a comparison of software and hardware a comparison of
play

A COMPARISON OF SOFTWARE AND HARDWARE A COMPARISON OF SOFTWARE AND - PowerPoint PPT Presentation

A COMPARISON OF SOFTWARE AND HARDWARE A COMPARISON OF SOFTWARE AND HARDWARE TECHNIQUES FOR X86 VIRTUALIZATION TECHNIQUES FOR X86 VIRTUALIZATION by Keith Adams, Ole by Keith Adams, Ole Ageson Ageson Presented by Michael Presented by Michael


  1. A COMPARISON OF SOFTWARE AND HARDWARE A COMPARISON OF SOFTWARE AND HARDWARE TECHNIQUES FOR X86 VIRTUALIZATION TECHNIQUES FOR X86 VIRTUALIZATION by Keith Adams, Ole by Keith Adams, Ole Ageson Ageson Presented by Michael Presented by Michael Wallner Wallner May 10 th th , Software Systems Seminar 2007 May 10 , Software Systems Seminar 2007 Department of Computer Sciences, University of Salzburg Department of Computer Sciences, University of Salzburg

  2. Content Content � Introduction Introduction � Virtualization Virtualization � Classical Classical � Software Software � Hardware Hardware � Comparison Comparison � Opportunities Opportunities � Conclusion Conclusion

  3. Introduction and Terminology Introduction and Terminology � Virtualization Virtualization � Virtual Machine Virtual Machine VM VM � Guest Guest APP APP APP APP � Virtual Machine Monitor Virtual Machine Monitor OS Kernel OS Kernel � Host Host � Motivation Motivation VMM � Resource utilization Resource utilization Hardware � Development Development � ... ...

  4. CLASSICAL VIRTUALIZATION CLASSICAL VIRTUALIZATION

  5. Classical Virtualization Classical Virtualization � Three essential characteristics ( Three essential characteristics (Popek Popek and Goldberg) and Goldberg) � Fidelity Fidelity – – runs any software runs any software � Performance Performance – – fairly fast fairly fast � Safety Safety – – VMM manages hardware VMM manages hardware � Trap Trap- -and and- -Emulate Emulate � Only real solution until recently Only real solution until recently

  6. De De- -Privileging Privileging � Read/Write privileged state Instruction Read/Write privileged state Instruction � Direct Execution but reduced privileged level Direct Execution but reduced privileged level � VMM intercepts traps and emulates VMM intercepts traps and emulates CPL 3 CPL 3 Applications Applications CPL 1 CPL 1 Operating System Operating System CPL 0 CPL 0 Virtual Machine Monitor Virtual Machine Monitor

  7. Shadow Structures Shadow Structures � Virtual state differs from physical state Virtual state differs from physical state � VMM provides basic Execution Environment VMM provides basic Execution Environment � Shadow Structures Shadow Structures � On On- -CPU privileged state CPU privileged state � Maintained as Image Maintained as Image � Off Off- -CPU privileged data CPU privileged data � Resides in Memory Resides in Memory

  8. Memory Traces Memory Traces � Use of hardware page protection mechanisms for Use of hardware page protection mechanisms for coherency of shadow structures coherency of shadow structures � Protection for memory Protection for memory- -mapped devices mapped devices � Handling a trace fault: Handling a trace fault: � Decode guest instruction Decode guest instruction � Emulate its effect in the primary structure Emulate its effect in the primary structure � Apply change to the shadow structure Apply change to the shadow structure

  9. Tracing Example Tracing Example � Use of Shadow Page Tables to run guest Use of Shadow Page Tables to run guest � Vmware manages SPTs as cache Vmware manages SPTs as cache � True Page Fault True Page Fault � Violation of the protection policy Violation of the protection policy � Forwarded to guest Forwarded to guest � Hidden Page Fault Hidden Page Fault � Missing Page in SPT Missing Page in SPT � No guest No guest- -visible effect visible effect

  10. Refinements Refinements � Flexibility in VMM/guest OS Interface Flexibility in VMM/guest OS Interface � Modify guest OS Modify guest OS � Performance Gains Performance Gains � Extended Features Extended Features � Flexibilty in VMM/hardware Interface Flexibilty in VMM/hardware Interface � Hardware Execution mode for guest OS Hardware Execution mode for guest OS � “Paravirtualization” “Paravirtualization”

  11. SOFTWARE VIRTUALIZATION SOFTWARE VIRTUALIZATION

  12. x86 Obstacles x86 Obstacles � Visibility of privileged state Visibility of privileged state � Lack of Traps at user Lack of Traps at user- -level level � Example: Unprivileged Example: Unprivileged popf popf � Privileged level: ALU & system flags Privileged level: ALU & system flags � De De- -privileged level: ALU changes privileged level: ALU changes � No trap in de No trap in de- -privileged level privileged level

  13. Simple Binary Translation Simple Binary Translation – – Interpreter Interpreter � Use of an interpreter Use of an interpreter � Prevent leakage of privileged state Prevent leakage of privileged state � Correct implementation of non Correct implementation of non- -trapping instructions trapping instructions � Separation of virtual state from physical state Separation of virtual state from physical state � Fails Performance Criteria Fails Performance Criteria

  14. Simple Binary Translation Simple Binary Translation � Binary Translation combines Interpreter with Binary Translation combines Interpreter with Performance Performance � VMware’s Translator offers this properties: VMware’s Translator offers this properties: � Binary Binary � Dynamic Dynamic � On Demand On Demand � System Level System Level � Sub Sub- -Setting Setting � Adaptive Adaptive

  15. Simple Binary Translation Simple Binary Translation – – Example Example � Simple prime validation Simple prime validation � Invoke Invoke isPrime(49) isPrime(49) int isPrime(int a) { int isPrime(int a) { for (int i = 2; i < a; i++) { for (int i = 2; i < a; i++) { if (a % i == 0) return 0; if (a % i == 0) return 0; } return 1; return 1; }

  16. Simple Binary Translation Simple Binary Translation – – Example Example Translation isPrime‘: isPrime‘: mov %ecx, %edi mov %ecx, %edi isPrime: isPrime: mov %ecx, %edi mov %ecx, %edi Compiled Code mov %esi, $2 mov %esi, $2 mov %esi, $2 mov %esi, $2 IR Fragment Unit cmp %esi, %ecx cmp %esi, %ecx cmp %esi, %ecx cmp %esi, %ecx jge [takenAddr] jge [takenAddr] jge prime jge prime nexti: nexti: mov %eax, %ecx mov %eax, %ecx jmp [fallthrAddr] jmp [fallthrAddr] Translation cdq cdq Unit idiv %esi idiv %esi nexti‘: nexti‘: mov %eax, %ecx mov %eax, %ecx Compiled Code test %edx, %edx test %edx, %edx cdq cdq Fragment jz notPrime jz notPrime idiv %esi idiv %esi inc %esi inc %esi test %edx, %edx test %edx, %edx cmp %esi, %ecx cmp %esi, %ecx jz notPrime‘ jz notPrime‘ jl nexti jl nexti jmp [fallthrAddr] jmp [fallthrAddr] prime: prime: mov %eax, $1 mov %eax, $1 ret ret notPrime: notPrime: xor %eax, %eax xor %eax, %eax ret ret

  17. Simple Binary Translation Simple Binary Translation – – Example Example isPrime isPrime': ': * *mov mov % %ecx ecx, % , %edi edi isPrime: isPrime: mov %ecx, %edi mov %ecx, %edi mov % mov %esi esi, $2 , $2 mov %esi, $2 mov %esi, $2 cmp cmp % %esi esi, % , %ecx ecx cmp %esi, %ecx cmp %esi, %ecx jge jge [ [takenAddr takenAddr] ] jge prime jge prime nexti nexti': ': * *mov mov % %eax eax, % , %ecx ecx nexti: nexti: mov %eax, %ecx mov %eax, %ecx cdq cdq cdq cdq idiv % idiv %esi esi idiv %esi idiv %esi test % test %edx edx, % , %edx edx test %edx, %edx test %edx, %edx jz notPrime jz notPrime' ' jz notPrime jz notPrime *inc %esi *inc % esi inc %esi inc %esi cmp cmp % %esi esi, % , %ecx ecx cmp %esi, %ecx cmp %esi, %ecx jl jl nexti nexti' ' jl nexti jl nexti jmp jmp [fallthrAddr3] [fallthrAddr3] prime: prime: mov %eax, $1 mov %eax, $1 notPrime notPrime': ': *xor * xor % %eax eax, % , %eax eax ret ret pop %r11 ; RET pop %r11 ; RET notPrime: notPrime: xor %eax, %eax xor %eax, %eax mov mov %gs:0xff39eb8(%rip), % %gs:0xff39eb8(%rip), %rcx rcx ret ret movzx movzx % %ecx ecx, %r11b , %r11b jmp jmp %gs:0xfc7dde0(8*% %gs:0xfc7dde0(8*%rcx rcx) )

  18. Simple Binary Translation Simple Binary Translation – – Exceptions Exceptions � PC PC- -relative addressing relative addressing � Translator output on different location Translator output on different location � Direct control flows Direct control flows � Code layout changes need reconnection Code layout changes need reconnection � Indirect control flows Indirect control flows � Dynamically computed targets Dynamically computed targets � Privileged instructions Privileged instructions

  19. Comparison Comparison rdtsc rdtsc #Cycles #Cycles 2030 2030 1254 1254 216 216

  20. HARDWARE HARDWARE VIRTUALIZATION VIRTUALIZATION

  21. x86 Architecture Extensions x86 Architecture Extensions � Allows classical Trap Allows classical Trap- -and and- -Emulate Emulate � Virtual Machine Control Block Virtual Machine Control Block � Diagnostics Fields Diagnostics Fields � Guest Mode (VMX) vs. Host Mode Guest Mode (VMX) vs. Host Mode � vmrun vmrun Command Command

  22. Qualitative Comparision Qualitative Comparision � Binary Translator Binary Translator � Trap Elimination Trap Elimination � Emulation Speed Emulation Speed � Callout avoidance Callout avoidance � Hardware Hardware- -assisted VMM assisted VMM � Code density Code density � Precise exceptions Precise exceptions � System calls System calls

  23. EXPERIMENTS AND RESULTS EXPERIMENTS AND RESULTS

Recommend


More recommend