UNIT II VIRTUALIZATION BASICS 6

Virtual Machine Basics – Taxonomy of Virtual Machines – Hypervisor – Key Concepts –

Virtualization structure – Implementation levels of virtualization – Virtualization Types:

Full Virtualization – Para Virtualization – Hardware Virtualization – Virtualization of CPU,

Memory and I/O devices.

VIRTUAL MACHINE BASICS

With the introduction of new technologies and newer research models, a lot number of
hardware and software products are being launched. Many of the software are platform-
dependent hence it is sometimes difficult to debug or check them because of the limited
hardware resources.
Virtual machine
A VM (virtual machine) is an emulation of a computer system, where these machines use
computer architectures to provide the functionality of a physical computer. The physical device
on which virtual machines work is known as Host, whereas the virtual machines are known as
Guest. A single host can have multiple numbers of guests.
Virtualization
Virtualization is a proven software technology that makes it possible to run multiple operating
systems and applications on the same server at the same time. Example: Run both Windows and
Linux on the same machine.
It is the creation of a virtual (rather than actual) version of something, such as an operating
system, a server, a storage device or network resources.

Taxonomy of virtual machines

 The virtual machine works like a computer, and it is sandboxed from the rest of the host
system. The software within the guest cannot make changes to the software of the host
system.
 Thus, the virus files can be tested using a virtual machine without affecting the main
computer system.
 The computer software that creates and runs the virtual machine is known as Hypervisor.
 Based on their functions there are two different types of virtual machines – System
virtual machines and process virtual machines.
 1. System Virtual Machine:

 These types of VMs provide full virtualization. Acting as the substitute for the real
machine.

 Hardware resources are shared and managed, forming multiple environments on the host
system.

 These environments are isolated from each other but exist on the same physical host.
 These provide time-sharing among several single-tasking operating systems.
 Identical content can be shared among multiple virtual machines.
 This is highly useful for read-only pages.

 virtual machines gives us complete system platform and gives the execution of the
complete virtual operating system.
 Just like virtual box, system virtual machine is providing an environment for an OS to be
installed completely.

2. Process Virtual Machine :

 These VMs are also known as Application virtual machines.
 This type of VM runs as a normal application inside the host’s operating system,
supporting a single process.
 It is created with the starting of the process and is destroyed when the process ends.
 It is used to provide a platform-independent programming environment to the process.

 These are implemented using interpreters and provides high-level abstractions.

  These are popularly used for Java programming which uses Java virtual machine for
execution of programs.
 The application running on these VM has access to all the operating system services.
Parallel virtual machine, Message passing interface are examples of these virtual
machines(VM).
 Example – Wine software in Linux helps to run Windows applications.

Hypervisor
 A hypervisor, also known as a virtual machine monitor or VMM. The hypervisor is a
piece of software that allows us to build and run virtual machines which are abbreviated
as VMs.

 A hypervisor allows a single host computer to support multiple virtual machines (VMs)
by sharing resources including memory and processing.
 Each instance of operating system called Virtual Machine (VM) and operating system
runs inside virtual machine is called guest operating system.
 Depending on the position of the virtualization layer, there are two classes of VM
architectures, namely the hypervisor architectures like bare-metal or host- based.
  The hypervisor software provides two different structures of Virtualization namely
Hosted structure (also called Type2 Virtualization) and Bare-Metal structure (also
called Type 1 Virtualization) .

1.Hosted Structure (Type II)(Hypervisor)

 In hosted structure, the guest OS and applications run on the top of base or host OS
with the help of VMM (called Hypervisor).

 The VMM stays between the base OS and guest OS.

 This approach provides better compatibility of hardware because the base OS is

responsible for providing hardware drivers to guest OS instead of the VMM.

 In this type, hypervisor has to rely on host OS for pass through permissions to access
hardware.

 In many cases, hosted hypervisor needs emulator, which lies between guest OS and
VMM to translate the instructions in native format. The hosted structure is shown in
Fig. 2.2.1.

Fig. 2.2.1 Hosted Structure (Type II Hypervisor)

To implement Hosted structure, a base OS needs to be installed first over which VMM can
be installed. The hosted structure is simple solution to run multiple desktop OS
independently. Fig2.2.2 (a) and (b) shows Windows running on Linux base OS and
Linux running on Windows base OS using hosted Hypervisor.
The popular hosted hypervisors are QEMU, VMware Workstation, Microsoft Virtual PC,
Oracle VirtualBox etc.
The advantages of hosted structure are

 It is easy to install and manage without disturbing host systems hardware.

 It supports legacy operating systems and applications.
 It provides ease of use with greater hardware compatibility.
 It does not require to install any drivers for IO devices as they are installed through
built- in driver stack.
 It can be used for testing beta software.
 The hosted hypervisors are usually free software and can be run on
user workstations.
The disadvantages of hosted structure are

 It does not allow guest OS to directly access the hardware instead it has
to go through base OS, which increases resource overhead.
 It has very slow and degraded virtual machines performance due to
relying on intermediate host OS for getting hardware access.
 It doesn’t scale up beyond the limit.

2.Bare-Metal Structure (Type I)(or) Naïve Bare Metal Structure:

 In Bare-Metal Structure, the VMM can be directly installed on the top of Hardware,
therefore no intermediate host OS is needed. The VMM can directly communicate
with the hardware and does not rely on the host system for pass through permission
which results in better performance, scalability and stability. The Bare-Metal
structure is shown in Fig.2.2.3. (See Fig. 2.2.3 on next page).

 Bare-metal virtualization is mostly used in enterprise data centers for getting the
advanced features like resource pooling, high availability, disaster recovery and
security.
The popular Bare-Metal Hypervisors are Citrix Xen Server, VMware ESXI and
Microsoft Hyper V.
The advantages of Bare-Metal structure are

 It is faster in performance and more efficient to use.

 It provides enterprise features like high scalability, disaster recovery and
 high availability.

Fig. 2.2.3 Bare-Metal Structure (Type-I Hypervisor)

 It has high processing power due to the resource pooling.

 After replacing the instructions with hyper calls, the modified guest OS emulates the
behavior of the original guest OS.

KEY CONCEPT OF VIRTUALIZATION

 Virtualization is a technique, which allows sharing single physical instance of an

application or resource among multiple organizations or tenants (customers).

 Virtualization is a proved technology that makes it possible to run multiple operating

system and applications on the same server at same time.
  Virtualization is the process of creating a logical(virtual) version of a server operating
system, a storage device, or network services.

 The technology that work behind virtualization is known as a virtual machine

monitor(VM), or virtual manager which separates compute environments from the actual
physical infrastructure.

 Virtualization -- the abstraction of computer resources.

 Virtualization hides the physical characteristics of computing resources from their users,
applications, or end users.
 This includes making a single physical resource (such as a server, an operating system,
an application, or storage device) appear to function as multiple virtual resources.

 It can also include making multiple physical resources (such as storage devices or
servers) appear as a single virtual resource.

• In computing, virtualization refers to the act of creating a virtual (rather than actual)
version of something, like computer hardware platforms, operating systems, storage
devices, and computer network resources
• Creation of a virtual machine over existing operating system and hardware.
• Host machine: The machine on which the virtual machine is created.
• Guest machine: virtual machines referred as a guest machine.
• Hypervisor: Hypervisor is a firmware or low-level program that acts as a Virtual

Machine Manager.

Advantages of Virtualization:

1.Reduced Costs.

2.Efficient hardware Utilization.

 3.Virtualization leads to better resource Utilization and increase performance

4.Testing for software development.

5.Increase Availability

6.Save energy

7.Shifting all your Local Infrastructure to Cloud in a day

8.Possibility to Divide Services.

9.Running application not supported by the host.

Disadvantages of Virtualization:

1. Extra Costs.
2. Software Licensing.

Key Concepts

Hypervisor vs Increased security

 The ability to control the exe cution in transparent manner opens new possibilities for
delivering a secure, controlled execution environment.
 The virtual machine represents an emulated environment in which the guest is
executed.
 This level of indirection allows the virtual machine manager to control and filter the
activity of the guest, thus preventing some harmful operations from being performed.
 Managed execution Virtualization of the execution environment not only allows
increased security, but a wider range of features also can be implemented.
 In particular, sharing, aggregation, emulation, and isolation are the most relevant feature.

1.Sharing

 Virtualization allows the creation of a separate computing environment within the same
host.
 In this way it is possible to fully exploit the capabilities of a powerful guest, which would
otherwise be underutilized.

2.Aggregation

 Not only is it possible to share physical resource among several guests but virtualization
also allows aggregation, which is the opposite process.
 A group of separate hosts can be tied together and represented to guests as a single virtual host.

3.Emulation
Guest programs are executed within an environment that is controlled by the virtualization
layer, which ultimately is a program.This allows for controlling and tuning the environment that
is exposed to guests.

4.Isolation

Virtualization allows providing guests whether they are operating systems, applications, or other
entities with a completely separate environment, in which they are executed. • The guest
program performs its activity by interacting with an abstraction layer, which provides access to
the underlying resources.

VIRTUALIZATION STRUCTURE
 There are three typical classes of VM architecture.
 Before virtualization, the operating system manages the hardware.
 After virtualization, a virtualization layer is inserted between the hardware and the
operating system.
 In such a case, the virtualization layer is responsible for converting portions of the
real hardware into virtual hardware.
 Therefore, different operating systems such as Linux and Windows can run on the same
physical machine, simultaneously.

 Depending on the position of the virtualization layer, there are several classes of VM
architectures, namely the hypervisor architecture, para-virtualization, and host based
virtualization. The hypervisor is also known as the VMM (Virtual Machine Monitor).

 They both perform the same virtualization operations.

1. Hypervisor and Xen Architecture:

 The hypervisor supports hardware-level virtualization on bare metal devices like CPU,
memory, disk and network interfaces.
 The hypervisor software sits directly between the physical hardware and its OS. This
virtualization layer is referred to as either the VMM or the hypervisor.
 The hypervisor provides hypercalls for the guest OSes and applications.
 Depending on the functionality, a hypervisor can assume a micro-kernel architecture
like the Microsoft Hyper-V.
  A micro-kernel hypervisor includes only the basic and unchanging functions (such as
physical memory management and processor scheduling).
 The device drivers and other changeable components are outside the hypervisor.
 A monolithic hypervisor implements all the aforementioned functions, including those
of the device drivers.

 Therefore, the size of the hypervisor code of a micro-kernel hypervisor is smaller than
that of a monolithic hypervisor.

 Essentially, a hypervisor must be able to convert physical devices into virtual resources
dedicated for the deployed VM to use.

The Xen Architecture:

 The core components of a Xen system are the hypervisor, kernel, and applications. The
organization of the three components is important.
 Not all guest OSes are created equal, and one in particular controls the others.

 The guest OS, which has control ability, is called Domain 0, and the others are called
Domain U. Domain 0 is a privileged guest OS of Xen. It is first loaded when Xen boots
without any file system drivers being available.

 Domain 0 is designed to access hardware directly and manage devices. Therefore, one
of the responsibilities of Domain 0 is to allocate and map hardware resources for the
guest domains (the Domain U domains).
2. Binary Translation with Full Virtualization:

Depending on implementation technologies, hardware virtualization can be classified

into two categories: full virtualization and host-based virtualization.
2.1 Full Virtualization:

 Full virtualization does not need to modify the host OS.

 It relies on binary translation to trap and to virtualize the execution of certain sensitive,
non virtualizable instructions.
 The guest OSes and their applications consist of noncritical and critical instructions.
  With full virtualization, noncritical instructions run on the hardware directly while
critical instructions are discovered and replaced with traps into the VMM to be emulated
by software.
 Both the hypervisor and VMM approaches are considered full virtualization.
2.2 Binary Translation of Guest OS Requests Using a VMM :

 VMware puts the VMM at Ring 0 and the guest OS at Ring 1.

 The VMM scans the instruction stream and identifies the privileged, control and
behaviour sensitive instructions.

 When these instructions are identified, they are trapped into the VMM, which
emulates the behavior of these instructions.
 The method used in this emulation is called binary translation.
 Therefore, full virtualization combines binary translation and direct execution.
  The guest OS is completely decoupled from the underlying hardware. Consequently, the
guest OS is unaware that it is being virtualized.
 Binary translation employs a code cache to store translated hot instructions to improve
performance, but it increases the cost of memory usage.

Figure 2.13 Indirect execution of complex instructions via binary translation of guest OS requests using
the VMM plus direct execution of simple instructions on the same host.

3.Host-Based Virtualization:

 In a host-based system, both a host OS and a guest OS are used.

 A virtualization software layer is built between the host OS and guest OS.
 An alternative VM architecture is to install a virtualization layer on top of the host OS.
 This host OS is still responsible for managing the hardware.
 The guest OSes are installed and run on top of the virtualization layer. Dedicated
applications may run on the VMs. Certainly, some other applications can also run with
the host OS directly.
 This host-based architecture has some distinct advantages, as enumerated next.
 First, the user can install this VM architecture without modifying the host OS.
 The virtualizing software can rely on the host OS to provide device drivers and other low
level services. This will simplify the VM design and ease its deployment.
 Second, the host-based approach appeals to many host machine configurations.

 Compared to the hypervisor/VMM architecture, the performance of the host based

architecture may also be low.
 When an application requests hardware access, it involves four layers of mapping which
downgrades performance significantly.
4. Para-Virtualization with Compiler Support:

 Para-virtualization needs to modify the guest operating systems.

 A para-virtualized VM provides special APIs requiring substantial OS modifications in
user applications.
 Performance degradation is a critical issue of a virtualized system. No one wants to use a
VM if it is much slower than using a physical machine.
 The virtualization layer can be inserted at different positions in a machine software stack.
 para-virtualization attempts to reduce the virtualization overhead, and thus improve
performance by modifying only the guest OS kernel.
 The guest operating systems are para- virtualized.
 The traditional x86 processor offers four instruction execution rings: Rings 0,1, 2, and 3.
The lower the ring number, the higher the privilege of instruction being executed.
 The OS is responsible for managing the hardware and the privileged instructions to
execute at Ring 0, while user-level applications run at Ring 3.

Figure 2.14 Para-virtualized VM architecture

Figure 2.15 The use of a para-virtualized guest OS assisted by an intelligent compiler to

replace non virtualizable OS instructions by hyper calls.
 4.1 Para-Virtualization Architecture:

 When the x86 processor is virtualized, a virtualization layer is inserted between the
hardware and the OS.
 According to the x86 ring definitions, the virtualization layer should also be
installed at Ring 0.
 The para-virtualization replaces non virtualizable instructions with hyper calls that
communicate directly with the hypervisor or VMM. However, when the guest OS
kernel is modified for virtualization, it can no longer run on the hardware directly.

 Although para-virtualization reduces the overhead, it has incurred other problems.

 First, its compatibility and portability may be in doubt, because it must support the
unmodified OS as well.

 Second, the cost of maintaining para-virtualized OSes is high, because they may
require deep OS kernel modifications.

 Finally, the performance advantage of para virtualization varies greatly due to

workload variations.
4.2 KVM (Kernel-Based VM):

 The KVM does the rest, which makes it simpler than the hypervisor that controls the
entire machine.
 KVM is a hardware-assisted para-virtualization tool, which improves performance
and supports unmodified guest OSes such as Windows, Linux, Solaris, and other
UNIX variants.
 Unlike the full virtualization architecture which intercepts and emulates privileged
and sensitive instructions at runtime, para-virtualization handles these instructions at
compile time.

 The guest OS kernel is modified to replace the privileged and sensitive instructions
with hyper calls to the hypervisor or VMM.

 Xen assumes such a para virtualization architecture.

 The guest OS running in a guest domain may run at Ring 1instead of at Ring 0.

 This implies that the guest OS may not be able to execute some privileged and
sensitive instructions.

 The privileged instructions are implemented by hypercalls to the hypervisor.

 After replacing the instructions with hyper calls, the modified guest OS emulates the
behavior of the original guest OS.
IMPLEMENTATION LEVELS OF VIRTUALIZATION

 Virtualization is a computer architecture technology by which multiple virtual machines

(VMs) are multiplexed in the same hardware machine.
 The purpose of a VM is to enhance resource sharing by many users and improve
computer performance in terms of resource utilization and application flexibility.

 Hardware resources (CPU, memory, I/O devices, etc.) or software resources(operating

system and software libraries) can be virtualized in various functional layers.

 The idea is to separate the hardware from the software to yield better system efficiency.
For example, computer users gained access to much enlarged memory space when the
concept of virtual memory was introduced.

 Similarly, virtualization techniques can be applied to enhance the use of compute

engines, networks and storage.

Levels of Virtualization:
 A traditional computer runs with host operating system specially tailored for its
hardware architecture, as shown in Figure 2.11 (a).
 After virtualization, different user applications managed by their own operating
systems (guest OS) can run on the same hardware, independent of the host OS.
 This is often done by adding additional software, called a virtualization layer as shown
in Figure 2.11 (b).
 This virtualization layer is known as hypervisor or virtual machine monitor (VMM) .
 The VMs are shown in the upper boxes, where applications run with their own guest OS
over the virtualized CPU, memory, and I/O resources.
 The main function of the software layer for virtualization is to virtualize the physical
hardware of a host machine into virtual resources to be used by the VMs, exclusively.
 The virtualization software creates the abstraction of VMs by interposing a
virtualization layer at various levels of a computer system.
 Common virtualization layers include the instruction set architecture (ISA) level,
hardware level, operating system level, library support level and application level.
Figure 2.11 The architecture of a computer system before and after Virtualization

Figure 2.12 Virtualization ranging from hardware to applications in five abstraction levels.

1.Instruction Set Architecture Level:

 At the ISA level, virtualization is performed by emulating a given ISA by the ISA of the
host machine.
 Instruction set emulation leads to virtual ISAs created on any hardware machine.

 The basic emulation method is through code interpretation.

 An interpreter program interprets the source instructions to target instructions one by

one. OneSource instruction may require tens or hundreds of native target instructions to
perform its function. Obviously, this process is relatively slow.

 For better performance, dynamic binary translation is desired.

  This approach translates basic blocks of dynamic source instructions to target
instructions.

 The basic blocks can also be extended to program traces or super blocks to increase
translation efficiency.

 Instruction set emulation requires binary translation and optimization.

 A virtual instruction set architecture (V-ISA) thus requires adding a processor-specific

software translation layer to the compiler.
2.Hardware Abstraction Level:

 Hardware-level virtualization is performed right on top of the bare hardware.

 The idea is to virtualize a computer’s resources, such as its processors, memory, and I/O
devices.
 The intention is to upgrade the hardware utilization rate by multiple users concurrently.
3.Operating System Level:

 This refers to an abstraction layer between traditional OS and user applications.

 OS-level virtualization creates isolated containers on a single physical server and the OS
instances to utilize the hardware and software in datacenters.
 The containers behave like real servers. OS-level virtualization is commonly used in
creating virtual hosting environments to allocate hardware resources among a large
number of mutually distrusting users.
 It is also used, to a lesser extent, in consolidating server hardware by moving services
on separate hosts into containers or VMs on one server.

4.Library Support Level:

 Most applications use APIs exported by user level libraries rather than using lengthy
system calls by the OS.
 Since most systems provide well documented APIs, such an interface becomes another
candidate for virtualization.

 Virtualization with library interfaces is possible by controlling the communication link

between applications and the rest of a system through API hooks.

 The software tool WINE has implemented this approach to support Windows
applications on top of UNIX hosts.
5.User-Application Level:

Virtualization at the application level virtualizes an application as a VM. On a

traditional OS, an application often runs as a process. Therefore, application-level virtualization
is also known as process-level virtualization. The most popular approach is to deploy high level
language (HLL)VMs.

VMM Design Requirements and Providers

 Hardware-level virtualization inserts a layer between real hardware and traditional

operating systems.
 This layer is commonly called the Virtual Machine Monitor (VMM) and it manages the
hardware resources of a computing system.
 Each time programs access the hardware the VMM captures the process.
 VMM acts as a traditional OS.
 One hardware component, such as the CPU, can be virtualized as several virtual copies.

 Therefore, several traditional operating systems which are the same or different can sit on
the same set of hardware simultaneously.

Three requirements for a VMM

• First, a VMM should provide an environment for programs which is essentially identical
to the original machine.

• Second, programs run in this environment should show, at worst, only minor decreases
in speed.

• Third, a VMM should be in complete control of the system resources

Virtualization Support at the OS Level

 With the help of VM technology, a new computing mode known as cloud computing is
emerging.
 Cloud computing is transforming the computing landscape by shifting the hardware and
staffing costs of managing a computational center to third parties, just like banks.
 However, cloud computing has at least two challenges.

• The first is the ability to use a variable number of physical machines and VM instances
depending on the needs of a problem.

• The second challenge concerns the slow operation of instantiating new VMs.

Currently, new VMs originate either as fresh boots or as replicates of a template

VM, unaware of the current application state. Therefore, to better support cloud computing, a
large amount of research and development should be done.

Why OS-Level Virtualization?

 To reduce the performance overhead of hardware-level virtualization, even hardware

modification is needed.
 OS-level virtualization provides a feasible solution for these hardware- level
virtualization issues.
 Operating system virtualization inserts a virtualization layer inside an operating system
to partition a machine’s physical resources.
 It enables multiple isolated VMs within a single operating system kernel. This kind of
VM is often called a virtual execution environment (VE), Virtual Private System (VPS),
or simply container.
 From the user’s point of view, VEs look like real servers.
 This means a VE has its own set of processes, file system, user accounts, network
interfaces with IP addresses, routing tables, firewall rules, and other personal settings.
 Although VEs can be customized for different people, they share the same operating
system kernel.

Advantages of OS Extensions

1.VMs at the operating system level have minimal startup/shutdown costs, low resource
requirements, and high scalability.
2.For an OS-level VM, it is possible for a VM and its host environment to synchronize
state changes when necessary.

These benefits can be achieved via two mechanisms of OS-level virtualization:

(1) All OS-level VMs on the same physical machine share a single operating system kernel
(2) The virtualization layer can be designed in a way that allows processes in VMs
to access as many resources of the host machine as possible, but never to modify
them.
Virtualization on Linux or Windows Platforms

 Virtualization support on the Windows-based platform is still in the research stage.

 The Linux kernel offers an abstraction layer to allow software processes to work with
and operate on resources without knowing the hardware details.
 New hardware may need a new Linux kernel to support.
 Therefore, different Linux platforms use patched kernels to provide special support for
extended functionality.

Middleware Support for Virtualization

 Library-level virtualization is also known as user-level Application Binary Interface

(ABI) or API emulation.
 This type of virtualization can create execution environments for running alien
programs on a platform rather than creating a VM to run the entire operating system.
 API call interception and remapping are the key functions performed.
 This provides an overview of several library-level virtualization systems: namely
the Windows Application Binary Interface (WABI), lxrun, WINE,
Visual MainWin, and Vcuda.
VIRTUALIZATION OF CPU, MEMORY AND I/O DEVICES

 To support virtualization, processors such as the x86 employ a special running mode
and instructions, known as hardware-assisted virtualization.
 In this way, the VMM and guest OS run in different modes and all sensitive
instructions of the guest OS and its applications are trapped in the VMM.
 To save processor states, modes witching are completed by hardware. For the
x86architecture, Intel and AMD have proprietary technologies for hardware-
assisted virtualization.

Hardware Support for Virtualization:

 Modern operating systems and processors permit multiple processes to run

simultaneously. If there is no protection mechanism in a processor, all instructions
from different processes will access the hardware directly and cause a system crash.

 Therefore, all processors have at least two modes, user mode and supervisor mode, to
ensure controlled access of critical hardware.

 Instructions running in supervisor mode are called privileged instructions.

 Other instructions are unprivileged instructions.

 In a virtualized environment, it is more difficult to make OSes and applications run

correctly because there are more layers in the machine stack.
CPU Virtualization:

 A VM is a duplicate of an existing computer system in which a majority of the VM

instructions are executed on the host processor in native mode.
 Thus, unprivileged instructions of VMs run directly on the host machine for higher
efficiency.
 Other critical instructions should be handled carefully for correctness and stability.
 The critical instructions are divided into three categories:

Privileged instructions - Privileged instructions execute in a privileged mode and will

be trapped if executed outside this mode.

Control sensitive instructions - Control-sensitive instructions attempt to

change the configuration of resources used.

Behavior-sensitive instructions - Behavior-sensitive instructions have different

behaviors depending on the configuration of resources, including the load and store

operations over the virtual memory.

  A CPU architecture is virtualizable if it supports the ability to run the VM’s
privileged and privileged instructions in the CPU’s user mode while the VMM runs
in supervisor mode.
 When the privileged instructions including control- and behavior sensitive
instructions of a VM are executed, they are trapped in the VMM.
 In this case, the VMM acts as a unified mediator for hardware access from different
VMs to guarantee the correctness and stability of the whole system.
 CPU architectures can be naturally virtualized because all control and behavior
sensitive instructions are privileged instructions.
Hardware-Assisted CPU Virtualization:

 This technique attempts to simplify virtualization because full or para

virtualization is complicated.
 Intel and AMD add an additional mode called privilege mode level (some people
call it Ring-1) to x86 processors.
 Therefore, operating systems can still run at Ring 0 and the hypervisor can run at
Ring -1.
 All the privileged and sensitive instructions are trapped in the hypervisor
automatically.
 This technique removes the difficulty of implementing binary translation of full
virtualization.
 It also lets the operating system run in VMs without modification.
Memory Virtualization:

 Virtual memory virtualization is similar to the virtual memory support

provided by modern operating systems.
 In a traditional execution environment, the operating system maintains mappings of
virtual memory to machine memory using page tables, which is a one- stage
mapping from virtual memory to machine memory.
 All modern x86 CPUs include a memory management unit (MMU) and a translation
lookaside buffer (TLB) to optimize virtual memory performance.
 However, in a virtual execution environment, virtual memory virtualization
involves sharing the physical system memory in RAM and dynamically
allocating it to the physical memory of the VMs.
 That means a two-stage mapping process should be maintained by the guest OS
and the VMM, respectively: virtual memory to physical memory and physical
memory to machine memory.
  Furthermore, MMU virtualization should be supported, which is transparent to the
guest OS. The guest OS continues to control the mapping of virtual addresses to the
physical memory addresses of VMs. But the guest OS cannot directly access the
actual machine memory.
 The VMM is responsible for mapping the guest physical memory to the actual
machine memory. Figure 2.16 shows the two-level memory mapping procedure.
I/O Virtualization:

I/O virtualization involves managing the routing of I/O requests between virtual
devices and the shared physical hardware. There are three ways to implement I/O
virtualization:
• Full device emulation
• Para virtualization
• Direct I/O

Figure 2.16 Two-level memory mapping procedure.

1.Full device emulation

 This is the first approach for I/O virtualization. Generally, this approach
emulates well known, real-world devices.
 All the functions of a device or bus infrastructure, such as device enumeration,
identification, interrupts, and DMA, are replicated in software.
 This software is located in the VMM and acts as a virtual device. The I/O access
requests of the guest OS are trapped in the VMM which interacts with the I/O
devices.
 A single hardware device can be shared by multiple VMs that run concurrently.
However, software emulation runs much slower than the hardware it emulates.
2.The para virtualization

 It is typically used in Xen.

  It is also known as the split driver model consisting of a frontend driver and a
backend driver.

 The frontend driver is running in Domain U and the backend driver is running
in Domain 0.

 They interact with each other via a block of shared memory.

 The frontend driver manages the I/O requests of the guest OSes and the backend
driver is responsible for managing the real I/O devices and multiplexing the I/O data
of different VMs.

 Although para I/O- virtualization achieves better device performance than full
device emulation, it comes with a higher CPU overhead.

3.Direct I/O

 lets the VM access devices directly.

 It can achieve close to native performance without high CPU costs.

Figure 2.17 Device emulation for I/O virtualization implemented inside the middle layer that maps
real I/O devices into the virtual devices for the guest device driver to use.
virtualization in Multi-Core Processors:

 Virtualizing a multi-core processor is relatively more complicated than

virtualizing a unicore processor.
 Though multicore processors are claimed to have higher performance by integrating
multiple processor cores in a single chip, muti-core virtualization has raised some
new challenges to computer architects, compiler constructors, system designers, and
application programmers.

 There are mainly two difficulties: Application programs must be parallelized to

use all cores fully, and software must explicitly assign tasks to the cores, which is
a very complex problem.