kvm arm
play

KVM/ARM Linux Symposium 2010 Christoffer Dall and Jason Nieh - PowerPoint PPT Presentation

Nov 21, 2023 •237 likes •1.14k views

KVM/ARM Linux Symposium 2010 Christoffer Dall and Jason Nieh {cdall,nieh}@cs.columbia.edu Slides: http://www.cs.columbia.edu/~cdall/ols2010-presentation.pdf Friday, July 16, 2010 We like KVM Its Fast, Free, Open, and Simple!

  1. KVM/ARM Linux Symposium 2010 Christoffer Dall and Jason Nieh {cdall,nieh}@cs.columbia.edu Slides: http://www.cs.columbia.edu/~cdall/ols2010-presentation.pdf Friday, July 16, 2010

  2. We like KVM • It’s Fast, Free, Open, and Simple! • Integrates well with Linux • Always maintained • Supports x86, ia64, PowerPC, and s390 Friday, July 16, 2010

  3. ARM devices are everywhere Friday, July 16, 2010

  4. Google Nexus One Specifications Processor Qualcomm Snapdragon QSD8250 CPU Core Qualcomm Scorpion Architecture ARM v7 Clock speed 1000 MHz Technology 65 nm Memory 512 MB ...and they are getting really powerful Friday, July 16, 2010

  5. KVM relies on hardware support • x86 and ia64 (Itanium) • PowerPC, and s390 Friday, July 16, 2010

  6. KVM relies on hardware support Virtualization Extensions • x86 and ia64 (Itanium) • PowerPC, and s390 Friday, July 16, 2010

  7. KVM relies on hardware support Virtualization Extensions • x86 and ia64 (Itanium) • PowerPC, and s390 Virtualizable Friday, July 16, 2010

  8. Hardware Support for Virtualization • Guest kernel runs in user mode • Sensitive instructions are instructions that depend on CPU mode • Virtualizable if all sensitive instructions trap • Trap-and-emulate • Hardware virtualization features provide extra mode where all sensitive instructions trap Friday, July 16, 2010

  9. Problem • ARM is not virtualizable • ARM has no hardware virtualization extensions Friday, July 16, 2010

  10. 31 Sensitive instructions CPS LDRT STC RSBS MRS STRBT ADCS RSCS MSR STRT ADDS SBCS RFE CDP ANDS SUBS SRS LDC BICS LDM (2) MCR EORS LDM (3) MCRR MOVS STM (2) MRC MVNS LDRBT MRRC ORRS Friday, July 16, 2010

  11. 31 Sensitive instructions CPS LDRT STC RSBS MRS STRBT ADCS RSCS MSR STRT ADDS SBCS RFE CDP ANDS SUBS SRS LDC BICS LDM (2) MCR EORS LDM (3) MCRR MOVS STM (2) MRC MVNS LDRBT MRRC ORRS and 25 of them are non-privileged Friday, July 16, 2010

  12. Solution • We use lightweight paravirtualization • Retains simplicity of KVM architecture • Minimally intrusive to KVM and the Kernel • Uses on QEMU for device emulation Friday, July 16, 2010

  13. • KVM • CPU virtualization on ARM • Memory virtualization on ARM • World Switch details • Implementation status Friday, July 16, 2010

  14. KVM Architecture VM QEMU Processes Guest kernel KVM Linux Kernel Hardware Friday, July 16, 2010

  15. KVM execution flow Friday, July 16, 2010

  16. Start QEMU Friday, July 16, 2010

  17. Start Alloc QEMU memory Friday, July 16, 2010

  18. Start Alloc QEMU memory Friday, July 16, 2010

  19. Start Alloc Create QEMU memory VM Friday, July 16, 2010

  20. Start Alloc Create QEMU memory VM Friday, July 16, 2010

  21. Start Alloc Create Register QEMU memory VM memory Friday, July 16, 2010

  22. Start Alloc Create Register QEMU memory VM memory Friday, July 16, 2010

  23. Start Alloc Create Register Create QEMU memory VM memory VCPU Friday, July 16, 2010

  24. Start Alloc Create Register Create QEMU memory VM memory VCPU Friday, July 16, 2010

  25. Start Alloc Create Register Create QEMU memory VM memory VCPU KVM RUN Friday, July 16, 2010

  26. Start Alloc Create Register Create QEMU memory VM memory VCPU KVM RUN Friday, July 16, 2010

  27. Start Alloc Create Register Create QEMU memory VM memory VCPU KVM RUN User space Kernel World switch Guest Friday, July 16, 2010

  28. Start Alloc Create Register Create QEMU memory VM memory VCPU KVM RUN User space Kernel World switch Guest Native guest execution Friday, July 16, 2010

  29. Start Alloc Create Register Create QEMU memory VM memory VCPU KVM RUN User space Kernel World switch Guest Interrupt Native guest execution Friday, July 16, 2010

  30. Start Alloc Create Register Create QEMU memory VM memory VCPU KVM RUN User space Kernel World World switch switch Guest Interrupt Native guest execution Friday, July 16, 2010

  31. Start Alloc Create Register Create QEMU memory VM memory VCPU KVM RUN User space Handle Kernel exit World World switch switch Guest Interrupt Native guest execution Friday, July 16, 2010

  32. Start Alloc Create Register Create QEMU memory VM memory VCPU Handle I/O? KVM RUN User space Handle Kernel exit World World switch switch Guest Interrupt Native guest execution Friday, July 16, 2010

  33. Start Alloc Create Register Create QEMU memory VM memory VCPU Handle I/O? KVM RUN User space Handle Emulation Kernel exit World World switch switch Guest Interrupt Native guest execution Friday, July 16, 2010

  34. Start Alloc Create Register Create QEMU memory VM memory VCPU Handle I/O? KVM RUN User space Handle Emulation Kernel exit World World switch switch Guest Interrupt Native guest execution Friday, July 16, 2010

  35. New KVM architecture • Logical separation of architecture dependent and independent code • kvm_arch_XXX • kvm_XXX Friday, July 16, 2010

  36. • KVM • CPU virtualization on ARM • Memory virtualization on ARM • World Switch details • Implementation status Friday, July 16, 2010

  37. ARM virtualization • ARM is not virtualizable - nor does it have hardware virtualization support • Possible solutions: • binary translation • or paravirtualization Friday, July 16, 2010

  38. Binary Translation • Traditionally done out-of-place with a translation cache • Difficult to make it fast • Contradicts idea of KVM Friday, July 16, 2010

  39. Paravirtualization • Changes the guest kernel to replace code with sensitive instructions with hypercalls • Guest kernel is modified by hand • Hard to merge changes with upstream Kernel versions Friday, July 16, 2010

  40. Lightweight-paravirtualization (LPV) Original code: mrs r2, cpsr @ get current mode tst r2, #3 @ not user? bne not_angel Friday, July 16, 2010

  41. Lightweight-paravirtualization (LPV) Original code: mrs r2, cpsr @ get current mode tst r2, #3 @ not user? bne not_angel Friday, July 16, 2010

  42. Lightweight-paravirtualization (LPV) Original code: swi 0x022000 @ get current mode tst r2, #3 @ not user? bne not_angel Friday, July 16, 2010

  43. Lightweight-paravirtualization (LPV) • Replace sensitive instructions with traps • Traps encode original instruction and operands • Emulate replaced instructions in KVM • Script-based solution applicable to any vanilla kernel tree Friday, July 16, 2010

  44. LPV encoding example mrs r2, cpsr swi 0x022000 Status register access function MRS encoding 23 20 19 16 15 14 12 0 +--------------+-------------------+--+-------------+-----------------------------+ | 0 | Rd | R| 2 | OIF | +--------------+-------------------+--+-------------+-----------------------------+ Friday, July 16, 2010

  45. LPV implementation • Uses regular expressions to search for sensitive assembly instructions • ~150 lines (written in Python) • Supports inline assembler, preprocessor macros and assembler files. Friday, July 16, 2010

  46. LPV requirements • Assumes guest kernel does not make system calls to itself • Module source code must also be handled • GCC does not generate sensitive instructions from C-code Friday, July 16, 2010

  47. LPV key points • Encodes each sensitive instructions to a single trap • As efficient as trap-and-emulate • Fully automated • Doesn’t affect kernel code size Friday, July 16, 2010

  48. • KVM • CPU virtualization on ARM • Memory virtualization on ARM • World Switch details • Implementation status Friday, July 16, 2010

  49. Virtual memory 0 4 GB Virtual User space application Kernel Addresses Page Tables MMU 0 4 GB Physical RAM Devices Addresses Friday, July 16, 2010

  50. New address space 0 4 GB Guest virtual Guest user space application Guest Kernel Addresses 0 4 GB Guest physical RAM Devices Addresses MMU 0 4 GB Host physical RAM Devices (Machine) Addresses Friday, July 16, 2010

  51. New address space 0 4 GB Guest virtual Guest user space application Guest Kernel Addresses 0 4 GB Guest physical RAM Devices Addresses Shadow page tables MMU 0 4 GB Host physical RAM Devices (Machine) Addresses Friday, July 16, 2010

  52. Shadow page tables • Map • Guest Virtual Addresses to • Host Physical Addresses • One per guest page table (process) • Start out empty and add entries on page faults (on demand) Friday, July 16, 2010

  53. Address translation Guest virtual Guest physical Host kernel Guest memory KVM process Virtual Memory Machine memory Friday, July 16, 2010

  54. Address translation Guest virtual Walk guest page tables in software: gva_to_gfn(...); Guest physical Host kernel Guest memory KVM process Virtual Memory Machine memory Friday, July 16, 2010

  55. Address translation Guest virtual Walk guest page tables in software: gva_to_gfn(...); Guest physical Built-in KVM Host kernel Guest memory functionality: KVM process Virtual Memory gfn_to_hva(...); Machine memory Friday, July 16, 2010

Recommend

More recommend