KEMBAR78
Virtualization Structure and Tools | PDF | Operating System | Virtualization
Scribd
Upload
40 views16 pages

Virtualization Structure and Tools

Uploaded by

Jeevanandhams
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
40 views16 pages

Virtualization Structure and Tools

Uploaded by

Jeevanandhams
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 16

Virtualization Structures /

Tools and Mechanisms


Virtualization
hypervisor provides hypercalls for the guest
OSes and applications
A hypervisor can assume a micro-kernel
architecture Or it can assume a monolithic
hypervisor
Micro-kernel hypervisor includes only the
basic and unchanging functions
device drivers and other changeable
components are outside the hypervisor
Monolithic hypervisor implements all the
aforementioned functions, including those of the
device drivers
Xen Architecture
VMM, which Allows users to dynamically instantiate
an operating system
 Hosts operating systems like Linux and Windows
Multiple operating systems can run simultaneously and
perform different tasks
 completely software based and requires no
special
hardware support

8-Feb-
19
Xen Architecture
 Support unmodified application binaries

implements all the mechanisms, leaving the policy to be


handled by Domain 0,

Core components of a Xen system are the


hypervisor, kernel, and applications

Not all guest OSes are created equal, and one


in particular controls the others

guest OS, which has control ability, is called Domain 0,


and the others are called Domain U
Xen Architecture
Domain 0 is a privileged guest OS which is first loaded
when Xen boots without any file system driver

Use para-virtualization to provide high performance and


good resource isolation
• The guest operating system has to be modified to run on
the Virtual Machine Monitor.
• Specifically, the guest OS can no longer execute in ring 0,
because that ring is now occupied by the VMM.
• The guest OS has to be modified to run outside of ring 0
Xen Architecture

8-Feb-
19
Xen Architecture
Xen Architecture
Domain 0 is designed to access hardware
directly and manage devices.
So, one of the responsibilities of Domain 0 is
to allocate and map hardware resources for the
guest domains
Domain 0, behaving as a VMM, allows users to
create, copy, save, read, modify, share, migrate,
and roll back VMs as easily as manipulating a file,
If Domain 0 is compromised, the hacker can
control the entire system. So, in the VM system,
security policies are needed to improve the
security of Domain 0
Binary Translation with Full Virtualization

Depending on implementation technologies, hardware


virtualization may be either full virtualization and host-
based virtualization
Full virtualization does not need to modify the host
OS.
It relies on binary translation to trap and to virtualize
the execution of certain sensitive, nonvirtualizable
instructions
noncritical instructions run on the hardware directly
while critical instructions are discovered and replaced
with traps into the VMM to be emulated by software
Binary Translation with Full Virtualization

VMM instruction
scans stream identifies
and
privileged, the
control
behavior-sensitive instructions
 When andinstructions
these
are identified, are
they
trapped into
emulates VMM,behavior
the which of
these instructions.
This method used in this emulation is
called binary translation
Host Based Virtualization
 Dedicated applications may run on the VMs.
Certainly, some other applications can also
run with the host OS directly
 host-based architecture has flexibility
Para Virtualization
 Needs to modify the guest OS
para-virtualization attempts to reduce
virtualization overhead, the thus
and
performance by modifying only the guest OS improve
kernel

VIRTUALIZATION
8-Feb- 12
19 Dr.S.Sundararaja
n
Para Virtualization

 The OSes are para-virtualized. They are


guest by an intelligent compiler to replace the
assisted
nonvirtualizable OS instructions by as
hypercalls illustrated
traditional x86 processor offers four instruction
execution rings: Rings 0, 1, 2, and 3.
The lower the ring number, the higher the privilege
of instruction being executed. The OS is
responsible
for managing the hardware and the
privileged instructions
applications run at Ring 3 to execute at
VIRTUALIZATION
Ring 13
Para Virtualization

VIRTUALIZATION
8-Feb- 14
19 Dr.S.Sundararaja
n
Para Virtualization with Compilation
Support
 Para-virtualization handles these instructions
at compile time.
 The guest OS kernel is modified to replace
the privileged and sensitive
 Guest OS running at Ring 1 instead of at R 0.
 It implies that the guest OS may not be able
to execute some privileged and sensitive
instructions.
Para Virtualization with Compilation
Support
 The privileged instructions are implemented by
hypercalls to the hypervisor.
 After replacing the instructions with hyper calls,
the modified guest OS emulates the behavior of the
original guest OS

You might also like