200 likes | 333 Views
Operating System Support for Virtual Machines. Sam King George Dunlap Peter Chen CoVirt Project, University of Michigan. Virtual Machines. Software abstraction of a machine Software backward compatibility Convenient place for new services Strong isolation. Runs directly on hardware
E N D
Operating System Support for Virtual Machines Sam King George Dunlap Peter Chen CoVirt Project, University of Michigan
Virtual Machines • Software abstraction of a machine • Software backward compatibility • Convenient place for new services • Strong isolation
Runs directly on hardware Good performance Uses existing host OS abstractions to implement services Poor performance Guest Process Guest Process Guest Operating System Virtual Machine Monitor Hardware Type I VMM Virtual Machine Configurations Guest Process Guest Process Guest Operating System Virtual Machine Monitor Host Operating System Hardware Type II VMM
Can we have Type I performance with Type II elegance? • Yes! • Only 510 lines of code added to Linux • Type II VMM attain performance that approaches type I VMM
Presentation Outline • Background on UMLinux • Discussion of optimizations • Conclusions
UMLinux Architecture • Linux on top of Linux • Port of Linux to run in UMLinux • ptrace used for virtualization • intercept guest system calls • track guest user / kernel mode transitions Guest Process UMLinux VMM Guest OS Linux Operating System PC Hardware
Original UMLinux Guest System Call Guest application VMM Process Guest operating system Host operating system
VMM Process Move VMM to Host Kernel Guest application VMM Process Guest operating system Host operating system
Switching Guest Modes • Significant number of guest kernel / user mode crossings • Kernel compile benchmark: • 22 million guest memory exceptions • 1.4 million guest system calls • Protection provided using mprotect system calls • Instead, use x86 segmentation hardware
0xffffffff segment bound Host OS 0xffffffff Host OS 0xc0000000 0xc0000000 guest user-mode guest kernel-mode Accessible Memory Guest OS 0x70000000 Guest Apps Guest OS segment bound 0x00000000 0x70000000 Guest Apps Accessible Memory 0x00000000 Use Segmentation Bounds for Kernel Protection
Original UMLinux Guest Application Context Switching RAM File RAM File Guest Application Memory Guest Application Memory proc_a mem proc_a mem 0x8000 0x8000 proc_b mem proc_b mem process_b page at 0x8000 mapped in, process_b executes process_a running
guest proc b switchguest syscall Multiple Address Space Definitions • Instead, modify hardware page table pointer guest proc a Guest OS Page Table Ptr Host operating system
Conclusion • Existing OS abstractions sufficient, slow • Fast interception of signals and exceptions • Expose power of underlying hardware • Type II VMM CAN be as fast as type I • Questions?
Related Work • User-Mode-Linux • SUNY Palladium • Mach, Exokernel, L4 • Wisconsin Wind Tunnel
Further Areas of Improvement • Asynchronous I/O • Exception Handling