Presentation is loading. Please wait.

Presentation is loading. Please wait.

AMD Virtualization Technology Directions

Published byTravon Joynes Modified over 10 years ago

Similar presentations

Presentation on theme: "AMD Virtualization Technology Directions"— Presentation transcript:

1 AMD Virtualization Technology Directions
Andy Kegel, Sr. MTS Mark Hummel, AMD Fellow Computer Products Group AMD © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

2 Agenda Server consolidation Security policy enforcement
4/2/2017 1:34 AM Agenda Server consolidation Virtualization is successful, further advancements are needed Processor improvements for performance I/O virtualization for performance Device isolation for improved RAS Security policy enforcement Secure initialization Emerging technologies PCI-SIG IOV Torrenza © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

3 Server Consolidation Today
4/2/2017 1:34 AM Server Consolidation Today Too many servers: Hot and underutilized Server virtualization consolidates many systems onto one Successful consolidation of systems with low-moderate CPU utilization and low I/O loads © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

4 Server Consolidation Tomorrow
4/2/2017 1:34 AM Server Consolidation Tomorrow Next challenges Address systems with high CPU utilization Address systems with high I/O loads Use hypervisor to improve scalability of workloads Thin client example Virtual clients on servers connected to thin clients, smart-phones, or Windows Vista™ enabled traditional client devices Commercial example Virtual CPU rental by the gigabyte-hour Virtual storage rental by the gigabyte-month Resource sharing  security requirements © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

5 Multiple Cores Mean Less Hardware
4/2/2017 1:34 AM Multiple Cores Mean Less Hardware Lots of single-core systems What about all the I/O that now routes through the single I/O subsystem? consolidate CPU improvements drive system consolidation I/O demands concentrate Need significant overhead reductions to allow continued consolidation © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

6 Virtualization Ideal More changes ahead
4/2/2017 1:34 AM Virtualization Ideal More changes ahead Zero Overhead video1 Proc+ NPT SW I/O+ IOMMU AMD-V © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

7 AMD Virtualization™ Roadmap
Enhancements: Processor AMD-V Multi-core NPT World switch Perf counters NPT+ World switch+ Hv assists+ World switch++ I/O System Timeline IOMMU Interrupt+ Virtualized devices PCI-SIG IOV 2007  © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

8 Enhancements In “Barcelona” Processor
4/2/2017 1:34 AM Enhancements In “Barcelona” Processor Nested Page Tables (NPT) To reduce hypervisor complexity and time To improve guest performance (workload) Caching of the nested page table Speed improvements for world switches Optimization over time Performance counters For hypervisor tuning and virtualization of guest performance counters © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

9 Fewer Intercepts With NPT Shadow Page Tables Are Costly
4/2/2017 1:34 AM Fewer Intercepts With NPT Shadow Page Tables Are Costly Intercepts due to Shadow Page Tables ~80% Intercepts remaining with Nested Page Tables ~20% © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

10 World Switch Times Measured and simulated values
4/2/2017 1:34 AM World Switch Times Measured and simulated values Note: Future values are based on simulations and models © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

11 I/O Virtualization Topology
4/2/2017 1:34 AM I/O Virtualization Topology HT Device DRAM ATC Tunnel ATC PCIe bridge optional remote ATC HT CPU IOMMU PCIe bridge PCI Express™ devices, switches PCIe bridge HT ATC CPU IOMMU IO Hub DRAM ATC = Address Translation Cache (ATC a.k.a. IOTLB) HT = HyperTransport™ link PCIe = PCI Express™ link PCI, LPC, etc © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

12 IOMMU Function Summary
4/2/2017 1:34 AM IOMMU Function Summary Address translation and memory protection Isolation is key to security protections Restrict I/O devices to access only allowed memory, preventing “wild” writes and “sneak peeks” Direct assignment of I/O device to VM guest increases I/O efficiency I/O devices can use same address space as VM guest, reducing hypervisor intervention Simplify I/O devices by eliminating scatter/gather logic Interrupt remapping Efficiently route and block interrupts Support new PCI-SIG I/O Virtualization (IOV) specifications © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

13 Overview And Fly-By Overview IOMMU use models
4/2/2017 1:34 AM Overview And Fly-By Overview IOMMU use models Fly-by updates and interrupts Review at your leisure Visit AMD booth or contact authors © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

14 IOMMU Role In System Application Application Application MMU RAM IOMMU
Peripheral Application Application Application Peripheral IOMMU System Software Peripheral control © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

15 I/O bottleneck illustrated
4/2/2017 1:34 AM I/O bottleneck illustrated MMU RAM Peripheral VM Guest 1 VM Guest 2 VM Guest 3 Peripheral Parent VM 0 Peripheral Hypervisor I/O requests control I/O requests © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

16 I/O Device Assignment VM Guest 1 VM Guest 2 VM Guest 3 Parent VM 0
4/2/2017 1:34 AM I/O Device Assignment MMU RAM Peripheral VM Guest 1 Process OS VM 1 VM Guest 2 Process VM Guest 3 Peripheral IOMMU Parent VM 0 Peripheral Hypervisor control © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

17 Device Protection No virtualization
4/2/2017 1:34 AM Device Protection No virtualization MMU RAM Peripheral Process 1 Process 2 Process 3 Peripheral IOMMU Operating System (kernel) Peripheral buffers IO control © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

18 Translation Data Structures Example with level skipping
63 58 57 48 47 39 38 30 29 21 20 b b Level-4 Page Table Offset b Level-2 Page Table Offset Physical Page Offset Final Level 1 Skipped 2M Super page Level-4 Table Level-2 Table Levels Skipped¹ 2 MB Page 9 9 21 0h 52 52 PDE 2h PDE 0h Physical Address 63 52 51 12 11 9 8 Starting Level Level 4 Page Table Address 4h 1The Virtual Address bits associates with all skipped levels must be zero © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

19 IOMMU Revision 1.2 Additions since Revision 1.0
4/2/2017 1:34 AM IOMMU Revision 1.2 Additions since Revision 1.0 Interrupt remapping defined System interrupt filtering added System address controls refined IntCtl expanded (interrupts) IoCtl expanded (port I/O) SysMgt expanded (e.g., VID/FID) ACPI definitions © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

20 IOMMU Interrupt Remapping
4/2/2017 1:34 AM IOMMU Interrupt Remapping Centralize control for interrupt redirection Tool for optimizing interrupts to processor that initiated I/O operations Validate all interrupts based on source To eliminate performance degradation from classes of device or driver failures To prevent denial of service attacks from classes of devices or guests gone rogue Support for future tableless mode of interrupts Reduces implementation cost of device by moving HW registers to memory Enables MSI interrupts to be routed to different guests Intelligent compression of interrupts by hypervisor © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

21 IOMMU Interrupt Remapping
4/2/2017 1:34 AM IOMMU Interrupt Remapping XXXXXb MSI Data[10:0] Device table entry controls remap Output vector = f(device ID, input vector) Remap vector number, destination, mode Interrupt Remapping Table 11 IRTE Interrupt Message Interrupt Remapping Table Address DeviceID Device Table Entry © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

22 IOMMU interrupt controls
4/2/2017 1:34 AM IOMMU interrupt controls Devices Fixed & Arbitrated Interrupts INIT Lint1 SMI NMI Lint0 ExtInt (block/pass) (block/pass/remap) IOMMU INIT Lint1 Fixed and Arbitrated NMI Lint0 ExtInt Processor(s) © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

23 Special Memory Range Controls
4/2/2017 1:34 AM Special Memory Range Controls Special memory ranges E.g., port I/O, VID/FID Operation controls Block access Allow original access Translate system management address to memory address Translate port I/O address to memory address © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

24 IOMMU ACPI Communicate to system software
4/2/2017 1:34 AM IOMMU ACPI Communicate to system software IOMMU units present in system Feature overrides Topology information Which IOMMU translates for which devices Memory access requirements for I/O Exclusion ranges (not translated, e.g., UMA) Blackout ranges (not accessible by processor) Universal ranges (always accessible, e.g., SMM) © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

25 Secure Initialization
4/2/2017 1:34 AM Secure Initialization Secure initialization ensures Processor is in known-good state Loaded image conforms to owner’s policy Platform hardware requirements AMD Virtualization™ (Rev. F or better) Trusted Computing Group (TCG) Trusted Platform Module (TPM) V1.2 Standards conformant – DRTM AMD contributed S.I. specification to TCG TCG specification expected later this year © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

26 Secure Init Example Protected content Secure Initialization and DRTM
MMU Guest OS 1 RAM Protected content The movie goes through memory - how do you prevent copying? Secure Initialization and DRTM Chain-of-trust verifies each piece of software as it loads Protects each piece of software Can block hyper-rootkit TPM Guest OS 2 (playback) deviceX IOMMU Secure Hypervisor video movie buffers Hypervisor and Guest OS 2 run known-good software Can use IOMMU to block deviceX © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

27 Initialization Sequence AMD-V™ architecture
TPM Power on Secure Loader (SL), Configuration Verification Modules (CV), and Hypervisor put into Memory TPM PCR Updates SL is copied to TPM by hardware and Hash of SL is calculated and Stored in a TPM PCR Save State of environment as needed Stop active I/O and stop other CPUs CV Validates Configuration SKINIT Instruction HV Init Reload saved environment as needed SL Validates and loads CV SL Measures HV © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

28 CV Software Components
4/2/2017 1:34 AM CV Software Components © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

29 CV Details SKINIT instruction SL1 – secure loader SL2 – secure loader
4/2/2017 1:34 AM CV Details SKINIT instruction SL1 – secure loader SL2 – secure loader CV – configuration verification OL – OS loader Secure kernel – a kernel that continues the chain of trust This software stack is virtualizable © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

30 Future directions PCI-SIG IOV
4/2/2017 1:34 AM Future directions PCI-SIG IOV Address Translation Services (ATS) Separates IOMMU table walker from TLB Defines remote TLB semantics Creates a scalable solution for IO address remapping Single Root Device Virtualization (SR-IOV) Make direct device attachment to Guest OS more cost effective Standardizes framework for virtualizing device controllers Reduces device implementation cost Maintains device driver investment Multi-root Fabric Virtualization (MR-IOV) Creates shared IO fabric for blade servers Root port transparency minimizes impact on software Multi-plane approach creates per root port virtual view of fabric Multi-channel overlays provide isolation between root ports © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

31 Device Virtualization Bottleneck
4/2/2017 1:34 AM Device Virtualization Bottleneck Every request that initiates DMA must be validated Guest must not be allowed to peek at or modify content of other guest’s memory Currently done via Hypervisor intercepts/calls and SW emulation Reduces throughput Increases compute resource overhead © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

32 Device Virtualization Direct device assignment
4/2/2017 1:34 AM Device Virtualization Direct device assignment Key to removing bottleneck Eliminate intercepts and emulation Per-device DMA address translation and validation Per-device interrupt routing IOMMU is a required element SR and MR IOV work presumes the presence of an IOMMU DMA remapping Interrupt remapping © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

33 Device Virtualization HW device virtualization
4/2/2017 1:34 AM Device Virtualization HW device virtualization PF: Physical Function VF: Virtual Function VF4 VF3 Device (virtualized) VF2 VF1 PF Device implements many virtual functions Each function assigned a unique Bus-Device-Function tuple (BDF) Each Function can be assigned to a separate guest VM Device tags DMA and interrupt transactions with BDF Each Function can be isolated and access only the assigned guest VM © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

34 Device Virtualization Role of the IOMMU
4/2/2017 1:34 AM Device Virtualization Role of the IOMMU Guest VM Guest VM Guest VM partition I/O Guest VM Guest VM Guest VM partition I/O hypervisor IOMMU hypervisor shared I/O requests routed direct to device No hypervisor intervention IOMMU enforces isolation All I/O requests are routed through I/O partition and via hypervisor © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

35 Fabric Virtualization Multi-rooted physical view
4/2/2017 1:34 AM Fabric Virtualization Multi-rooted physical view RC IOMMU CPU RC IOMMU CPU Multi-root Fabric LAN Controller Storage Controller Shared multi-planar IO fabric Dynamic assignment of functions to RC Multi-channel resources provide isolation between RC © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

36 Fabric Virtualization Multi-rooted logical view
4/2/2017 1:34 AM Fabric Virtualization Multi-rooted logical view CPU CPU Each RC has a distinct and disjoint view of fabric Each RC only sees devices it is assigned HW enforces isolation in fabric IOMMU enforces isolation within RC IOMMU RC Virtual Switch LAN Controller Storage Controller © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

37 Future Directions AMD Torrenza
Framework for connecting discrete accelerators Extended hooks into system Extensions optimized for BW and Latency Framework for new class of high performance devices Sophisticated communication and computation offload engines Broad Umbrella Embraces both HyperTransport and PCI-Express © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

38 Torrenza Examples Stream Computing Accelerators
Lightweight Computational Elements High Speed Local Memory (Stream Register File) Sophisticated Data Mover Heterogeneous Multi-processing Accelerators Many Lightweight Compute Elements (“many core”) Multiple Coherence Domains Low Latency Communication/Synchronization Shared Virtual Address Space Among Elements/CPU Communication/Messaging Based Accelerators Intelligent protocol offload Direct user space I/O © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

39 Torrenza Device-resident IOMMU
4/2/2017 1:34 AM Torrenza Device-resident IOMMU CE: Compute Element Accelerator CE CE CPU/NB CPU IOMMU X X MEM MEM IOMMU resident on accelerator Provides translation and protection for all CE accesses © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

40 Torrenza Centralized IOMMU with ATS
4/2/2017 1:34 AM Torrenza Centralized IOMMU with ATS CE: Compute Element ATC: Address Translation Cache Accelerator CE CE CPU/NB CPU ATC X IOMMU X MEM MEM IOMMU/ATC provides translation and protection for all CE accesses Table walker is external to accelerator IOTLB resident on accelerator © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

41 Torrenza IOMMU Key Element
4/2/2017 1:34 AM Torrenza IOMMU Key Element Isolation Access control for accelerator requests Supports multi-context accelerator Virtualization Support Maps accesses from guest to host addresses Direct context to Guest OS assignment Shared virtual address space Maps accelerator accesses from guest virtual to host physical address Direct accelerator to application communication Supports accelerator page faults Need for page-pinning eliminated © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

42 Jumpstart Development
4/2/2017 1:34 AM Jumpstart Development SimNow!™ Software Simulator SimNow!™ software is designed to be faster than other x86 simulators Its speed comes from using dynamic translation and in not attempting to model fine detail. SimNow! models the entire PC platform. SimNow models specific chipsets and functionality An unmodified BIOS and OS boot and run correctly SimNow! software is configurable, and is designed to emulate about a dozen different AMD Athlon™ 64 and AMD Opteron™ processor- based platforms Multi-core processors, IOMMU, and TPM models available SimNow! is licensed by AMD under specific terms and conditions © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

43 Call To Action Chipsets with AMD IOMMU Revision 1.2
Platforms with AMD IOMMU and TPM Firmware support for AMD IOMMU Firmware support for industry-standard secure initialization Peripheral support for PCI-SIG virtualization and PCI-IOV for direct device-assignment © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

44 Andrew.Kegel @ amd.com, mark.hummel @amd.com
Additional Resources Web Resources Specs: IOMMU (search for IOMMU) Torrenza: Developers: SimNow!™: TCG: PCI-SIG: Related Sessions Implementing PCI I/O Virtualization Standards Based Designs Interactive Discussion on PCI IOV Usage Models and Implementation Considerations For addresses Contact: amd.com, © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

45 4/2/2017 1:34 AM Questions V1.04 © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Download ppt "AMD Virtualization Technology Directions"

Similar presentations

Content Overview Virtual Disk Port to Intel platform

Content Overview Virtual Disk Port to Intel platform
Hardware-assisted Virtualization

Hardware-assisted Virtualization
Virtualization Dr. Michael L. Collard

Virtualization Dr. Michael L. Collard
Virtualization Technology

Virtualization Technology
Virtualisation From the Bottom Up From storage to application.

Virtualisation From the Bottom Up From storage to application.
System Area Network Abhiram Shandilya 12/06/01. Overview Introduction to System Area Networks SAN Design and Examples SAN Applications.

System Area Network Abhiram Shandilya 12/06/01. Overview Introduction to System Area Networks SAN Design and Examples SAN Applications.
Fluffy’s Safe Right? If you want to limit a user’s functionality, don’t make them an administrator.

Fluffy’s Safe Right? If you want to limit a user’s functionality, don’t make them an administrator.
1/1/ / faculty of Electrical Engineering eindhoven university of technology Architectures of Digital Information Systems Part 1: Interrupts and DMA dr.ir.

1/1/ / faculty of Electrical Engineering eindhoven university of technology Architectures of Digital Information Systems Part 1: Interrupts and DMA dr.ir.
1/1/ / faculty of Electrical Engineering eindhoven university of technology Introduction Part 3: Input/output and co-processors dr.ir. A.C. Verschueren.

1/1/ / faculty of Electrical Engineering eindhoven university of technology Introduction Part 3: Input/output and co-processors dr.ir. A.C. Verschueren.
Threads, SMP, and Microkernels Chapter 4. Process Resource ownership - process is allocated a virtual address space to hold the process image Scheduling/execution-

Threads, SMP, and Microkernels Chapter 4. Process Resource ownership - process is allocated a virtual address space to hold the process image Scheduling/execution-
OS Spring ‘04 Paging and Virtual Memory Operating Systems Spring 2004.

OS Spring ‘04 Paging and Virtual Memory Operating Systems Spring 2004.
G22.3250-001 Robert Grimm New York University Disco.

G Robert Grimm New York University Disco.
Kevin Lim*, Jichuan Chang +, Trevor Mudge*, Parthasarathy Ranganathan +, Steven K. Reinhardt* †, Thomas F. Wenisch* June 23, 2009 Disaggregated Memory.

Kevin Lim*, Jichuan Chang +, Trevor Mudge*, Parthasarathy Ranganathan +, Steven K. Reinhardt* †, Thomas F. Wenisch* June 23, 2009 Disaggregated Memory.
Paging and Virtual Memory. Memory management: Review  Fixed partitioning, dynamic partitioning  Problems Internal/external fragmentation A process can.

Paging and Virtual Memory. Memory management: Review  Fixed partitioning, dynamic partitioning  Problems Internal/external fragmentation A process can.
Translation Buffers (TLB’s)

Translation Buffers (TLB’s)
Processes and Resources

Processes and Resources
Windows Server Scalability And Virtualized I/O Fabric For Blade Server

Windows Server Scalability And Virtualized I/O Fabric For Blade Server
Xen and the Art of Virtualization. Introduction  Challenges to build virtual machines Performance isolation  Scheduling priority  Memory demand  Network.

Xen and the Art of Virtualization. Introduction  Challenges to build virtual machines Performance isolation  Scheduling priority  Memory demand  Network.
Microsoft Virtual Academy Module 4 Creating and Configuring Virtual Machine Networks.

Microsoft Virtual Academy Module 4 Creating and Configuring Virtual Machine Networks.
虛擬化技術 Virtualization and Virtual Machines

虛擬化技術 Virtualization and Virtual Machines

Similar presentations

Ads by Google