Intel® Virtualization Technology and Extensions Rochester Institute of Technology CMPE.750.01 - Advanced Computer Architecture (CMPE75001.2145) Prepared and Presented by: Swapnil S. Jadhav (Computer Engineering) Chaitanya Gadiyam (Computer Engineering) 11-05-2015 1 CMPE.750.01 - Advanced Computer Architecture (CMPE75001.2145)
42
Embed
Intel® Virtualization Technology and Extensionsmeseec.ce.rit.edu/722-projects/spring2015/2-3.pdf•Solving Virtualization Challenges with VT-x and VT-i •Enhancements to Intel®
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Challenges Because of Ring-Deprivileging on IA-32 and Itanium Architecture1. Ring aliasing
• Software is run at a privilege level other than the level for whichit was written
• IA-32 – “PUSH” instruction for CS Register• Itanium – “br.call” instruction for PFS Register
2. Address-space compression• Guest access to the processor’s full virtual address space• Guest access to control structures residing in virtual-address
space – IDT, GDT (IA-32) & IVT (Itanium)• Protecting these control structures• Supporting guest accesses to control structures
3. Non-faulting access to privileged state• Preventing unprivileged software from accessing privileged
components of CPU state• IA-32 – GDTR, IDTR, LDTR, and TR registers• Itanium - PTA register contains base address of VHPT
4. Adverse impacts on guest transitions• Diminishes effectiveness of delivery and handling of transitions
to OS software• IA-32 – Affects Low latency syscalls – SYSENTER, SYSEXIT• Itanium – Affects interrupt handlers performance
5. Interrupt virtualization• VMM intercepts external interrupts – interrupt masking• IA-32 - interrupt flag (IF) in EFLAGS register• Itanium – “i” bit in PSR register• Frequent intercepts of interrupts from OSes degrades
performance; halts virtual-interrupts too
6. Ring compression• Same privilege level – Guest OS runs at the same privilege level
as guest applications• No protection of Guest OSes from guest applications
7. Access to hidden state• No access for guest SW to hidden components• No mechanism for saving/restoring those as well• IA-32 – Hidden Descriptor Caches for segment registers• Itanium – Current Frame Load Enable (CFLE) bit in Register
Stack Engine (RSE) register
8. Frequent Access to privileged resources• Access to Task Priority Register (TPR)• Each access causes faults to VMM• Frequent faults degrades performance
• Full virtualization• No Guest OS modifications• Instruction-set virtualization• Eliminate the need for CPU para-virtualization and binary translation techniques• Enable support for broad range of unmodified guest OSes• Maintaining high levels of performance
• Virtualization in the x86 processor architecture• CPU virtualization (First Generation)
Solving Virtualization Challenges with VT-x and VT-i# Challenges Intel VT-x Intel VT-I
5 Interrupt virtualization • Includes “an external-interrupt exiting VMexecution control” – when set to 1, no needof a control on every guest attempt tomodify interrupt flags
• includes an interrupt-window exiting VM-execution control – when set to 1, VM exitoccurs whenever guest software is ready toreceive interrupts
• Helps when VMM has a virtual interrupt todeliver to a guest
• Includes a virtualization-acceleration field• Prevents guest software from affecting
interrupt masking• Avoids frequent transitions to the VMM• Includes PAL service that a VMM can use to
register that it has a virtual interrupt pending• PAL service transfers control to the VMM via
the new virtual external interrupt vector
6 Access to hidden state • Maintains hidden components of CPU statein the guest-state area of the VMCS fields
• Loads and saves these VMCS fields on VMEntry and VM Exit respectively
• Preserves CPU state during transitions
• Uses an argument value in PAL service to setRSE.CFLE bit to desired value
7 Frequent Access to Privileged Resources
• Uses TPR Shadow and TPR Threshold field inVMCS to invoke VMM only when required
• Uses Virtualization-Acceleration field in VPD toindicate that VMM can be bypassed
• VMM needs to retain control of physical-address space• With Intel® 64, paging is main mechanism for protecting that space• Intel® VT provides hooks for page-table virtualization• But page-table virtualization in software is a major source of overhead
• Extended Page Tables (EPT)• A new CPU mechanism for remapping guest-physical memory references• Allows guest to retain control of legacy Intel® 64 paging• Reduces frequency of VM exits to VMM• Map guest-physical to host-physical address• New hardware page-table walker (Hardware MMU vs. Software MMU)
• Benefits• Guest OS can modify its own page tables freely• Eliminates VM Exits
• Memory Savings• Shadow page tables not required with EPT• Single EPT supports entire VM
• Performance Evaluation of Intel EPT Hardware Assist -http://www.vmware.com
• Intel Virtualization Technology - Hardware Support for Efficient Processor Virtualization - http://www.intel.com
• Liu Yuhang; Hao Qinfen; Xiao Limin; Zhu Mingfa, "Design of ISA for efficient virtualization," Industrial Electronics and Applications, 2009. ICIEA 2009. 4th IEEE Conference on , vol., no., pp.3167,3172, 25-27 May 2009
The IA-32 and Itanium architectures each include specific instructions, registers, and tables, some of which are listed below.
• IA-32 termsCPUID: CPU identification instructionCR: control registers: CR0, CR3 (page-table base address, which controls translation from linear to physical addresses), CR4, and CR8 (current task priority)CS: segment register for the current code segment; in some modes. its low 2 bits are the current privilege levelDR: debug registerEFLAGS: 32-bit version of the flags register; contains arithmetic flags as well as the interrupt flag (IF), used to mask interruptsGDT: global descriptor table; contains descriptors that can be loaded into segment registers LDTR and TRGDTR, IDTR, LDTR, TR: registers that reference the GDT, IDT, LDT, and TSSHLT: halt instructionIDT: interrupt descriptor table; controls the delivery of exceptions and interrupts to their software handlersIF: bit in the EFLAGS register that controls interrupt maskingINVLPG: invalidate TLB entry instructionLDT: local descriptor table; contains descriptors that can be loaded into segment registersLGDT, LIDT, LLDT, LTR: instructions that write to GDTR, IDTR, and TRMOV: move instruction; different versions allow read and write access to the control registers and debug registersMWAIT: monitor wait instructionPUSH: push instruction; pushes its operand on the stackRDMSR, WRMSR: instructions to read from and write to modelspecific registersRDPMC: read performance-monitoring counters instructionRDTSC: read time-stamp counter instructionsegment registers: registers that control translation from logical to linear addressesSGDT, SIDT, SLDT, STR: instructions that read from GDTR, IDTR, and TRSYSENTER, SYSEXIT: fast system call and fast return from fast system call instructionsTSS: task-state segment; among other things, the current TSS controls the ability of software to access I/O ports
• Itanium termsbr.call: branch instruction used to effect a conditional procedure calli: bit in the PSR that controls interrupt maskingIVT: interrupt vector table; controls delivery of exceptions and interrupts to their software handlersmov: move instruction; different versions allow read and write access to the control registers (including PTA)PFS: previous function state registerppl: previous privilege level field in the PFS registerPAL: processor abstraction layer; provides a consistent firmware interface to processor implementation-specific featuresPSR: processor status registerPTA: page table address registerrfi: return from interruption instructionthash: translation hashed entry address instructionVHPT: virtual hash page table; controls translation from virtual to physical addresses