2 .. System Virtualization and OS Virtual Machines slides file, created by
3 hieroglyph-quickstart on Mon Oct 28 09:39:30 2013.
5 =============================================
6 System Virtualization and OS Virtual Machines
7 =============================================
10 :Authors: Ivan Boule, Olivier Matz
25 History of Virtual Machines
26 ---------------------------
28 - VM introduced in the sixties on IBM/370 series
30 - Co-Designed VM: IBM AS/400
32 - High level ISA including I/Os
33 - Proprietary CISC → PowerPC
37 - Sun Java, Microsoft Common Language Infrastructure
41 - VMware (virtualized PC on x86)
42 - Virtual PC (PC emulation on Mac OS/PowerPC)
43 - Many others : Bochs, VirtualBox, Qemu, ...
48 System Virtualization Principles
49 --------------------------------
51 - Run multiple OS's on the same machine
53 - By design, an OS assumes to have full control over all physical
54 resources of the machine
56 - Manage sharing/partitioning of machine resources between Guest OS's
59 - Physical memory & MMU
62 Goals of System Virtualization
63 ------------------------------
65 - Reduction of Total Cost of Ownership (TCO)
67 - Increase utilisation of server resources
69 - Reduction of Total Cost of Functioning
75 - Hardware Consolidation
77 - Reduction of Build Of Material (BOM) for high-volume low-end
80 - Isolation of OS for security purposes
83 Virtualization in high-throughput network equipments
84 ----------------------------------------------------
86 .. figure:: high-thput1.jpg
88 .. figure:: high-thput2.jpg
90 Virtualization in Multimedia devices
91 ------------------------------------
93 - Reduction of Build Of Material (BOM) for high-volume low-end
96 - No need for a general purpose processor
98 - 20 to 25 % BOM reduction
100 - Run Linux together with OS supporting Codecs on a single TI DSP
102 - Leverage Linux environment
104 - Reuse existing DSP software
108 Usages of Virtual Machines
109 --------------------------
111 - Server virtualization
120 - OS/kernel education & training
123 - OS kernel development
124 - Test machine = development host
126 - Keep backward compatibility of legacy software
128 - Run applications not supported by host OS
133 .. figure:: recovery.png
136 Multi-Core CPU Issues (1)
137 -------------------------
141 - No more achieved through Frequency/Speed increase
142 - But obtained with higher density & multi-core chips
144 - Many RTOS designed with mono-processor assumption
146 - Adding multi-processor support is complex & costly
147 - Scaling requires time, at best...
149 - Legacy RT applications also designed for mono-processor
151 - Adaptation to multi-pro even more difficult than RTOS
153 Multi-Core CPU Issues (2)
154 -------------------------
156 - OS virtualization allows to run simultaneously on a multi-cores CPU
157 multiple instances of mono-processor OS's
159 - Each OS instance is run in a mono-processor
161 - Virtual Machine assigned to a single CPU core
163 - No need to change legacy software
165 - Scalability managed at virtualization level
167 Virtualization Taxonomy
168 =======================
173 .. figure:: isa-abi.svg
175 - ISA = Instruction Set Architecture
177 - System level interface
178 - All CPU instructions, memory architecture, I/O
180 - ABI = Application Binary Interface
182 - Process level interface
183 - User-level non privileged ISA instructions + OS systems 14 calls
185 Virtualization Taxonomy
186 -----------------------
188 - Process level virtualization
190 - Emulation of Operating System ABI
191 - Emulation of OS ABI, cross-architecture
194 - System level virtualization
196 - Standalone / Hosted Virtualization
197 - Machine Emulation / Machine Virtualization
199 Hosted versus Standalone Virtualization
200 ---------------------------------------
202 - Hosted Virtualization
204 - Hosted VM Monitor (VMM) runs on top of native OS
205 - VMware WKS, Microsoft VirtualPC, QEMU/KVM, UML
207 - Standalone Virtualization
209 - VMM directly runs on bare hardware
210 - VMware ESX, IBM/VM, Xen
212 - OS run in a VM is named a Guest OS
214 Hosted Virtualization
215 ---------------------
217 .. figure:: hosted.svg
219 Example: VMware Workstation
220 ----------------------------
222 .. figure:: vmware-wks.png
226 - Specific device drivers
228 - Guest OS executed in user mode
230 Standalone Virtualization
231 -------------------------
233 .. figure:: standalone.svg
239 - Supports unmodified OS binaries
241 - Configuration with appropriate device drivers
248 Process Level Virtualization
249 ============================
251 Process level ABI Emulation
252 ---------------------------
254 - Goal: execute binary applications of a given system **X** on the ABI of
257 - Emulate system **X** ABI on top of system **Y** ABI
259 - Emulation done by application-level code
261 - System **Y** must provide services equivalent to those of system
262 **X** (file system, sockets, etc...)
264 Process Level (ABI) Emulators
265 -----------------------------
267 - Wine - Windows Emulator on Unix/Linux
269 - Windows API in userland
270 - Adobe Photoshop, Google Picasa, ...
274 - Unix emulation on Windows
276 - Bash shell + many Unix commands
277 - GNU development tool chain (gcc, gdb)
278 - X Window, GNOME, Apache, sshd, ...
280 Process Level Cross-architecture Emulators
281 ------------------------------------------
283 - Emulate the Operating System ABI
285 - Emulated OS and native OS are the same (ex: both are linux)
286 - Emulated arch is different than native architecture (ex: x86 and
289 - Example: qemu-user::
295 $ powerpc-linux-gnu-gcc -static hello.c
297 bash: ./a.out: cannot execute binary file
304 - Single OS kernel / Multiple resource instances
306 - Isolated kernel execution environments
309 - Network: Routing table, IP tables, interfaces...
310 - Process for signals
312 - Solaris 10 Containers
313 - LXC, Linux-VServer, openVZ
319 .. figure:: virtual-servers.svg
329 - Low memory footprint
336 - No OS heterogeneity (no GPOS/RTOS combination)
337 - Single OS binary instance (common point of failure)
339 Transparent Hardware Emulation
340 ==============================
342 Transparent Hardware Emulation (1)
343 ----------------------------------
345 - Run unmodified OS binaries
347 - Includes emulation of physical devices
349 - Cross ISA Emulation
355 - VirtualBox (Intel x86)
357 Transparent Hardware Emulation (2)
358 ----------------------------------
360 - Emulate machine X on top of machine Y
364 - 1 instruction of X executed by N instructions of Y
365 - Huge slow down method
367 - Dynamic Binary Translation
369 - Convert blocs of X instructions in Y instructions
371 - Application-level emulator runs on a native OS
372 - One VM running a single Guest OS
379 QEMU: Hosted Hardware Emulator
380 ------------------------------
382 - Cross ISA Emulation
384 - Emulate machine X on top of machine Y
386 - Interpretation + translation
388 - Intel x86, PowerPC, ARM, Sparc architectures
390 - Emulation of SMP architectures
392 - Emulates physical I/O devices
394 - Hard Disk drives, CD-ROM, network controllers, USB controllers, ...
395 - Synchronous emulation of device I/O operations
397 Transparent Hardware Virtualization
398 ===================================
400 Transparent Hardware Virtualization
401 -----------------------------------
403 - Guest and host architectures are the same
405 - Execute native/unmodified OS binary images
407 - Provide in each VM a complete simulation of hardware
409 - Full CPU instruction set
410 - Interrupts, exceptions
411 - Memory access and MMU
414 - Share machine resources among multiple VMs
416 Full CPU Virtualization (1)
417 ---------------------------
419 - Present same functional CPU to all Guest OSes
421 - VMM manages a CPU context for each VM
423 - saved copy of CPU registers
424 - representation of software-emulated CPU context
426 - VMM shares physical CPUs among all VMs
428 - VMM includes a VM scheduler
433 Full CPU Virtualization (2)
434 ---------------------------
436 - Relationships between a VMM and VMs similar to relationships between
437 native OS and applications
439 - Guarantee mutual isolation between all VMs
440 - Protect VMM from all VMs
442 - Directly execute native binary images of Guest OS's in
445 - VMM emulates access to protected resources performed by Guest OSs
450 - Run each Guest OS in non-privileged mode
452 .. figure:: cpu-virt.svg
454 "Hardware-Sensitive" Instructions
455 ---------------------------------
457 - Interact with protected hardware resources
459 - Privileged Instructions (cannot be executed in user mode)
460 - Critical Instructions (can be, but should not be executed by Guest OS)
462 - Must be detected and faked by VMM
464 - Dynamic Binary Translation of kernel code
466 - Done once, saved in Translation Cache
469 Privileged Instructions Virtualization
470 --------------------------------------
472 - Only allowed in supervisor mode
474 - Ex: **cli/sti** to mask/unmask interrupts on Intel x86
476 - When executed in non-privileged mode
478 - CPU automatically detects a privilege violation
479 - Triggers a “privilege-violation” exception
481 - Caught by VMM which fakes the expected effect of the privileged
486 - VMM does not mask/unmask CPU interrupts
487 - records « interrupt mask status » in context of VM
489 Critical Instructions Virtualization (1)
490 ----------------------------------------
492 - Hardware-sensitive instructions
494 - Ex: Intel IA-32 pushf/popf::
496 pushf /* save EFLAG reg. to stack */
497 cli /* mask interrupts => clear EFLAG.IF */
499 popf /* restore EFLAG reg. => unmask interrupts */
501 - When executed in non-privileged mode
503 - The cli instruction triggers an exception caught by VMM => VMM
504 record interrupts masked for current VM
506 - But no exception for popf => VMM not aware of Guest OS action
509 Critical Instructions Virtualization (2)
510 ----------------------------------------
512 - Must be detected and emulated by VMM
514 - VMM dynamically analyses Guest OS binary code to find critical instructions
516 - VMM replaces critical instructions by a « trap » instruction to enter the VMM
518 - VMM emulates expected effect of critical instruction, if any.
520 Full Memory Virtualization
521 --------------------------
523 - CPU include a Memory Management Unit (MMU)
525 - Isolated memory addressing spaces
526 - Independant of underlying physical memory layout
527 - Run mutually protected applications in parallel
529 - Virtual Memory managed by OS kernel
531 - Provides a virtual address space to each process
533 - 4 GB on most 32-bit architectures (Intel x86, PowerPC)
535 - Manages virtual page → physical case mappings
536 - Manages « swap » space to extend physical memory
538 MMU & Virtual Address Space
539 ---------------------------
548 Memory Virtualization (1)
549 -------------------------
551 - Machine Physical Memory
553 - Physical memory available on the machine
555 - Guest OS Physical Memory
557 - Part of machine memory assigned to a VM by VMM
559 - ∑ Guest Physical Memory can be > Machine Memory
561 - VMM uses « swap » space
563 - Guest OS Virtual Memory
565 - Guest OS manages virtual address spaces of its processes
567 Memory Virtualization (2)
568 -------------------------
570 - Guest OS manages Guest Physical Pages
572 - Manages MMU with its own page entries
573 - Translates Virtual Addresses into Guest Physical Addresses (GPA)
575 - VMM transparently manages Machine Physical Pages
577 - Guest Physical Address ≠ Machine Physical Address
578 - VMM dynamically translates Guest Physical Pages into Machine
581 Memory Virtualization (3)
582 -------------------------
584 .. figure:: mem-virt.svg
586 Memory Virtualization (4)
587 -------------------------
589 - VMM maintains Shadow Page Tables
591 - Copies of Guest OS translation tables
593 - VMM catches updates operations of translation tables performed by a
596 - RW-protect all guest OS page tables
597 - Emulates operation in shadow page table
598 - Updates effective MMU page table entry, if needed
600 Memory Virtualization (5)
601 -------------------------
603 - PTE entries can be tagged with a context ID
605 - Avoids to flush TLB when switching current address space upon
606 scheduling of a new process
608 - usually PTE tag = OS process identifier
610 - Processes of different Guest OSes can be assigned the same Process
613 - VMM must flush TLB when switching VMs
615 Memory Virtualization (6)
616 -------------------------
618 - VMM must respect Guest OS virtual page faults
620 - Not map virtual pages unmapped by Guest OS
621 - When Guest OS unmaps a virtual page:
623 - VMM must delete the associated real-page/physical page
626 - Conversely, VMM can transparently:
628 - Introduce & resolve real-page faults for Guest OSes
629 - Share physical pages between Guest OS's
631 - Pages with same content's (e.g. zero-ed pages)
633 Memory Virtualization (7)
634 -------------------------
636 - VMM can swap real pages of a VM
638 - on "swap" space managed by VMM
640 - VMM can dynamically distribute physical memory among VMs
642 - Needs a specific support in Guest OS (Linux module)
644 - VMM asks Guest OS to release memory
646 - Guest OS self-allocates real pages
647 - no more available for normal kernel allocation service
648 - VMM assigns same amount of physical pages to other VM's
653 Paravirtualization (1)
654 ----------------------
656 - OS adaptation to avoid binary translation overhead
657 - Requires access to OS source code
658 - Include drivers of virtual devices
662 - User Mode Linux (UML)
664 Paravirtualization (2)
665 ----------------------
667 - Still run each Guest OS in non-privileged mode
669 - But with minimal virtualization overhead
671 - => Modified Guest OS kernel
673 - Remove Hardware-Sensitive Instructions
675 - Use fast VMM system calls instead, if needed
677 - Minimise usage of Privileged Instructions
679 - Only affect Machine/CPU dependant part of OS
681 - OS portage on new architecture with same CPU
685 Paravirtualization (3)
686 ----------------------
688 - Guest OS only use Virtual I/O Devices, in a cooperative way
690 - Front-end driver in Guest OS
691 - Back-end driver in VMM
693 - VMM multiplex VM Virtual Devices on physical devices
698 - Data transfer through I/O rings
703 .. figure:: virt-devices.svg
705 Paravirtualization Example: Xen
706 -------------------------------
710 - Scalable, support more than 100 VM
711 - Share resources of Server machines
713 - Intel IA-32, x86-64, ARM, ...
715 - Special first Guest OS called Domain 0
717 - Run in privileged mode
718 - Have access (and manages) all physical devices
719 - Modified version of Linux, FreeBSD
721 Hardware-Assisted Virtualization
722 ================================
724 Hardware Assisted Virtualization (1)
725 ------------------------------------
727 - Support of Virtualization in Hardware
728 - Run unmodified OS binaries
729 - With minimal virtualization overhead
730 - Simplify VMM development
736 Hardware Assisted Virtualization (2)
737 ------------------------------------
742 - Intel VT-x (x86), Intel VT-i (Itanium) architectures
747 - Intel Extended Page Tables (EPT)
748 - AMD Nested Page Tables (NPT)
750 Hardware Assisted Virtualization (3)
751 ------------------------------------
755 - IO-MMU (Intel VT-d)
757 - I/O Device virtualization
759 - Self-Virtualizing devices
760 - Single Root I/O Virtualization and Sharing Specification (SR-IOV)
761 - Extensions to PCIe (PCI Express) Bus standard
763 Intel VT-x Architecture
764 -----------------------
766 - Support unmodified Guest OS with no need for paravirtualization
767 and/or binary code translation
769 - Simplify VMM tasks & improve VMM performances
771 - Minimize VMM memory footprint
773 - Suppress shadowing of Guest OS page tables
775 - Enable Guest OS to directly manage I/O devices
777 - Without performance lost
778 - While enforcing VM isolation and mutual protection
780 Intel VT-x Architecture Overview
781 --------------------------------
785 Intel VT-x CPU Virtualization (1)
786 ---------------------------------
788 - Virtual Machine eXtension (VMX)
790 - Two new meta-modes of CPU operation
794 - Behaviour similar to IA-32 without VT
795 - Intended for VMM execution
799 - Alternative IA-32 execution environment
800 - Controlled by a VMM
801 - Designed to run unchanged Guest OS in a VM
803 - Both modes support rings 0-3 privilege levels
805 - Allow VMM to use several privilege levels
807 Intel VT-x CPU Virtualization (2)
808 ---------------------------------
810 - Two additional CPU mode transitions
812 - From VMX root-mode to VMX non-root mode
814 - Named VM Enter (VMLaunch instruction)
816 - From VMX non-root mode to VMX root mode
818 - Named VM Exit (event)
820 - VM entries & VM exits use a new data structure
822 - Virtual Machine Control Structure (VMCS) per VM
823 - Referenced with a memory physical address
824 - Format and layout hidden
825 - New VT-x instructions to access a VMCS
827 Intel VT-x CPU Virtualization (3)
828 ---------------------------------
832 - Saved value of registers before beeing changed by
833 - VM Exits (e.g., Segment Registers, CR3, IDTR)
835 - Hidden CPU state (e.g., CPU Interruptibility State)
840 - Interrupt Virtualization
843 - Model Specific Register R/W bitmaps
844 - Execution rights for CPU Privileged Instructions
847 Intel VT-x Interrupt Virtualization
848 -----------------------------------
850 - VMCS External Interrupt Exiting
852 - All external interrupts cause VM Exit
853 - Guest OS cannot mask external interrupts when executing Interrupt
856 - VMCS Interrupt Window Exiting
858 - VM Exit occurs whenever Guest OS ready to serve external interrupts
860 - Used by VMM to control VM interrupts
862 Intel VT-x MMU Virtualization
863 -----------------------------
865 - Extended Page Tables (EPT)
867 - Second level of Page Tables in MMU
868 - Translate Guest OS Physical Address into Machine Physical Address
871 - Virtual Processor IDentifier (VPID)
873 - Used to tag TLB entries
874 - Avoid to flush TLB upon VM switch
876 Virtual Memory Virtualization
877 -----------------------------
879 .. figure:: vt-x-mem.svg
881 Intel VT-x Extended Page Tables (1)
882 -----------------------------------
884 - VMM controls Extended Page Tables
886 - EPT used in VMX non-root operation
888 - Activated on VM Enter
889 - Desactivated on VM exit
891 - EPTP register points to Extended Page Tables
893 - Instanciated by VMM
895 - Loaded from VMCS on VM entry
898 Intel VT-x Extended Page Tables (2)
899 -----------------------------------
901 .. figure:: vt-x-mmu.svg
906 .. figure:: tlb-flush-issue.svg
908 Intel VT-x Virtual Processor Identifier
909 ---------------------------------------
911 - 16-bit VPID used to tag TLB entries
913 - Enabled by VMM in VMCS
914 - Unique VPID is assigned by VMM to each VM
915 - VPID 0 reserved for VMM
917 - Current VPID is 0x0000 when
919 - Outside VMX operation
920 - In VMX root mode operation
921 - In VMX non-root mode if VPID disabled in VMCS
923 - VPID loaded from VMCS on VM Enter
925 DMA Virtualization (1)
926 ----------------------
928 - Enable Guest OS to manage I/O devices
930 - I/O devices assigned by VMM to Guest OSes
934 - Use native device driver of Guest OS
935 - Unaware of physical memory Virtualization
937 - Enforce isolation between Guest Oses
939 - Guest OS only view hardware ressources assigned by VMM (memory,
947 DMA Virtualization (2)
948 ----------------------
950 .. figure:: dma-virt.svg
952 DMA Virtualization Issue
953 ------------------------
955 - Guest OS driver setup I/O registers of device with Guest Physical
956 Address of I/O buffers
958 - Guest Physical Address must be translated into its corresponding
959 Machine Physical Address when used for DMA operations by device
961 - GPA Translation cannot be done by VMM
963 - VMM cannot catch device-specific driver operations to setup I/O
966 Intel VT-d Protection Domains
967 -----------------------------
969 - Intel VT-d provides DMA Protection Domains
971 - Extension of IOMMU translation mechanism
972 - Isolated context of a subset of the Machine Physical Memory (MPA)
973 - Correspond to the portion of Machine Physical Memory allocated to
976 - I/O devices assigned by VMM to a DMA Protection Domain
978 - Achieves DMA isolation by restricting memory view of I/O devices
979 through DMA address translation
981 Intel VT-d DMA Translation
982 --------------------------
984 - VT-d hardware treats address specified in DMA request as DMA Virtual
987 - DVA = GPA of the VM to which the I/O device is assigned
989 - VT-d translates the DVA into its corresponding Machine Physical
992 - Support of multiple Protection Domains
994 - DVA to MPA translation table per Protection Domain
995 - Must identify the device issuing a DMA request
997 VT-d PCI Express North Bridge
998 -----------------------------
1000 .. figure:: vt-d.svg
1002 PCI DMA Requester Identification
1003 --------------------------------
1005 - Mapping between PCI Device and Protection Domains
1006 - 16-bit PCI DMA Requester Identifier
1008 .. figure:: dma-req-id.svg
1010 - Assigned by PCI configuration software
1011 - Bus # indexes Bus Context Table in Root Context Table
1012 - (Device #, Function #) indexes Device Protection Domain in Bus
1015 Device / Protection Domain Mapping
1016 ----------------------------------
1018 .. figure:: device-domain-mapping.svg
1020 Virtual DMA Address Translation
1021 -------------------------------
1023 - VDA ↔ MPA VT-d Page Tables similar to IA-32 processor Page Tables
1025 - 4KB or larger page size granularity
1027 - Read/Write permissions
1029 - Protection Domains managed by VMM
1031 - Initialized at VM creation time
1032 - With same translations of the VM Extended Page Table
1034 Device Virtualization
1035 ---------------------
1037 - Share I/O device among multiple VMs
1039 - With no performance lost
1040 - While enforcing VM isolation and protection
1042 - Move device virtualization from the VMM to the device itself
1044 - Requires support from the device
1046 - Example of Ethernet controllers
1048 Ethernet Device Virtualization
1049 ------------------------------
1051 .. figure:: ethernet-dev-virt.svg
1053 Intel Single Root I/O Virtualization
1054 ------------------------------------
1056 - SR-IOV capable PCI Device can be partitionned into multiple Virtual
1059 - SR-IOV Device appears in PCI configuration space as multiple PCI
1062 - Each Device Virtual Function includes
1064 - PCI configuration registers
1068 - Requires VT-d for DMA virtualization
1073 - VMM manages physical PCI device
1075 - Create a PCI Virtual Function for each VM
1077 - Include it into VM PCI configuration space to be probed by VM
1079 - Map it to Protection Domain of VM
1081 - Programs the sharing of physical devices ressources between VFs
1083 - PCI Device Virtual Functions directly managed by specific VF-Aware
1084 GuestOS drivers (kind of Para-Virtualization)
1089 .. figure:: eth-sr-iov.svg
1092 Intel SR-IOV - Ethernet example
1093 -------------------------------
1095 - Intel Kawela (1GB) / Niantic (10GB) Ethernet NICs
1097 - Multiple RX/TX packet queues per port
1099 - Virtual Device Machine Queues
1101 - 1 RX paquet queue per VF
1103 - Filters multiple unicast Ethernet Addresses
1105 - Layer-2 paquet filtering based on Ethernet Destination Address
1107 - Duplicate Broadcast / Multicast packets for all VFs
1109 - Load balancing between TX paquets sent by VFs
1111 Virtualization and Embedded Systems
1112 ===================================
1114 Old Embedded Systems (1)
1115 ------------------------
1117 - Relatively simple architecture
1119 - Single-purpose devices
1121 - Dominated by hardware constraints
1123 - Memory, battery charge
1125 - Dedicated functionalities, with moderated software size and
1128 - Real-time constraints
1130 Old Embedded Systems (2)
1131 ------------------------
1133 - Closed environment (« black boxes »)
1135 - Fixed hardware configuration
1137 - Full software provided by device vendor
1139 - No dynamic loading of applications
1141 - Software updates rareful
1143 Embedded Systems Now (1)
1144 ------------------------
1146 - Take on features of general-purpose OS's
1148 - Growing functionalities => growing complexity and size
1150 - Run applications originally developed for PC's
1152 - Sophisticated Human Machine Interfaces (HMI)
1153 - Safari Web browser on iPhones
1155 - Dynamic loading of applications
1160 Embedded Systems Now (2)
1161 ------------------------
1163 - Dynamically load device's owner specific applications
1167 - Applications developped by engineers with no expertise
1172 - Need for exchanges with external world
1174 - USB, Bluetooth, Wi-Fi
1177 - Need for open API's, and openness in general
1179 - Need for high-level systems (Linux, Windows)
1181 Embedded Systems Challenges
1182 ---------------------------
1184 - Still Real-Time systems (part of it)
1186 - Baseband stack of mobile phones
1188 - Still hardware constraints
1191 - Memory (to minimize device's cost)
1193 - Also used in mission/life critical situations
1198 - High requirements on reliability and security
1205 - Run Android/Linux applications on baseband processor
1207 - Re-use existing legacy modem software stack with its RTOS (no
1210 - Support of Linux at a minimal development cost
1212 - Operating System independence for future evolutions
1214 - Security & Protection through OS isolation
1218 HMI: Human-Machine-Interface
1219 PIM: Personal Information
1221 Virtualization in Embedded Systems (1)
1222 --------------------------------------
1224 - Support for heterogeneous OS's environments
1229 - Dedicated applications whose real-time constraints cannot be
1230 achieved by General-Purpose systems
1231 - Licence issues (« GPL contamination »)
1233 - General Purpose OS
1238 Virtualization in Embedded Systems (2)
1239 --------------------------------------
1241 - Concurrent execution of RTOS and GP-OS on the same CPU
1243 - Reduces cost (Bill Of Material)
1245 - Requires the underlying VMM to provide
1247 - Memory isolation between OS's
1248 - CPU scheduling among OS's, with higher priority to the RTOS
1249 - Device partitionning
1250 - Communication mechanism between OS's
1252 Virtualization in Embedded Systems (3)
1253 --------------------------------------
1255 - Leverage multi-cores support with virtual machine abstraction
1257 - 1 core per OS => no need for CPU scheduling
1259 - 2 low-performance cores consume less power than a single high
1260 performance CPU => simplify power management
1262 - New model of software distribution, shipping application with its own OS
1264 - No OS configuration/version incoherency
1266 Security Through Virtualization
1267 -------------------------------
1269 - Notion of Trusted Computing Base (TCB)
1271 - Part of the system that provides security foundations
1272 - Should only include hardware and VMM
1273 - May also include RTOS, for performance/legacy reasons
1275 - Run GP OS in an isolated Virtual Machine
1277 - Avoid damaged GP OS to compromise the secure parts (data,
1278 services) of the system
1280 Embedded + Virtualization Challenges (1)
1281 ----------------------------------------
1283 - Full isolation of VM's does not fit cooperation requirements between OS's
1285 - Efficient communication mechanisms between VM's
1287 - Global scheduling, with interleaved priorities
1289 - Global Energy Management
1291 Embedded + Virtualization Challenges (2)
1292 ----------------------------------------
1294 - Efficient communication mechanisms between VM's
1296 - Virtual Ethernet device not adapted
1297 - Need VMM-controlled shared memory transfers
1299 - Example: Video streaming on a Smartphone
1301 - Video data received via the baseband managed by RTOS
1302 - Video data displayed by a Media Player running on GPOS
1303 - Avoid copy of video data transfered between the 2 OS's !
1305 Task Scheduling Issues
1306 ----------------------
1308 - Standard server-oriented Virtualization model
1310 - The VMM schedules VM's on the CPU
1311 - The OS on each VM runs its own scheduler
1313 - Interleaved priorities in Embedded Systems
1315 - Baseband task of RTOS with a high priority
1316 - But GPOS Media-Player must have a higher priority than some
1317 low-priority tasks of RTOS
1318 - Enable a VM to yield the CPU
1320 - Use a RT task as a proxy of GP OS application, and make it yield
1326 - Mobile phone has 3 types of users, each with specific private data
1327 to protect from the others
1329 - The person owning the device, with address book, emails,
1331 - Different wireless providers, for example private and
1332 professionnal: network access properly authenticated, ensure
1334 - Third-party service providers, for instance multimedia providers.
1336 - Owner and third-parties must be granted secure financial
1339 Virtualization in Hardware
1340 --------------------------
1342 - Only way to build a real TCB
1344 - Without penalizing performances
1346 - Should include support for
1348 - Memory Partitionning
1349 - Physical Memory / Machine Memory mapping
1350 - Coupled with multi-cores
1351 - Device Partitioning
1354 - I/O DMA coupled with memory partitioning & Physical Memory /
1355 Machine Memory mapping
1357 Conclusion / Evolution of Virtualization
1358 ========================================
1363 - Emulation : slow, multi-arch, simulates ISA (full machine) or ABI
1365 - Accelerated emulation : faster, code is executed natively, overhead
1366 for privilegied actions
1367 - Virtual servers : fast and scalable, but same OS and one kernel
1368 - Paravirtualization : fast, needs a modified OS
1369 - HW-assisted virtualization : solves most of the issues
1371 Evolutions of Virtualization
1372 ----------------------------
1376 - Big amount of data
1377 - Virtualization brings flexibility to data center
1379 - Operating systems in browsers ?
1381 - State of OS is stored remotely
1383 - Virtualization on desktops and small devices
1385 - Security (isolates work and personal area)