structures
![Page 54: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/54.jpg)
System Call Implications
• Increase in number of instructions so slower system calls• Which mode should the OS run in?
• Cannot run in a privileged mode any longer, because it wouldhave unrestricted access to the hardware!
• In case of MIPS, it would run in the supervisor mode• No access to privileged instructions but more memory
• In case of x86, the guest OS runs in ring 1 while the VMM runs inring 0
• What if the hardware has no extra modes?• The OS runs in user mode and the VMM uses memory protection
(page tables and TLBs) to protect OS data structures
![Page 55: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/55.jpg)
Virtual Memory
• OSes virtualize physical memory to give each process the illusionof a private address space
• In case of virtualization, need to add another layer of virtualmemory
• The three-tier hierarchy: virtual memory, physical memory, andmachine memory
• The OS maps virtual-to-physical addresses via its per-processpage tables
• The VMM maps the resulting physical mappings to underlyingmachine addresses via its per-OS page tables
![Page 56: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/56.jpg)
Virtual Memory
• OSes virtualize physical memory to give each process the illusionof a private address space
• In case of virtualization, need to add another layer of virtualmemory
• The three-tier hierarchy: virtual memory, physical memory, andmachine memory
• The OS maps virtual-to-physical addresses via its per-processpage tables
• The VMM maps the resulting physical mappings to underlyingmachine addresses via its per-OS page tables
![Page 57: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/57.jpg)
Virtual Memory
• OSes virtualize physical memory to give each process the illusionof a private address space
• In case of virtualization, need to add another layer of virtualmemory
• The three-tier hierarchy: virtual memory, physical memory, andmachine memory
• The OS maps virtual-to-physical addresses via its per-processpage tables
• The VMM maps the resulting physical mappings to underlyingmachine addresses via its per-OS page tables
![Page 58: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/58.jpg)
Virtual Memory
• OSes virtualize physical memory to give each process the illusionof a private address space
• In case of virtualization, need to add another layer of virtualmemory
• The three-tier hierarchy: virtual memory, physical memory, andmachine memory
• The OS maps virtual-to-physical addresses via its per-processpage tables
• The VMM maps the resulting physical mappings to underlyingmachine addresses via its per-OS page tables
![Page 59: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/59.jpg)
Virtual Memory
• OSes virtualize physical memory to give each process the illusionof a private address space
• In case of virtualization, need to add another layer of virtualmemory
• The three-tier hierarchy: virtual memory, physical memory, andmachine memory
• The OS maps virtual-to-physical addresses via its per-processpage tables
• The VMM maps the resulting physical mappings to underlyingmachine addresses via its per-OS page tables
![Page 60: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/60.jpg)
VMM Memory Virtualization
![Page 61: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/61.jpg)
Normal TLB Miss Flow
Process Operating System1. Load from memory:TLB miss: Trap
2. OS TLB miss handler:Extract VPN from VA;Do page table lookup;If present and valid:get PFN, update TLB;Return from trap
3. Resume execution(@PC of trapping instruction);Instruction is retried;Results in TLB hit
![Page 62: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/62.jpg)
TLB Miss Flow with Virtualization
Process Operating System VMM1. Load from mem-oryTLB miss: Trap
2. VMM TLB misshandler:Call into OS TLBhandler(reduced privilege)
3. OS TLB miss handler:Extract VPN from VA;Do page table lookup;If present and valid:get PFN, update TLB
![Page 63: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/63.jpg)
TLB Miss Flow with Virtualization (2)
Process Operating System VMM4. Trap handler:Unprivileged code tryingto update the TLB;OS is trying to installVPN-to-PFN mapping;Update TLB instead withVPN-to-MFN (privileged);Jump back to OS(reducing privilege)
5. Return from trap
![Page 64: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/64.jpg)
TLB Miss Flow with Virtualization (3)
Process Operating System VMM6. Trap handler:Unprivileged code try-ingto return from a trap;Return from trap
7. Resume execution(@PC of instruction);Instruction is retried;Results in TLB hit
![Page 65: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/65.jpg)
Virtual Memory Implications
• Similar to system calls, virtualized virtual memory consists ofmore instructions and is hence slower
• To deal with this overhead, VMMs implement “software TLB”
• Every virtual-to-physical mapping is recorded by the VMM withinthis data structure
• In case of a TLB miss, the VMM first consults this software TLB
• If the translation is found, the VMM simply installs thevirtual-to-machine mapping directly into the hardware TLB
![Page 66: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/66.jpg)
Virtual Memory Implications
• Similar to system calls, virtualized virtual memory consists ofmore instructions and is hence slower
• To deal with this overhead, VMMs implement “software TLB”
• Every virtual-to-physical mapping is recorded by the VMM withinthis data structure
• In case of a TLB miss, the VMM first consults this software TLB
• If the translation is found, the VMM simply installs thevirtual-to-machine mapping directly into the hardware TLB
![Page 67: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/67.jpg)
Virtual Memory Implications
• Similar to system calls, virtualized virtual memory consists ofmore instructions and is hence slower
• To deal with this overhead, VMMs implement “software TLB”
• Every virtual-to-physical mapping is recorded by the VMM withinthis data structure
• In case of a TLB miss, the VMM first consults this software TLB
• If the translation is found, the VMM simply installs thevirtual-to-machine mapping directly into the hardware TLB
![Page 68: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/68.jpg)
Virtual Memory Implications
• Similar to system calls, virtualized virtual memory consists ofmore instructions and is hence slower
• To deal with this overhead, VMMs implement “software TLB”
• Every virtual-to-physical mapping is recorded by the VMM withinthis data structure
• In case of a TLB miss, the VMM first consults this software TLB
• If the translation is found, the VMM simply installs thevirtual-to-machine mapping directly into the hardware TLB
![Page 69: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/69.jpg)
Virtual Memory Implications
• Similar to system calls, virtualized virtual memory consists ofmore instructions and is hence slower
• To deal with this overhead, VMMs implement “software TLB”
• Every virtual-to-physical mapping is recorded by the VMM withinthis data structure
• In case of a TLB miss, the VMM first consults this software TLB
• If the translation is found, the VMM simply installs thevirtual-to-machine mapping directly into the hardware TLB
![Page 70: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/70.jpg)
Information Gap
• The OS does not know too much about what the applicationprograms really want
• Must make general “one-size-fits-all” policies
• Similarly, the VMM does not know too much about what the OS isdoing or wanting
• This lack of knowledge, is dubbed as the information gapbetween the VMM and the OS
![Page 71: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/71.jpg)
Information Gap
• The OS does not know too much about what the applicationprograms really want
• Must make general “one-size-fits-all” policies
• Similarly, the VMM does not know too much about what the OS isdoing or wanting
• This lack of knowledge, is dubbed as the information gapbetween the VMM and the OS
![Page 72: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/72.jpg)
Information Gap
• The OS does not know too much about what the applicationprograms really want
• Must make general “one-size-fits-all” policies
• Similarly, the VMM does not know too much about what the OS isdoing or wanting
• This lack of knowledge, is dubbed as the information gapbetween the VMM and the OS
![Page 73: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/73.jpg)
Information Gap
• The OS does not know too much about what the applicationprograms really want
• Must make general “one-size-fits-all” policies
• Similarly, the VMM does not know too much about what the OS isdoing or wanting
• This lack of knowledge, is dubbed as the information gapbetween the VMM and the OS
![Page 74: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/74.jpg)
Information Gap (2)
• What if the OS is in a busy loop?
• In case of virtualization, if there is another OS which is doingsomething useful then the VMM should give it more resources asopposed to the one which is in a busy loop
• Similarly, pages need to be zeroed before being mapped into aprocess’s address space
• In case of virtualization, this would be redundantly done twice:Once by the VMM and then again by the OS
• Two solutions exist to this problem:1 Implicit information: The OS can implicitly try to figure out the
behaviour of each OS2 Paravirtualization: The guest OSes need to be modified to be
made aware of virtualization
![Page 75: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/75.jpg)
Information Gap (2)
• What if the OS is in a busy loop?
• In case of virtualization, if there is another OS which is doingsomething useful then the VMM should give it more resources asopposed to the one which is in a busy loop
• Similarly, pages need to be zeroed before being mapped into aprocess’s address space
• In case of virtualization, this would be redundantly done twice:Once by the VMM and then again by the OS
• Two solutions exist to this problem:1 Implicit information: The OS can implicitly try to figure out the
behaviour of each OS2 Paravirtualization: The guest OSes need to be modified to be
made aware of virtualization
![Page 76: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/76.jpg)
Information Gap (2)
• What if the OS is in a busy loop?
• In case of virtualization, if there is another OS which is doingsomething useful then the VMM should give it more resources asopposed to the one which is in a busy loop
• Similarly, pages need to be zeroed before being mapped into aprocess’s address space
• In case of virtualization, this would be redundantly done twice:Once by the VMM and then again by the OS
• Two solutions exist to this problem:1 Implicit information: The OS can implicitly try to figure out the
behaviour of each OS2 Paravirtualization: The guest OSes need to be modified to be
made aware of virtualization
![Page 77: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/77.jpg)
Information Gap (2)
• What if the OS is in a busy loop?
• In case of virtualization, if there is another OS which is doingsomething useful then the VMM should give it more resources asopposed to the one which is in a busy loop
• Similarly, pages need to be zeroed before being mapped into aprocess’s address space
• In case of virtualization, this would be redundantly done twice:Once by the VMM and then again by the OS
• Two solutions exist to this problem:1 Implicit information: The OS can implicitly try to figure out the
behaviour of each OS2 Paravirtualization: The guest OSes need to be modified to be
made aware of virtualization
![Page 78: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/78.jpg)
Information Gap (2)
• What if the OS is in a busy loop?
• In case of virtualization, if there is another OS which is doingsomething useful then the VMM should give it more resources asopposed to the one which is in a busy loop
• Similarly, pages need to be zeroed before being mapped into aprocess’s address space
• In case of virtualization, this would be redundantly done twice:Once by the VMM and then again by the OS
• Two solutions exist to this problem:
1 Implicit information: The OS can implicitly try to figure out thebehaviour of each OS
2 Paravirtualization: The guest OSes need to be modified to bemade aware of virtualization
![Page 79: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/79.jpg)
Information Gap (2)
• What if the OS is in a busy loop?
• In case of virtualization, if there is another OS which is doingsomething useful then the VMM should give it more resources asopposed to the one which is in a busy loop
• Similarly, pages need to be zeroed before being mapped into aprocess’s address space
• In case of virtualization, this would be redundantly done twice:Once by the VMM and then again by the OS
• Two solutions exist to this problem:1 Implicit information: The OS can implicitly try to figure out the
behaviour of each OS
2 Paravirtualization: The guest OSes need to be modified to bemade aware of virtualization
![Page 80: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/80.jpg)
Information Gap (2)
• What if the OS is in a busy loop?
• In case of virtualization, if there is another OS which is doingsomething useful then the VMM should give it more resources asopposed to the one which is in a busy loop
• Similarly, pages need to be zeroed before being mapped into aprocess’s address space
• In case of virtualization, this would be redundantly done twice:Once by the VMM and then again by the OS
• Two solutions exist to this problem:1 Implicit information: The OS can implicitly try to figure out the
behaviour of each OS2 Paravirtualization: The guest OSes need to be modified to be
made aware of virtualization
![Page 81: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/81.jpg)
Today’s task
• Design paravirtualization hooks for xv6
![Page 82: AOS Lab 11: Virtualization](https://reader034.vdocuments.mx/reader034/viewer/2022052410/546c91d4b4af9f842c8b5143/html5/thumbnails/82.jpg)
Reading(s)
• Section “Virtual Machine Monitors” from “Operating Systems:Three Easy Pieces” by Remzi H. Arpaci-Dusseau and Andrea C.Arpaci-Dusseau. Online: http://pages.cs.wisc.edu/~remzi/OSTEP/vmm-intro.pdf