Xen and the new processors
On x86 processors, when running in protected mode, there are four privilege levels. The operating system kernel executes in privilege level 0 (also called "supervisor mode") while applications execute in privilege level 3. Privilege levels 1 and 2 are not used. When the processor detects a privilege level violation, it generates a general-protection violation.
When using virtual machine extensions, there are two classes of software: VMM (Virtual Machine Monitor), also known as "hypervisor", and Guests, which are virtual machines. VMM acts as a host and has a full access to the hardware. Each Guest virtual machine operates independently of the others.
In the Xen project, running on x86 processors, the guest operating systems run in privilege level 1. The guest operating system code has been modified to support virtualization. There is no need to modify applications and they run in privilege level 3 as in the usual case. Naturally, many will prefer a situation where the guest operating system code does not need to be modified. As a result, hardware manufacturers like Intel and AMD have begun to develop processors with built-in virtualization extensions. With these processors, the guest operating system code stays unmodified.
Intel has developed the VT-x technology for x86 processor. This technology provides hardware virtualization extensions. There are some VT-x processors already available in the market. For more details on Intel Virtualization Specification for the IA32 see this document [PDF].
With Intel's VT-x, the VMM runs in "VMX root operation mode" while the guests (which are unmodified OSes) run in "VMX non-root operation mode". While running in this mode, the guests are more restricted; some instructions, like RDMSR, WRMSR and CPUID, will cause a "VM exit" to the VMM. VM exit is a transition from non-root operation to root operation. Some instructions and exceptions will cause a "VM exit" when the configured conditions are met. Xen handles the VM exit in a manner that is specific to to the particular exception.
To implement this hardware virtualization, Intel added a new structure called VMCS (Virtual Machine Control Structure), which handles much of the virtualization management functionality. This structure contains the exit reason in the case of a VM exit. Also, 10 new instruction opcodes were added in VT-x. These new opcodes manage the VT-x virtualization behavior. For example, the VMXON instruction starts VMX operation, the VMREAD instruction reads specified field from the VMCS and the VMWRITE instruction writes specified field to the VMCS. When a processor operates in "VMX root operation mode" its behavior is much like when it operates in normal operating mode. However, in normal operating mode these ten new opcodes are not available.
Intel recently published its VT-d (Intel(r) Virtualization Technology for Directed I/O). VT-d enables I/O devices to be directly assigned to virtual machines. It also defines DMA remapping logic that can be configured for an individual device. There is also a cache called an IOTLB which improves performance. for more details see Intel's documentation [PDF].
In AMD's SVM ("Secure Virtual Machine), there is something quite similar, but the terminology is a bit different: We have Host Mode and Guest Mode. The VMM runs in Host Mode and the guests run in Guest Mode. In Guest Mode, some instructions cause VM EXIT, which is handled in a manner that is specific to the way Guest Mode is entered.
AMD added a new structure called the VMCB (Virtual Machine Control Block) which handles much of the virtualization management functionality. The VMCB includes an exit reason field which is read when a VM EXIT occurs. AMD added eight new instruction opcodes to support SVM. For example, the VMRUN instruction starts the operation of a guest OS, the VMLOAD instruction loads the processor state from the VMCB and the VMSAVE instruction saves the processor state to the VMCB. For more details see the AMD64 Architecture Programmer's Manual [PDF]: Vol 2 System Programming, chapter 15,"Secure Virtual Machine".
AMD is supposed to release its first processors with virtualization support in June, 2006.
AMD has published its I/O virtualization technology specification (IOMMU); AMD CPUs with this IOMMU support should be available in 2007. The AMD IOMMU technology intercepts devices access to memory. It finds out to which guest a particular device is assigned, and decides whether access is permitted and the actual address is available in system memory (page protection and address translation). You can think of AMD IOMMU as providing two facilities for AMD processors: The Graphics Aperture Remapping Table (GART) and the Device Exclusion Vector (DEV). In the AMD IOMMU there is optional support for IOTLBs. For more details see: AMD I/O virtualization technology (IOMMU) specification Rev 1.00 [PDF].
Starting at the end of January 2006, the Xen unstable repository has offered support for both Intel and AMD processors with virtualization extensions. Since there is much in common between AMD and Intel, a common API which is termed HVM (Hardware Virtual Machine) was developed. For example, HVM defines a table called hvm_function_table, which is a structure containing functions that are common to both Intel VT-x and AMD SVM. These methods are implemented differently in the VT-x and AMD SVM trees. Another example of a common method for VT-x and SVM is the domain builder method, xc_hvm_build(). (domain is a guest).
With Xen running on non-virtualized processors, there is a device model which is based on backend/frontend virtual drivers (also called "split drivers"). The backend is in domain 0, while the frontend is in the unprivileged domains. They communicate via an interdomain event channel and a shared memory area which is allocated from grant tables.
Only domain 0 has access to the hardware through the unmodified Linux drivers. When running on VT-x or SVM, we cannot use this IO model, because the guests run unmodified Linux kernels. So Both VT-x and SVM use the emulated device subsystem of QEMU for their I/O. QEMU runs in Xen as a userspace process. Using QEMU has a performance cost, so, in the future, it is possible that QEMU will be replaced by a better performing solution. It is however, important to understand that an IOMMU layer, even one which is built according to the new AMD or Intel specs, cannot in itself be a replacement for QEMU, because the same device may need to be shared between multiple domains.
As was mentioned above, there are many common things between Intel VT-x and AMD SVM (like usage of QEMU and the common API which HVM abstracts). However, there are some differences; for example:
- The AMD SVM uses a tagged TLB; this means
that they use an ASID (Address Space Identifier) to distinguish
between host-space entries from guest-space entries.
By using this identifier, we don't have to perform a TLB flush when
there is a context switch between guest and host.
This significantly reduces the number of TLB flushes.
A TLB flush slows the system because after a TLB flush occurs,
subsequent accesses to memory will require a full page table lookup.
- In order to boot an Intel VT-x machine you need an hvmloader (which was called vmxloader in the past). According to the VT-x spec, guest OSes cannot operate in real mode. Using a Linux loader to load a guest OS is impossible because it starts in real mode. To solve this problem, a vmxloader was written for VT-x guests. This loader uses the VM86 mode of the processor to run the OS boot loader. AMD SVM, on the other hand, supports real-mode for guests, so it does not need the VM86 mode of the hvmloader.
Thanks to Mat Petersson from AMD for reviewing this article.
| Index entries for this article | |
|---|---|
| GuestArticles | Rosen, Rami |
Posted May 4, 2006 12:10 UTC (Thu)
by amtota (guest, #4012)
[Link] (3 responses)
I really wonder why that is.
Maybe something to do with the fact that the devs just get the job done
I must admit that the sf.net site needs a bit of work (it is being worked
Antoine
Posted May 4, 2006 14:50 UTC (Thu)
by linuxbox (guest, #6928)
[Link]
Posted May 4, 2006 21:21 UTC (Thu)
by proski (subscriber, #104)
[Link] (1 responses)
The whole point of full virtualization is that you run unmodified binaries, whether it's Linux, QNX, OS/2 or CP/M. I heard that Linux compiled to run in Xen would run faster than Linux built to run on raw hardware. So you really care about full virtualizaion if you cannot or don't want to recompile anything.
It's amazing that it took so many years to support IA-32 virtualization. The 16-bit virtual machine support appeared in Intel 80386 in 1986 - twenty years ago.
Posted May 5, 2006 0:36 UTC (Fri)
by giraffedata (guest, #1954)
[Link]
It's simpler than that. Even at the source code level, Linux must be modified to run under Linux. The reason you can "just build with ARCH=um" is that someone has made those modifications.
When people speak of the value of a virtualization that lets you run unmodified code, they're concerned about all that code that hasn't been modified yet for that particular kind of virtual machine, and probably never will be. E.g. Windows. If there's only one program you want to run in the virtual machine (e.g. Linux), and there's already a modified version available, you can cross that concern off your list and consider UML, XEN, etc.
By the way, if you don't require a virtual machine that exactly emulates some existing real machine, then the universe of virtualization is much larger than most people see. Any Unix process is a virtual machine. Used to be, you could run only one program on a computer at a time. The invention of operating systems like Unix let you have essentially (virtually) multiple computers based on a single piece of hardware, as long as you were willing to modify your programs for a different environment.
Posted May 4, 2006 16:31 UTC (Thu)
by nix (subscriber, #2304)
[Link]
Funny how most articles published lately about virtualisation (hot editor forgot UML (again)
subject) forget to mention one technology which has been in the kernel for
years, is stable and has features that many others lack (ie: x86 NPTL
support was added in 2.6.16, networking options, honeypots..).
Sure, UML does not provide a way of migrating live instances from one host
to another (which is cool) - but it does run unmodified Linux instances
provided you build your kernel with ARCH=um. Support for AMD64 is now
pretty good, and you can run x86 guests on an AMD64 hosts. And with
skas0/skas3 mode, it is fast.
but do not have a marketing department pushing out press releases like xen
does... Don't get me wrong, nothing wrong with xen, just too many press
releases per line of code for my liking!
on), but I've started publishing 'uml for dummies' instructions here:
http://uml.nagafix.co.uk
And there is a nice wiki too:
http://uml.harlowhill.com/
I actually didn't notice that UML wasn't mentioned in the list--and I agree. Any way I measure it, UML with SKAS trails Xen in performance, but the feature set is unique. It's changed the way I develop and test Linux software, particularly kernel code.editor forgot UML (again)
Try running "unmodified" Windows that you built with ARCH=um :-)
editor forgot UML (again)
The whole point of full virtualization is that you run unmodified binaries
Linux does require modification
Using VM86 mode in the guest boot process torpedoes things somewhat for running 32-bit guest OSes on Intel x86-64's, doesn't it?Xen and the new processors