A Brief Overview of Virtualization

. . . . . .

大纲

. . . . . .

What is Virtualization 虚拟化技术分类 Process VMs

. . . . . . .

System VMs

. . . . . . .

VMM implementation issues Security research

A Brief Overview of Virtualization

陈志杰[email protected]

蜜网项目组

April 14, 2008

陈志杰 [email protected] 蜜网项目组


. . . . . .

大纲

. . . . . .


. . . . . . .

System VMs

. . . . . . .


大纲

1 What is Virtualization

2 虚拟化技术分类

3 Process VMs

4 System VMs

5 VMM implementation issues

6 Security research



. . . . . .

大纲

. . . . . .


. . . . . . .

System VMs

. . . . . . .


大纲



3 Process VMs

4 System VMs


6 Security research



. . . . . .

大纲

. . . . . .


. . . . . . .

System VMs

. . . . . . .


Defination

What is Virtualization ?

To virtualize means to take something of one form and makeit appear to be another form.[1]

To make a computer appear to be multiple computers or adifferent computer entirely.To making many computers appear to be a single computer.(Server Aggregation/Grid Computing)

我们这里讨论的虚拟化指的是前者。

不过目前的趋势是合二为一，即将一些分离的计算资源抽象成统一的资源库，然后再由 Virtual Machine Infrastructure 统一调度，分配给多个虚拟的机器。



. . . . . .

大纲

. . . . . .


. . . . . . .

System VMs

. . . . . . .


Defination

虚拟化转化的是”form”，这里的form指的就是不同的接口（Inter-face），所以，我们要先从Interface谈起。



. . . . . .

大纲

. . . . . .


. . . . . . .

System VMs

. . . . . . .


Abstraction

抽象(Abstraction)

在计算机结构日益复杂的今天，我们之所以能够有条不紊地继续发展计算机理论和结构，正是由于存在不同层次的抽象，每层 Abstraction都会定义一定的接口(Interface)，以隐藏具体实现以降低复杂性。两个名词：

Architecture : A formal specification of an interface inthe system.

Implementation : The actual embodiment of an architec-ture.



. . . . . .

大纲

. . . . . .


. . . . . . .

System VMs

. . . . . . .


Abstraction

计算机系统的三层 Interface [2]

ISA InstructionSet Architec-ture.

ABI ApplicationBinary Inter-face.

API ApplicationProgrammingInterface.

Figure: Computer system architecture



. . . . . .

大纲

. . . . . .


. . . . . . .

System VMs

. . . . . . .


Abstraction

Interface vs. Virtualization

Abstraction优点：统一的编程（软件、硬件）格式。

缺点：移植性

Virtualization : 从一种Abstraction转化到另外一种Abstrac-tion。

Component VirtualizationSystem Virtualization

可以依照虚拟机技术所虚拟的层次(ISA、ABI或API)来对虚拟机分类.



. . . . . .

大纲

. . . . . .


. . . . . . .

System VMs

. . . . . . .


Abstraction

Three Levels of Interface

Figure: Computer systemarchitecture

ISA Instruction Set Architecture.The ISA marks the division be-tween hardware and software,and consists of interfaces 3and 4. Interface 4 representsthe user ISA and includes thoseaspects visible to an applica-tion program. Interface 3, thesystem ISA, is a superset of theuser ISA and includes those as-pects visible only to operatingsystem software responsible formanaging hardware resources.



. . . . . .

大纲

. . . . . .


. . . . . . .

System VMs

. . . . . . .


Abstraction



ABI Application Binary Interface.The ABI gives a program accessto the hardware resources andservices available in a sys-tem through the user ISA (in-terface 4) and the system callinterface (interface 2). TheABI does not include system in-structions; rather, all appli-cation programs interact withthe hardware resources indi-rectly by invoking the operat-ing system’s services via thesystem call interface.



. . . . . .

大纲

. . . . . .


. . . . . . .

System VMs

. . . . . . .


Abstraction



API Application Programming Inter-face.The API gives a program accessto the hardware resources andservices available in a sys-tem through the user ISA (in-terface 4) supplemented withhigh-level language (HLL) li-brary calls (interface 1). Anysystem calls are usually per-formed through libraries. Us-ing an API enables applicationsoftware to be ported easily,through recompilation, to othersystems that support the sameAPI.陈志杰 [email protected] 蜜网项目组


. . . . . .

大纲

. . . . . .


. . . . . . .

System VMs

. . . . . . .


大纲



3 Process VMs

4 System VMs


6 Security research



. . . . . .

大纲

. . . . . .


. . . . . . .

System VMs

. . . . . . .


What is a Virtual Machine

The meaning of “machine”:

From the process’s perspective :

A logical memory address space.User-level instructions and registers.I/O (only visible through the operating system calls).

Thus the ABI defines the machine as seen by a process.Similarly, the API specifies the machine characteristicsas seen by an application’s HLL program.



. . . . . .

大纲

. . . . . .


. . . . . . .

System VMs

. . . . . . .


What is a Virtual Machine

From the operating system’s perspective :

the underlying hardware’s characteristics alone define themachine

So it is the ISA that provides the interface between thesystem and machine.

So there are process VMs and system VMs.



. . . . . .

大纲

. . . . . .


. . . . . . .

System VMs

. . . . . . .


Process VMs and System VMs

A process VM is a virtual platform that executes an in-dividual process. This type of VM exists solely to supportthe process; it is created when the process is created andterminates when the process terminates. The virtualizingsoftware that implements a process VM is often termed theruntime, short for “runtime software.”

A system VM provides a complete, persistent system en-vironment that supports an operating system along with itsmany user processes. It provides the guest operating systemwith access to virtual hardware resources, including net-working, I/O, and perhaps a graphical user interface alongwith a processor and memory. The virtualizing software ina system VM is typically referred to as the virtual machinemonitor (VMM).



. . . . . .

大纲

. . . . . .


. . . . . . .

System VMs

. . . . . . .


大纲



3 Process VMs

4 System VMs


6 Security research



. . . . . .

大纲

. . . . . .


. . . . . . .

System VMs

. . . . . . .


Process Virtual Machines

Multiprogrammed systems :The most common process VM.

Emulators and dynamic binary translators More challeng-ing problem for process-level VMs is that of supportingprogram binaries compiled to an instruction set differentfrom the one the host executes. eg: Intel IA32-EL whichallows Intel IA-32 application binaries to run on Itaniumhardware.

Same-ISA binary optimizers Dynamo system.

High-level-language VMs The Sun Microsystems Java VMarchitecture and the Microsoft Common Language Infrastruc-ture.注:HLL environment 仅指需要runtime的语言。



. . . . . .

大纲

. . . . . .


. . . . . . .

System VMs

. . . . . . .


大纲



3 Process VMs

4 System VMs


6 Security research



. . . . . .

大纲

. . . . . .


. . . . . . .

System VMs

. . . . . . .


System VM history

System VM History

可以追溯到20世纪70年代IBM大型机。在经过一个低谷之后，又在以VMware为代表的运行在小型或者微型计算机上的新一代虚拟机的带领下重新崛起。



. . . . . .

大纲

. . . . . .


. . . . . . .

System VMs

. . . . . . .


Classic System VMs

Classic System VMs

The classic approach places the VMM on bare hardware andthe VMs fit on top.

The VMM runs in the most highly privileged mode, whileall guest systems run with reduced privileges so that theVMM can intercept and emulate all guest operating systemactions that would normally access or manipulate criticalhardware resources.



. . . . . .

大纲

. . . . . .


. . . . . . .

System VMs

. . . . . . .


Hosted VM

Hosted VMs

An alternative system VM implementation builds virtualiz-ing software on top of an existing host operating system,resulting in a hosted VM.

Advantage:A user installs it just like a typical application program.Virtualizing software can rely on the host operating systemto provide device drivers and other lower-level servicesrather than on the VMM.Virtualizing software can rely on thehost operating system to provide device drivers and otherlower-level services rather than on the VMM.

Example:VMware GSX serverVMware GSX Server将一台实体的电脑变成许多的虚拟服务器，这些虚拟服务器其实是由单一的硬件所架构成的，系统资源依据每一台虚拟机器的需求，分配到所有的虚拟机器。



. . . . . .

大纲

. . . . . .


. . . . . . .

System VMs

. . . . . . .


Whole System VM

Whole System VMs

The VM software executes as an application program sup-ported by the host operating system and uses no system ISAoperations.

An example of this type of VM is the Virtual PC (and VMwareWorkstation?).



. . . . . .

大纲

. . . . . .


. . . . . . .

System VMs

. . . . . . .


Multiprocessor virtualization

Multiprocessor virtualization

Here, an important objective is to partition the large sys-tem into multiple smaller multiprocessor systems by dis-tributing the underlying hardware resources of the largesystem.

物理上或者是时间上划分成多个独立的。



. . . . . .

大纲

. . . . . .


. . . . . . .

System VMs

. . . . . . .


Codesigned VM

Codesigned VMs

Codesigned VMs implement new, proprietary ISAs targeted atimproving performance, power efficiency, or both.

Perhaps the best-known example of a codesigned VM is theTransmeta Crusoe.11 In this processor, the underlying hard-ware uses a very-long instruction word architecture, andthe guest ISA is the Intel IA-32. The Transmeta design-ers focused on the power-saving advantages of simpler VLIWhardware.



. . . . . .

大纲

. . . . . .


. . . . . . .

System VMs

. . . . . . .


Codesigned VM

Partial Summary

Figure: The Vitual Machine Category



. . . . . .

大纲

. . . . . .


. . . . . . .

System VMs

. . . . . . .


大纲



3 Process VMs

4 System VMs


6 Security research



. . . . . .

大纲

. . . . . .


. . . . . . .

System VMs

. . . . . . .


CPU virtualization

CPU Virtualization

ĎĎĎĎĎDirect execution

Executing the virtual machine on the real machine, whileletting the VMM retain ultimate control of the CPU.

A CPU architecture is virtualizable only if it supports thebasic VMM technique of direct execution.

Requires running the virtual machine’s privileged (operating-system kernel) and unprivileged code in the CPU’s unpriv-ileged mode, while the VMM runs in privileged mode.Thus,when the virtual machine attempts to perform a privilegedoperation, the CPU traps into the VMM.



. . . . . .

大纲

. . . . . .


. . . . . . .

System VMs

. . . . . . .


CPU virtualization

遇到的问题一

对于x86架构：”Certain privileged-mode instructions do nottrap, and can return different results based upon themode.”

如：An instruction that disables interruptsLetting a guest operating system disable interrupts wouldnot be safe since the VMM could not regain control of theCPU.Instead, the VMM would trap the operation to disableinterrupts and then record that interrupts were disabledfor that virtual machine.

具体来说，如 POPF 指令。



. . . . . .

大纲

. . . . . .


. . . . . . .

System VMs

. . . . . . .


CPU virtualization

遇到的问题之二

Unprivileged instructions let the CPU access privilegedstate.

这样由于是虚拟的缘故（GuestOS运行在用户态），会得到“错误”的当前运行级的信息。

Software running in the virtual machine can read the codesegment register to determine the processor’s currentprivilege level. But the x86 doesn’t trap the instruc-tion, so with direct execution, the software would see thewrong privilege level in the code segment register.



. . . . . .

大纲

. . . . . .


. . . . . . .

System VMs

. . . . . . .


CPU virtualization

解决方案

ParavirtualizationWith paravirtualization, the VMM builder defines the vir-tual machine interface by replacing nonvirtualizable por-tions of the original instruction set with easily virtual-ized and more efficient equivalents.缺点： Operating systems must be ported to run in a virtualmachine.

Direct execution + Fast binary translation (Vmware、QEMU)对 User Mode 的程序 direct execution , 对 kernel mode 的代码“打补丁”.

Intel Vanderpool technology and AMD Pacifica technology.



. . . . . .

大纲

. . . . . .


. . . . . . .

System VMs

. . . . . . .


Memory virtualization

Memory Virtualization

主要技术：

Maintain a shadow of the virtual machine’s memory-managementdata structure.

When the operating system running in a virtual machineestablishes a mapping in its page table, the VMM detectsthe changes and establishes a mapping in the correspondingshadow page table entry that points to the actual pagelocation in the hardware memory.



. . . . . .

大纲

. . . . . .


. . . . . . .

System VMs

. . . . . . .


Memory virtualization

问题和解决方案

cache 的交换和内存空间回收的选择问题。VMware ESX solution:: a balloon process running inside theGuestOS can communicate with the VMM.

多个虚拟机之间存在重复的内存数据区。VMware solution: Content-based page sharing



. . . . . .

大纲

. . . . . .


. . . . . . .

System VMs

. . . . . . .


I/O virtualization

I/O virtualization

古老的IBM大型机的做法：A channel-based architecture.(不懂)

VMware Workstation 的做法：Hosted architecture(Using thedevice drivers of a host operating system (HostOS))

ESX Server solution: A highly optimized I/O subsystem fornetwork and storage devices.(实际上是使用的Linux Kernel的I/O部分)



. . . . . .

大纲

. . . . . .


. . . . . . .

System VMs

. . . . . . .


大纲



3 Process VMs

4 System VMs


6 Security research



. . . . . .

大纲

. . . . . .


. . . . . . .

System VMs

. . . . . . .


Security research

Livewire: a system that uses a VMM for advanced intrusiondetection on the software in the virtual machines.

ReVirt: uses the VMM layer to analyze the damage hackersmight have caused during the break-in.

Argos: Dynamic Dataflow Analyze.

etc.



. . . . . .

大纲

. . . . . .


. . . . . . .

System VMs

. . . . . . .


Virtualization in the future

开头提到的 Virtual Center.

Migrating software as data.

Security.



. . . . . .

大纲

. . . . . .


. . . . . . .

System VMs

. . . . . . .


参考文献

[1] M. Tim Jones

Virtual Linux –An overview of virtualization methods, architectures, andimplementations [EB/OL].

IBM DeveloperWorks.

http://www.ibm.com/developerworks/library/l-linuxvirt/ .

[2] James E.Smith and Ravi Nair

The Architecture of Virtual Machines [J]

Computer, May 2005 IEEE.

[3] Mendel Rosenblum and Tal Garfinkel

Virtual Machine Monitors: Current Technology and Future Trends [J].

Computer, May 2005 IEEE.

[4] Fabrice Bellard

QEMU, a Fast and Portable Dynamic Translator.

2005 USENIX Annual Technical Conference.



. . . . . .

大纲

. . . . . .


. . . . . . .

System VMs

. . . . . . .


谢谢大家！

