420 likes | 662 Views
前瞻 資訊科技 (II) - 虛擬化 (1) - Virtualization( V12N ) . 薛智文 cwhsueh@csie.ntu.edu.tw http://www.csie.ntu.edu.tw/~cwhsueh/ 101 Spring, March 15, Fri 678, DTH 104. Preface. Steve Jobs (Apple, 1955-2011) Stay hunger, stay foolish. Dennis Ritchie (C language, 1941-2011)
E N D
前瞻資訊科技(II) -虛擬化 (1) -Virtualization(V12N) 薛智文 cwhsueh@csie.ntu.edu.tw http://www.csie.ntu.edu.tw/~cwhsueh/ 101 Spring, March 15, Fri 678, DTH 104
Preface • Steve Jobs (Apple, 1955-2011) • Stay hunger, stay foolish. • Dennis Ritchie (Clanguage, 1941-2011) • Skype eBay (4.1B USD, 2005) Microsoft (8.5B USD, 2011) • Linux (Linus Torvalds, 1991) • Android (Danger, 2003 Google, 2005, 34 eng.) • Meego (Intel Samsung, Feb 2010 ) • Tizen (Intel Samsung [Nokia], Sep 2011) • Windows 8 (Microsoft, nVidia 2011) • IOS 5 (Apple, 2011) • Firefox OS (Mozilla, 2012) • MSN (Microsoft, 2013) • Ubuntu Touch (Canonical, 2013) • Android (85 eng., 2013), Andy Rubin (Today), Asus NB(200+ eng.) • iPhone, iPad, HTC One, SamSung Galaxy S4 (Today) /41
Outline • Introduction • What is virtualization? Cloud? • Why is virtualization difficult? • How to virtualize? • Case Study • Mobile Virtualization • Inline Emulation • Domain 1 • Q&A /41
What is Virtualization ? • The creation of a virtual version of something. • Virtual address • Virtual assistant • Virtual class • Virtual circuit • Virtual community • Virtual Data Center • Virtual device • Virtual disk • Virtual host • Virtual keyboard • Virtual machine • Virtual market • Virtual memory • Virtual money • Virtual Private Network • Virtual reality • … Fully Utilizing Hardware Virtualization Etc. Sharing Hardware Resource Running Applications (x-platform) Security /41
Virtual Assistant/Secretary • S/he screens my email. She checks my main email accounts, handles what she can, and “redirects” the messages that require my personal attention to my private account. She has reduced my email load by 90 percent. • She books my travel. She handles all the details, including airline reservations, hotels, car rental, etc. She sets up a trip in TripIt, so I have everything I need in one place. • She makes calls on my behalf. She makes appointments (both personal and professional), confirms my appointments, checks my voice mail, and follows up as needed. • She manages my calendar. Almost nothing gets on my calendar unless it passes through her first. We have agreed together that I will only accept appointments on two afternoons a week, and she works to stay within those boundaries. • She handles other projects as needed. I continue to turn over more and more to her. For example, she recently screened all the people who had applied to be a community leader on my site. She and my manager, Joy, ended up picking the final ten I appointed. • File my files. /41
Types of Virtualization • Hardware/platform virtualization • Desktop virtualization • Software virtualization • OS-level, Workspace, Application • Storage virtualization • Data virtualization • Database virtualization • Network virtualization /41
Big Questions for Virtualization • How fast can virtualization achieve? • What kinds of applications can there be? • What problems it might incur? • Technical • Security • Business • Politics • … • Homework: • Turn in a 3-5 page report answering any of the above or related questions, what problems you solve? How? • 1-3 members per group, will be posted on course wiki. • Q&A in the last hour of class. /41
假若真時真亦假 /41
Why Virtualization is Difficult? 0/1/3 Ring, e.g. x86_32 • OS is moved to ringr1/ring3 • On x86 • Some instructions • Sensitive Instructions • Cannot be trapped OS 0/3/3 Ring, e.g. x86_64, ARM OS /41
Virtual Machine Monitor (VMM)Hypervisor VM : Virtual Machine, Guest OS + Virtual Devices VM0 VM1 VMN … Hosted VMM, e.g. VMware VM0 VM1 VMN … Hypervisor, e.g. Xen Host Operating System Hardware Hardware Type I - Hypervisor Type II – Hosted VMM /41
The First Challenge of VirtualizationVirtualizable • According to Popek and Goldberg† in 1974, Virtual machines can be constructed for a platform if • Sensitive Instructions • might change the state of system resources • Privileged Instructions • must be executed with sufficient privilege † G. J. Popek and R. P. Goldberg, “Formal requirements for virtualizable third generation architectures,” Commun. ACM, vol. 17, no. 7, pp. 412–421, Jul. 1974. /41
How to Virtualize ? • Binary translation • Hypercall Trap and emulate Full Virtualization Para Virtualization Hardware Assisted Virtualization Intel VT-x & AMD SVM /41
Case Study • Mobile Virtualization • Inline Emulation† • Domain 1 • with Insyde Inc. † Yuan-Cheng Lee, Chih-Wen Hsueh, and Rong-Guey Chang, "Inline Emulation: An Optimization Technique for Virtualization on Embedded Systems," Proc. of the 17th International Conference on Real-Time and Embedded Computing Systems and Applications (RTCSA'11), Toyama, Japan, August 2011. /41
Mobile Virtualization 90+% performance on PC embedded multicore systems To run multiple OSes on a mobile phone… Break the limitation of OSes! iPhone+Android is possible! /41
Hardware Assisted Paging VA GPA MPA Primary MMU Extended MMU VA:virtual address GPA: guest physical address MPA: machine physical address MMU: memory management unit Main Memory Page Table Extended Page Table /41
0-miss Page Translation VA GPA MPA Primary MMU bTLB VA:virtual address GPA: guest physical address MPA: machine physical address MMU: memory management unit bTLB: buddy TLB 50+% speedup Main Memory Page Table †Yuan-Cheng Lee, Chih-Wen Hsueh, "An Optimized Page Translation for Mobile Virtualization,"to appear in Proc. of 50th Design Automation Conference (DAC), Austin, TX, USA, June 2013. (Top conference) /41
Inline Emulation • The First Challenge of Virtualization • Idea of Inline Emulation • Design of Inline Emulation • Evaluation and Analysis • Conclusions /41
Related Work • Secure Xen on ARM (Samsung) • It proved virtualization is possible for ARM platform. • The PENAR project (University of Applied Sciences, Western Switzerland) • It integrated the source trees of Xen, RTLinux, and Linux for ARM. • OKL4 (Open Kernel Labs) • A hypervisor which adopts microkernel architecture for embedded systems /41
Issues on Virtualization for ARM • The most critical issue is: • Example • MOVS PC, LR // move the value in link register to PC • It will cause unpredictable behavior when executed in user mode. • SPSR: Saved Program Status Register • CPSR: Current Program Status Register Sensitive instructions Privileged instructions /41
The Problematic Instructions(1/3) • Type I • Instructions which executed in user mode will cause undefined instruction (UDI) exception • We call them Canonical Privileged Instructions. • Example • MCR p15, 0, r0, c2, c0, 0 • Move r0 to c2 and c0 in coprocessor specified by p15 for operation according to option 0 and 0 Operand-dependent operation /41
The Problematic Instructions(2/3) • Type II • Instructions which executed in user mode will have no effect • Example • MSR cpsr_c, #0xD3 • Switch to privileged mode and disable interrupt 31 Program Status Register (PSR) 0 Execution Flags Exception Mask Execution Mode /41
The Problematic Instructions(3/3) • Type III • Instructions which executed in user mode will cause unpredictable behaviors • Example • MOVS PC, LR /41
Solutions /41
The First Challenge of VirtualizationExample • For the ARM architecture, the instruction (TYPE III) MOVS PC, LR • Changes the program counter and switches to user mode. • However, it causes unpredictable behavior when executed in user mode. • Therefore, it is a sensitive instruction but not a privileged instruction. Sensitive instructions Privileged instructions /41
The First Challenge of VirtualizationSolutions (1/2) Dynamic Binary Translation Translation Basic Block BL TLB_FLUSH_DENTRY_NEW … TLB_FLUSH_DENTRY: MCR p15, 0, R0, C8, C6, 1 MOV PC, LR … TLB_FLUSH_DENTRY_NEW: MOV R1, R0 MOV R0, #CMD_FLUSH_DENTRY SWI #HYPER_CALL_TLB BL TLB_FLUSH_DENTRY … TLB_FLUSH_DENTRY: MCR p15, 0, R0, C8, C6, 1 MOV PC, LR … /41
The First Challenge of VirtualizationSolutions (2/2) • Virtualization APIs – hypercalls /* In Hypervisor */ /* In Guest OS */ SWI Handler BL TLB_FLUSH_DENTRY … TLB_FLUSH_DENTRY: MOV R1, R0 MOV R0, #CMD_FLUSH_DENTRY SWI #HYPER_CALL_TLB … Hypercall Handler …… LDR R1, [SP, #4] MCR p15, 0, R1, C8, C6, 1 Restore User Context & PC /41
Hypercall Guest OS Hypercalls No reschedule? Yes Software Interrupt context switch Hypervisor Hyper Call Handler SWI Handler /41
Idea of Inline Emulation MOV R0, VIRT_ADDR MCR p15, 0, R0, C8, C6, 1 The Original Instruction Hypercall Inline Emulation Guest OS Guest OS MOV R0, VIRT_ADDR MCR p15, 0, R0, C8, C6, 1 MOV R0, #CMD_FLUSH_DENTRY MOV R1, VIRT_ADDR SWI #HYPER_CALL_TLB MCR p15, 0, R0, C8, C6, 1 Inline Emulation Handler …… Hypercall Handler …… /* restore user context */ LDMIA SP, [R0 – R14] MCR p15, 0, R0, C8, C6, 1 LDR R1, [SP, #4] MCR p15, 0, R1, C8, C6, 1 RestorePC Restore User Context & PC /41
Inline Emulation Guest OS Hypercalls Canonical Privileged Instructions (TYPE I) No reschedule? Yes Software Interrupt return to guest UDI Exception context switch Hypervisor InlineEmulation Hyper Call Handler UDIHandler SWI Handler /41
Design of Inline EmulationThe Main Handler A handler for the instruction is found No handler for the instruction was found /41
The Issue of Finding an Inline Emulation Handler • It is hard to find a simple hash function. • Because the encoding of ARM instructions is complicated. • Instead, we can construct an efficient search table. • Because there are a few frequently used instructions. /41
Example of Mto1 Search Table • Encoding of MCR instruction • Syntax: MCR{cond} cp, op1, Rd, CRn, CRm, op2 31 0 • An entry E is matched if /41
Design of Inline EmulationDynamic Inline Emulation (DIE) Handler inlining the instruction flushing caches Self-modifying /41
Design of Inline EmulationStatic Inline Emulation (SIE) Handler executing the hard-coded instructions /* data synchronization barrier */ restoring user context & PC /41
Evaluation and AnalysisThe Distribution of Emulated Instructions More than 98% /41
Evaluation and AnalysisThe Micro-Level Analysis (2/2) Inline emulation can achieve at least 4.24X performance of hypercalls in most cases (about 98%). /41
Conclusions • Inline emulation : • Reduces the efforts to port guest operating systems • Increases the handling of sensitive instructions(4-7x) • Increases the overall system performance (0.39%) • Future work • Optimization for memory virtualization • Much higher the overall speedup is possible. /41