Lab 4 Tutorial Instructor: Youngjin Kwon
What we’ve done so far • Lab 1: Booting OS from BIOS and initializing kernel • Lab 2: Physical memory management and memory mapping (kernel) • Lab 3: Defining user environment, handling interrupt/exception/system call
What you will be given for lab 4 • Lab 1: Booting OS from BIOS and initializing kernel • Lab 2: Physical memory management and memory mapping (kernel) • Lab 3: Defining user environment, handling interrupt/exception/system call • (JOS LAB 4): Multi-process environments, scheduler, IPC primitives • (JOS LAB 5): File system, read/write syscalls, shell • (JOS LAB 6): Network stack, network driver (memory-mapped IO)
JOS OS architecture Not enabled in LAB 4 Read/Write IPC File system Application Network server server (user environment) (NS environment) (FS environment) fsipc() Direct hardware JOS OS access Hardware
JOS VMM overview Not enabled in LAB 4 Read/Write IPC JOS gOS File system Network server (guest OS) server (NS environment) environment (FS environment) fsipc() Direct hardware JOS hOS + VMM access Hardware
Let’s see demo “Run JOS on JOS”
Steps to run VMM • JOS booting JOS hOS • Launch FS server (fs_fs) and shell server (user_icode) • Run application called “ vmm ” in shell • vmm application: launching guest OS environment vmm (user env.) • Declare itself as gOS (OS environment) to hOS • Load gOS kernel to memory • sys_yield(): control goes to hOS JOS hOS + VMM • JOS hOS • Turn hOS to hOS + VMM by enabling intel VT • Execute the vmm environment as gOS vmm (guest OS)
vmm: declare itself as guest OS vmm (user environment) user/vmm.c Exercise 1 Prepare env for guest OS type hOS kern/syscall.c Newly added member in struct Env
vmm: load gOS kernel to memory vmm (user environment) • Exercise 3 • Open GUEST_KERN (elf format) • Load elf sections to guest memory with map_in_guest() • vmm env.: map_in_guest() • Allocate a temp page (to where?) • Read given elf section (specified by fd and offset) • Call sys_ept_map() to ask hOS to do the mapping in EPT hOS • hOS : sys_ept_map() • Do some checks for error conditions • Call ept_map_hva2gpa()
vmm: load gOS kernel to memory • Exercise 2: handling EPT • Call ept_map_hva2gpa to do the mapping Same address? Or not? • ept_map_hva2gpa • Map hva to gpa • Use ept_lookup_gpa() to find ept entry of given gpa • ept_lookup_gpa • Similar to page_lookup but it walks ept and returns the leaf ept entry
Host virtual and guest physical address Root mode Non root mode 0x10000000 Host Host Virtual Guest OS physical 0x50000000 0x0 Guest Guest physical virtual Host page table Guest Used for page table guest physical Mov $rdx, addr 4GB JOS hOS create env with 5GB 4GB - 1 0x10000000 + 5G - 1
How to get host VA in JOS? Kernel virtual address
Steps to run VMM • JOS booting JOS hOS • Launch FS server (fs_fs) and shell server (user_icode) • Run application called “ vmm ” in shell • vmm application: launching guest OS environment vmm (user env.) • Declare itself as gOS to hOS • Load gOS kernel to memory • sys_yield(): control goes to hOS JOS hOS + VMM • JOS hOS • Turn hOS to hOS + VMM by Intel VT • Execute the vmm environment as gOS vmm (guest OS)
hOS: Turn hOS to hOS + VMM Sched_yield (kern/sched.c)
hOS + VMM: execute vmm env. as gOS Env_run() (kern/env.c) • vmx_vmrun() • Execute environment as guest operation system
Background: Intel-VT When Guest OS executes VMX root-privileged instructions
Virtual-Machine Control data Structure (VMCS) • VMCS data area • Guest-state area • Host-state area • VM execution control field • VM exit control field • VM entry control field • VM exit information field Detailed layout of VMCS data area at vmm/vmx.h How to manipulate VMCS: vmcs_ctls_init()
VMCS control example • Scenario: page fault validation • VMM hijacks page faults happened in a guest OS • Verify the page faults • If it is a legal page fault, VMM injects the page faults to the guest OS
Hijacking page faults • Using exception bitmap: 32 bit • If a bit of a certain position is set, the exception cause vm exit. Otherwise CPU delivers the exception to guest OS IDT • if 14 bit (exception vector 14 == page fault) is set, VMM takes a control when PF happens in the guest OS Vmcs_ctls_init() – vmm/vmx.c
injects page faults • Using vm entry control field: 32 bit • On vm entry, CPU delivers an event through the guest OS IDT Vmcs_ctls_init() – vmm/vmx.c
Vmlaunch/vmresume and vmexit asm_vmrun (vmm/vmx.c) • Exercise 4 • Write code for vmlaunch/vmresume • How to determine vmlaunch or vmresume? • When vmlaunch/vmresume returns, it means vmexit (guest OS completely … stops)
What causes vmexit? Bugnion et al, Hardware and Software Support for Virtualization, Morgan & Calypool Publisher
vmcall gOS hOS + VMM
Vmexit handler • Exercise 5,6,7 (trap-and-emulate) • gOS traps vmexit() • Find out vmexit reason (how?) • Implement the corresponding vmexit handler • Exercise 5,7: vmcall • Exercise 6: cpuid instruction
Recommend
More recommend