Presentation is loading. Please wait.

Presentation is loading. Please wait.

E6998 - Virtual Machines Lecture 2 CPU Virtualization Scott Devine VMware, Inc.

Published byPriscilla Goodman Modified over 8 years ago

Similar presentations

Presentation on theme: "E6998 - Virtual Machines Lecture 2 CPU Virtualization Scott Devine VMware, Inc."— Presentation transcript:

1 E6998 - Virtual Machines Lecture 2 CPU Virtualization Scott Devine VMware, Inc.

2 Outline CPU Background Virtualization Techniques – System ISA Virtualization – Instruction Interpretation – Trap and Emulate – Binary Translation – Hybrid Models

3 Computer System Organization CPU MMU Memory Controller Local Bus Interface High-Speed I/O Bus NICControllerBridge Frame Buffer LAN Low-Speed I/O Bus USBCD-ROM

4 CPU Organization Instruction Set Architecture (ISA) Defines: – the state visible to the programmer registers and memory – the instruction that operate on the state ISA typically divided into 2 parts – User ISA Primarily for computation – System ISA Primarily for system resource management

5 User ISA - State User Virtual Memory Program Counter Condition Codes Reg 0 Reg 1 Reg n-1 FP 0 FP 1 FP n-1 Special-Purpose Registers General-Purpose Registers Floating Point Registers

6 User ISA – Instructions Add Sub And Compare … Load byte Load Word Store Multiple Push … Jump Jump equal Call Return … Add single Mult. double Sqrt double … IntegerMemoryControl FlowFloating Point FetchRegistersIssue Integer Memory FP Typical Instruction Pipeline Decode Instruction Groupings

7 System ISA Privilege Levels Control Registers Traps and Interrupts – Hardcoded Vectors – Dispatch Table System Clock MMU – Page Tables – TLB I/O Device Access System User Extension Kernel Level 0 Level 1 Level 2

8 Outline CPU Background Virtualization Techniques – System ISA Virtualization – Instruction Interpretation – Trap and Emulate – Binary Translation – Hybrid Models

9 Isomorphism Formally, virtualization involves the construction of an isomorphism from guest state to host state. Guest SiSi SjSj Host Si’Si’Sj’Sj’ e(S i ) e’(S i ’) V(S i )V(S j )

10 Virtualizing the System ISA Hardware needed by monitor – Ex: monitor must control real hardware interrupts Access to hardware would allow VM to compromise isolation boundaries – Ex: access to MMU would allow VM to write any page So… – All access to the virtual System ISA by the guest must be emulated by the monitor in software. – System state kept in memory. – System instructions are implemented as functions in the monitor.

11 Example: CPUState static struct { uint32 GPR[16]; uint32 LR; uint32 PC; int IE; int IRQ; } CPUState; void CPU_CLI(void) { CPUState.IE = 0; } void CPU_STI(void) { CPUState.IE = 1; } Goal for CPU virtualization techniques – Process normal instructions as fast as possible – Forward privileged instructions to emulation routines

12 Instruction Interpretation Emulate Fetch/Decode/Execute pipeline in software Postives – Easy to implement – Minimal complexity Negatives – Slow!

13 Example: Virtualizing the Interrupt Flag w/ Instruction Interpreter void CPU_Run(void) { while (1) { inst = Fetch(CPUState.PC); CPUState.PC += 4; switch (inst) { case ADD: CPUState.GPR[rd] = GPR[rn] + GPR[rm]; break; … case CLI: CPU_CLI(); break; case STI: CPU_STI(); break; } if (CPUState.IRQ && CPUState.IE) { CPUState.IE = 0; CPU_Vector(EXC_INT); } void CPU_CLI(void) { CPUState.IE = 0; } void CPU_STI(void) { CPUState.IE = 1; } void CPU_Vector(int exc) { CPUState.LR = CPUState.PC; CPUState.PC = disTab[exc]; }

14 Trap and Emulate Guest OS + Applications Virtual Machine Monitor Page Fault Undef Instr vIRQ MMU Emulation CPU Emulation I/O Emulation Unprivileged Privileged

15 “Strictly Virtualizable” A processor or mode of a processor is strictly virtualizable if, when executed in a lesser privileged mode: all instructions that access privileged state trap all instructions either trap or execute identically …

16 Issues with Trap and Emulate Not all architectures support it Trap costs may be high Monitor uses a privilege level – Need to virtualize the protection levels

17 Binary Translator Translator Guest Code Translation Cache Callouts TC Index CPU Emulation Routines

18 Basic Blocks vPC mov ebx, eax cli and ebx, ~0xfff mov ebx, cr3 sti ret Guest Code Straight-line code Control flow Basic Block

19 Binary Translation vPC mov ebx, eax cli and ebx, ~0xfff mov ebx, cr3 sti ret mov ebx, eax call HANDLE_CLI and ebx, ~0xfff mov [CO_ARG], ebx call HANDLE_CR3 call HANDLE_STI jmp HANDLE_RET start Guest CodeTranslation Cache

20 Binary Translation vPC mov ebx, eax cli and ebx, ~0xfff mov ebx, cr3 sti ret mov ebx, eax mov [CPU_IE], 0 and ebx, ~0xfff mov [CO_ARG], ebx call HANDLE_CR3 mov [CPU_IE], 1 test [CPU_IRQ], 1 jne call HANDLE_INTS jmp HANDLE_RET start Guest CodeTranslation Cache

21 Basic Binary Translator void BT_Run(void) { CPUState.PC = _start; BT_Continue(); } void BT_Continue(void) { void *tcpc; tcpc = BTFindBB(CPUState.PC); if (!tcpc) { tcpc = BTTranslate(CPUState.PC); } RestoreRegsAndJump(tcpc); } void *BTTranslate(uint32 pc) { void *start = TCTop; uint32 TCPC = pc; while (1) { inst = Fetch(TCPC); TCPC += 4; if (IsPrivileged(inst)) { EmitCallout(); } else if (IsControlFlow(inst)) { EmitEndBB(); break; } else { /* ident translation */ EmitInst(inst); } return start; }

22 Basic Binary Translator – Part 2 void BT_CalloutSTI(BTSavedRegs regs) { CPUState.PC = BTFindPC(regs.tcpc); CPUState.GPR[] = regs.GPR[]; CPU_STI(); CPUState.PC += 4; if (CPUState.IRQ && CPUState.IE) { CPUVector(); BT_Continue(); /* NOT_REACHED */ } return; }

23 Controlling Control Flow vEPC test eax, 1 jeq add ebx, 18 mov ecx, [ebx] mov [ecx], eax test eax, 1 jeq call END_BB start Guest CodeTranslation Cache ret

24 Controlling Control Flow vEPC test eax, 1 jeq add ebx, 18 mov ecx, [ebx] mov [ecx], eax test eax, 1 jeq call END_BB Guest CodeTranslation Cache ret add ebx, 18 mov ecx, [ebx] mov [ecx], eax call HANDLE_RET eax == 0 find next

25 Controlling Control Flow vEPC test eax, 1 jeq add ebx, 18 mov ecx, [ebx] mov [ecx], eax test eax, 1 jeq jmp call END_BB Guest CodeTranslation Cache ret add ebx, 18 mov ecx, [ebx] mov [ecx], eax call HANDLE_RET eax == 0

26 Controlling Control Flow vEPC test eax, 1 jeq add ebx, 18 mov ecx, [ebx] mov [ecx], eax test eax, 1 jeq jmp call END_BB Guest CodeTranslation Cache ret add ebx, 18 mov ecx, [ebx] mov [ecx], eax call HANDLE_RET eax == 1 find next mov [ecx], eax call HANDLE_RET

27 Controlling Control Flow vEPC test eax, 1 jeq add ebx, 18 mov ecx, [ebx] mov [ecx], eax test eax, 1 jeq jmp Guest CodeTranslation Cache ret add ebx, 18 mov ecx, [ebx] mov [ecx], eax call HANDLE_RET eax == 1 mov [ecx], eax call HANDLE_RET

28 Issues with Binary Translation Translation cache index data structure PC Synchronization on interrupts Self-modifying code – Notified on writes to translated guest code

29 Other Uses for Binary Translation Cross ISA translators – Digital FX!32 Optimizing translators – H.P. Dynamo High level language byte code translators – Java –.NET/CLI

30 Hybrid Approach Binary Translation for the Kernel Direct Execution (Trap-and-emulate) for the User U.S. Patent 6,397,242 DirectExec OK? Direct Execution Jump to Guest PC Yes Execute In TC TC Validate Handle Priv. Instruction No Callout Trap

31 Homework 1 Binary Patching Binary Patching for profiling and code coverage – Process Virtualization – Patching code be compiled into program Follow execution by patching control flow instructions Patch instructions in-place – No need for translation or copying Instruction decoding need only determine – Length of instruction – Control flow points Callouts call through asm linkage – Saves EFLAGS – Saves registers – Calls C code

Download ppt "E6998 - Virtual Machines Lecture 2 CPU Virtualization Scott Devine VMware, Inc."

Similar presentations

Microprocessors General Features To be Examined For Each Chip Jan 24 th, 2002.

Microprocessors General Features To be Examined For Each Chip Jan 24 th, 2002.
E Virtual Machines Lecture 3 Memory Virtualization

E Virtual Machines Lecture 3 Memory Virtualization
© 2012 VMware Inc. All rights reserved CPU and Memory Virtualization Prashanth Bungale, Sr. Member of Technical Staff, Mobile Virtualization January 23.

© 2012 VMware Inc. All rights reserved CPU and Memory Virtualization Prashanth Bungale, Sr. Member of Technical Staff, Mobile Virtualization January 23.
Computer Organization and Architecture

Computer Organization and Architecture
Computer Organization and Architecture

Computer Organization and Architecture
OS2-1 Chapter 2 Computer System Structures. OS2-2 Outlines Computer System Operation I/O Structure Storage Structure Storage Hierarchy Hardware Protection.

OS2-1 Chapter 2 Computer System Structures. OS2-2 Outlines Computer System Operation I/O Structure Storage Structure Storage Hierarchy Hardware Protection.
1 Hardware and Software Architecture Chapter 2 n The Intel Processor Architecture n History of PC Memory Usage (Real Mode)

1 Hardware and Software Architecture Chapter 2 n The Intel Processor Architecture n History of PC Memory Usage (Real Mode)
X86 segmentation, page tables, and interrupts 3/17/08 Frans Kaashoek MIT

X86 segmentation, page tables, and interrupts 3/17/08 Frans Kaashoek MIT
PC hardware and x86 3/3/08 Frans Kaashoek MIT

PC hardware and x86 3/3/08 Frans Kaashoek MIT
Introduction to Virtual Machines

Introduction to Virtual Machines
Budapesti Műszaki és Gazdaságtudományi Egyetem Méréstechnika és Információs Rendszerek Tanszék Virtualization Zoltan Micskei

Budapesti Műszaki és Gazdaságtudományi Egyetem Méréstechnika és Információs Rendszerek Tanszék Virtualization Zoltan Micskei
© 2010 VMware Inc. All rights reserved Virtualization Based on materials from: Introduction to Virtual Machines by Carl Waldspurger Understanding Intel®

© 2010 VMware Inc. All rights reserved Virtualization Based on materials from: Introduction to Virtual Machines by Carl Waldspurger Understanding Intel®
E Virtual Machines Lecture 4 Device Virtualization

E Virtual Machines Lecture 4 Device Virtualization
General System Architecture and I/O.  I/O devices and the CPU can execute concurrently.  Each device controller is in charge of a particular device.

General System Architecture and I/O.  I/O devices and the CPU can execute concurrently.  Each device controller is in charge of a particular device.
This document is for informational purposes only, and Tekelec reserves the right to change any aspect of the products, features or functionality described.

This document is for informational purposes only, and Tekelec reserves the right to change any aspect of the products, features or functionality described.
Keith Adams, Ole Agesen 1st October 2009 Presented by Chwa Hoon Sung, Kang Joon Young A Comparison of Software and Hardware Techniques for x86 Virtualization.

Keith Adams, Ole Agesen 1st October 2009 Presented by Chwa Hoon Sung, Kang Joon Young A Comparison of Software and Hardware Techniques for x86 Virtualization.
6.828: PC hardware and x86 Frans Kaashoek

6.828: PC hardware and x86 Frans Kaashoek
IT253: Computer Organization Lecture 4: Instruction Set Architecture Tonga Institute of Higher Education.

IT253: Computer Organization Lecture 4: Instruction Set Architecture Tonga Institute of Higher Education.
Architecture Support for OS CSCI 444/544 Operating Systems Fall 2008.

Architecture Support for OS CSCI 444/544 Operating Systems Fall 2008.
2.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 2: Computer-System Structures Computer System Operation I/O Structure.

2.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 2: Computer-System Structures Computer System Operation I/O Structure.

Similar presentations

Ads by Google