CSE 153 Design of Operating Systems Winter 2015 Lecture 15: Virtual Machine Monitors.
-
Upload
lauren-page -
Category
Documents
-
view
217 -
download
2
Transcript of CSE 153 Design of Operating Systems Winter 2015 Lecture 15: Virtual Machine Monitors.
CSE 153CSE 153Design of Operating SystemsDesign of Operating Systems
Winter 2015Winter 2015
Lecture 15: Virtual Machine MonitorsLecture 15: Virtual Machine Monitors
OS AbstractionsOS Abstractions
2
Operating System
Hardware
Applications
CPU Disk RAM
Process File system Virtual memory
CSE 153 – Lecture 16 – Virtual Machine Monitors
NetworkI/O Devices
Virtual Machine MonitorVirtual Machine Monitor
3
Operating System
Hardware
Applications
CPU Disk RAM
Process File system Virtual memory
CSE 153 – Lecture 16 – Virtual Machine Monitors
NetworkI/O Devices
Virtual Machine Monitor
What is a VMM?What is a VMM? We have seen that an OS already virtualizes
Syscalls, processes, virtual memory, file system, etc. Applications program to this interface OS offers illusion that each process is running in isolation
A VMM virtualizes an entire physical machine Interface supported is the hardware VMM offers illusion that OS has full control over the hardware VMM “applications” (OSes) run in virtual machines
Implications of booting an OS in a virtual machine Run multiple instances of an OS on same physical machine Run different OSes simultaneously on the same machine
» Linux on Windows, Windows on Mac, etc.
5CSE 153 – Lecture 16 – Virtual Machine Monitors
Why do such a crazy thing? Why do such a crazy thing? Resource utilization
Machines today are powerful, want to multiplex their hardware» e.g., Cloud service can divvy up a physical machine to customers
Can migrate VMs from one machine to another without shutdown Software use and development
Can run multiple OSes simultaneously» No need to dual boot
Can do system (e.g., OS) development at user-level Many other cool applications
Debugging, emulation, security, speculation, fault tolerance… Common theme is manipulating applications/services at
the granularity of a machine Specific version of OS, libraries, applications, etc., as package
6CSE 153 – Lecture 16 – Virtual Machine Monitors
CSE 153 – Lecture 16 – Virtual Machine Monitors
Example of Cool VMM TricksExample of Cool VMM Tricks Time dilation
VMM can control the rate of timer interrupts to OS Can change how OS interprets passage of time If VMM slows timer by 10x, then other hardware (CPU, disk,
network) appears 10x faster to OS and applications» OS reads 100 MB of data from network in 1 second, but thinks only
0.1 second has elapsed, giving illusion of 1 GBps of bandwidth Can experiment with apps, protocols, and systems on future
hardware» But, applications run 10x slower
7
CSE 153 – Lecture 16 – Virtual Machine Monitors
VMM RequirementsVMM Requirements Fidelity
OSes and applications work the same without modification» (although we may modify the OS a bit)
Isolation VMM protects resources and VMs from each other
Performance VMM is another layer of software…and therefore overhead
» As with OS, want to minimize this overhead VMware:
» CPU-intensive apps: 2-10% overhead
» I/O-intensive apps: 25-60% overhead
8
VMwareVMware VMware workstation uses hosted model
VMM runs unprivileged, installed on base OS Relies upon base OS for device functionality
VMware ESX server uses hypervisor model VMM runs directly on hardware
VMware uses software virtualization Dynamic binary rewriting translates code executed in VM
» Rewrite privileged instructions with emulation code (may trap) CPU only executes translated code Think JIT compilation for JVM, but
» full binary x86 IR code safe subset of x86 Incurs overhead, but can be well-tuned (small % hit)
11CSE 153 – Lecture 16 – Virtual Machine Monitors
Vmware Hypervisor ModelVmware Hypervisor Model
12
Operating System
Hardware
Applications
CSE 153 – Lecture 16 – Virtual Machine Monitors
Virtual Machine Monitor
Hardware
VMware Hosted ArchitectureVMware Hosted Architecture
13CSE 153 – Lecture 16 – Virtual Machine Monitors
XenXen Early versions use “paravirtualization”
Fancy word for “we have to modify & recompile the OS” Since you’re modifying the OS, make life easy for yourself Create a VMM interface to minimize porting and overhead
Xen hypervisor (VMM) implements interface VMM runs at privilege, VMs (domains) run unprivileged Trusted OS (Linux) runs in own domain (Domain0)
» Use Domain0 to manage system, operate devices, etc.
Most recent version of Xen does not require OS mods Because of Intel/AMD hardware support
Commercialized via XenSource, but also open source
14CSE 153 – Lecture 16 – Virtual Machine Monitors
Xen ArchitectureXen Architecture
15CSE 153 – Lecture 16 – Virtual Machine Monitors
What needs to be virtualized?What needs to be virtualized? Exactly what you would expect
CPU Events Memory I/O devices
Isn’t this just duplicating OS functionality in a VMM? Yes and no Approaches will be similar to what we do with OSes
» Simpler in functionality, though (VMM much smaller than OS) But implements a different abstraction
» Hardware interface vs. OS interface
17CSE 153 – Lecture 16 – Virtual Machine Monitors
Virtualizing Privileged InstsVirtualizing Privileged Insts OSes can no longer successfully execute privileged
instructions Virtual memory registers, interrupts, I/O, halt, etc.
For those instructions that cause an exception Trap to VMM, take care of business, return to OS in VM
For those that do not… Xen: modify OS to hypervisor call into VMM VMware: rewrite OS instructions to emulate or call into VMM
18CSE 153 – Lecture 16 – Virtual Machine Monitors
Virtualizing MemoryVirtualizing Memory OSes assume they have full control over memory
Managing it: OS assumes it owns it all Mapping it: OS assumes it can map any virtual page to any
physical page But VMM partitions memory among VMs
VMM needs to assign hardware pages to VMs VMM needs to control mappings for isolation
» Cannot allow an OS to map a virtual page to any hardware page
» OS can only map to a hardware page given to it by the VMM
Hardware-managed TLBs make this difficult When the TLB misses, the hardware automatically walks the
page tables in memory As a result, VMM needs to control access by OS to page tables
22CSE 153 – Lecture 16 – Virtual Machine Monitors
Shadow Page TablesShadow Page Tables Three abstractions of memory
Machine: actual hardware memory» 2 GB of DRAM
Physical: abstraction of hardware memory managed by OS» If a VMM allocates 512 MB to a VM, the OS thinks the computer
has 512 MB of contiguous physical memory
» (Underlying machine memory may be discontiguous) Virtual: virtual address space per process
» Standard 232 address space
In each VM, OS creates and manages page tables for its virtual address spaces without modification
But these page tables are not used by the MMU hardware
24CSE 153 – Lecture 16 – Virtual Machine Monitors
Shadow Page TablesShadow Page Tables
26CSE 153 – Lecture 16 – Virtual Machine Monitors
SmartphonesSmartphones
CSE 153 – Lecture 16 – Virtual Machine Monitors 31
==
……in 2014in 2014
CSE 153 – Lecture 16 – Virtual Machine Monitors 32
Data from McAfee
MALWARE
Android has become a hot target of malware authors
It is not a problem of the platform itself
34CSE 153 – Lecture 16 – Virtual Machine Monitors
AndroidAndroid
36CSE 153 – Lecture 16 – Virtual Machine Monitors
AndroidAndroid
39CSE 153 – Lecture 16 – Virtual Machine Monitors
AndroidAndroid
40CSE 153 – Lecture 16 – Virtual Machine Monitors
AndroidAndroid
41CSE 153 – Lecture 16 – Virtual Machine Monitors
Dalvik VMDalvik VM Dalvik is a Java Virtual Machine
Designed to run with limited system resources
Android applications are written in Java
Every application runs in its own JVM
CSE 153 – Lecture 16 – Virtual Machine Monitors 42
DEX FileDEX File
Java class files are converted into “.dex” files that Dalvik executes
Java byte-code is converted into Dalvik byte-code during this process
43CSE 153 – Lecture 16 – Virtual Machine Monitors
Process managementProcess management What’s the difference between mobile app cycle and
desktop app cycle? One app has focus from the user at a time
Two key principles Android usually does not delete an app’s state even if you
close it Android kills apps when the memory usage goes too high, but
it saves app state for quick restart later on
CSE 153 – Lecture 16 – Virtual Machine Monitors 45
Application Life cycleApplication Life cycle
StarStarttStarStartt
RunRunRunRun
PausPauseePausPausee
EndEndEndEnd
Be killed tofree-up memoryStay in memory
Stay in memory
Stay in memory
Stay in memory
Close the app
Re-open the app
Open the app
46CSE 153 – Lecture 16 – Virtual Machine Monitors
ExampleExample
System
HomeHomeHomeHomeHome
At the “Home” screen
48CSE 153 – Lecture 16 – Virtual Machine Monitors
ExampleExample
System
Home
HomeHomeHomeHome
ListListListList
Start the “Mail” app and read the list
49CSE 153 – Lecture 16 – Virtual Machine Monitors
ExampleExample
System
Home
HomeHomeHomeHome
ListListListList MessagMessageeMessagMessagee
Click on one of the message and see its content
50CSE 153 – Lecture 16 – Virtual Machine Monitors
ExampleExample
System
Home
HomeHomeHomeHome
ListListListList MessagMessageeMessagMessagee
Browser BrowseBrowse
rrBrowseBrowserr
Click a link in the message
51CSE 153 – Lecture 16 – Virtual Machine Monitors
ExampleExample
System
HomeHomeHomeHomeHome
Browser BrowseBrowse
rrBrowseBrowserr
Now we have enough space to start the “Map” app
March 4, 2014 52CSE 153 – Lecture 16 – Virtual Machine Monitors
ExampleExample
System
HomeHomeHomeHomeHome
Browser BrowseBrowse
rrBrowseBrowserr
MapMapMapMapMap
Start the “Map” app
53CSE 153 – Lecture 16 – Virtual Machine Monitors
ExampleExample
System
HomeHomeHomeHomeHome
Browser BrowseBrowse
rrBrowseBrowserr
Map
Go back to the browser
54CSE 153 – Lecture 16 – Virtual Machine Monitors
ExampleExample
System
HomeHomeHomeHomeHome
Browser
MailListListListList MessagMessag
eeMessagMessagee
“Mail” app is resumed and shows previous message
55CSE 153 – Lecture 16 – Virtual Machine Monitors
ExampleExample
System
HomeHomeHomeHomeHome
Browser
MailListListListList
Go back to the mail list
56CSE 153 – Lecture 16 – Virtual Machine Monitors
ExampleExample
System
HomeHomeHomeHomeHome
Browser
Go back to the “Home” screen
57CSE 153 – Lecture 16 – Virtual Machine Monitors
Memory managementMemory management Linux kernel does most of the job
Page-based memory management Virtual address to physical address mapping
No virtual memory swapping Pros and cons?
CSE 153 – Lecture 16 – Virtual Machine Monitors 58
Offloading of computationOffloading of computation
Naive offloadingSpeech-to-text, OCR
More sophisticated offloading - fine-grained offloadingMAUI: Making Smartphones Last Longer with Code Offload
Running two versions of the app on the mobile device and a powerful server
Decide when/what to offload on the fly
60CSE 153 – Lecture 16 – Virtual Machine Monitors
Disk I/ODisk I/O
Flash Hard Disk Drive
Random access ~0.1ms 5-10ms
File fragment impact
No Greatly impacted
Total power 1/2 to 1/3 of HDD up to 15+ watts
Reliability Reliable Less reliable due to mechanical parts
Write longevity Limited number of writes Less of a problem
Capacity <= 512GB 2-3TB
Price $1.5-2 / GB $0.1-0.2 / GB
61CSE 153 – Lecture 16 – Virtual Machine Monitors
CSE 153 – Lecture 16 – Virtual Machine Monitors
SummarySummary VMMs multiplex virtual machines on hardware
Export the hardware interface Run OSes in VMs, apps in OSes unmodified Run different versions, kinds of OSes simultaneously
Android: Use of virtual machines to protect phones
63
CSE 153 – Lecture 16 – Virtual Machine Monitors
Other VMM SystemsOther VMM Systems VMWare Xen Microsoft Virtual PC User-Mode Linux
64