Virtual Machines and

Virtualization

Wei Chung Hsu

徐慰中
台灣大學資工系
05/10/2019
 My Background
 Architect and Compiler Optimization for Cray
XMP/YMP, Cray-2, Cray-3 supercomputers.
 Technical Lead for Hewlett Packard California
Language Lab
 One of Compiler Architects for Intel/HP Itanium (IA-64)
Merced and McKinley
 Dynamic Binary Translation/Optimizations for Itanium,
Sun SPARC, x86, Andes, MIPS and ARM processors
 Virtual Machines: HSA-VM, NN VMs, DL VMs

Department of Computer
Science and Engineering 2
 My Background
 Architect and Compiler Optimization for Cray
XMP/YMP, Cray-2, Cray-3 supercomputers.
 Technical Lead for Hewlett Packard California
Language Lab
 One of Compiler Architects for Intel/HP Itanium (IA-64)
Merced and McKinley
 Dynamic Binary Translation/Optimizations for Itanium,
Sun SPARC, x86, Andes, MIPS and ARM processors
 Supercomputing
 Mobile
Virtual Machines, Finalizer for HSAILcomputing
(HSA
Intermediate Language)
 Real Machines Virtual Machines

Department of Computer
Science and Engineering 3
 What is Virtual Machine
 Wikipedia:
A Virtual Machine is an emulation of a computer
system. It provides functionality of a physical
computer.
Example:
JVM / DVM – Java/Dalvik VM High Level Lang VM
NNVM / DLVM
Rosetta/ IA-32EL / ARIES Process VM
BlueStacks or Genymotion System VM (x-ISA)
– Android emulators
VMWare ESXi, VirtualBox, Xen, KVM based,
System … ISA)
VM (same
 HLL Virtual Machines
 Java and MS CLI (Common Language Infrastructure)
are current examples
NNVM/DLVM Execution Model
CAFFE Pytorch TensorFlow Keras MXNet

NNVM / Computation
Graph IR
DLVM

Tensor VM Tensor IR

CUDA LLVM OpenCL Metal

x86 ARM
 虛擬與真實 (Virtual vs. Real)
 Why do we prefer virtual than real?
 Why Virtual Memory ?
 Why Virtual PC ?
 Why Java Virtual Machine ?
 Why Virtual I/O ?
 Why Virtual Private Network (VPN) ?
 Why Virtual Reality? (Augmented VR)
Why Virtual medicine?
 Why Virtual Money? (e.g. BitCoin, Ethereum)
 Why Virtual friends?
 Virtual Memory
“Virtual memory was invented in a time of scarcity.
Is it still a good idea?” – Charles Thacker, 2010
Turing Award Lecture
Sharing, Protection, -- not just a larger address
space.
New CME (Cloud Memory Extension)
technology – offer you xTB smart phones with
data sharing capabilities
 Virtual PC
Virtualizes a standard PC so that an Apple
Macintosh can also run PC applications.
(Hardware sharing)
 Java virtual machine?
 interoperability, application sharing, protection,
 Virtual I/O?
disk sharing, I/O device sharing, NIC sharing,
better management, disk expansion and
shrinking.
 Virtual Private Network (VPN) ?
 secure communication over unsecure
(public) network (sharing the physical network)
 Virtual is better than Real
 Virtual objects are often related to the
following
 Resource Sharing
 Protection, Safe execution, Isolation
 Security, Privacy
 Flexibility
 Interoperability, Platform Independence,
Portability
Cloud Computing
 Virtualization is Everywhere
 Network Virtualization
 Software Defined Everything
– SDR: Software Defined Radio
– SDN: Software Defined Network
– SDD: Software Defined Data Center
– SDS: Software Defined Storage
(device is virtualized, and deliver as a service)
 NNVM: Neural Network Virtual Machines
(one VM to rule them all)
Virtualization is a Software Layer

XenDesktop

VMware ThinApp

VMware vServer

SDN

SDS
 VM is Versatile
Virtual machines have been investigated and built by
 OS IBM VM/CMS,VmWare, Xen
 Language designers JVM, P-code
 Compiler developers MS .Net/CIL, NNVM, Aries
 Hardware designers Crusoe, VISC, Intel VT, ..

We try to look at underlying concepts and technologies

that are common across the spectrum of virtual
machines, i.e. cross-disciplinary (or inter-disciplinary)
Virtualization is an Isomorphism

e(Si)
Si Sj
Guest
V(Si) V(Sj)

e’(Si’)
Si’ Sj’
Host
Virtualization is an Isomorphism
State
mapping
e(Si)
Si Sj
Guest
V(Si) V(Sj)

e’(Si’)
Si’ Sj’
Host
Emulation
 Virtualization is about Mapping
 Mapping something virtual (guest) to
something real (host).
 Model the guest, define desired functions
 Emulate the modeled guest on the host
 Functional correctness is the goal, performance
is usually lower than a real machine
 How to emulate with high performance
is challenging, and calls for good
research Goal:
Emulate Correctly
Emulate Fast
 Virtualization is more than Emulation
 Mapping something virtual (guest) to
something real (host).
 When the guest is the same as the host,
virtualization is trying to add new capability or
to increase performance
– e.g. Adore, Dynamo, System VMs, …
– adding new functionality or optimizations at the
VM layer.
 Mapping Virtual to Real
Virtual Memory
Disk image  Physical memory
Virtual PC
Windows/PC  PowerPC Apple Mac
Java Virtual Machine
Byecode machine  Host machine
Virtual I/O
Virtual NIC/disk/dev  Real NIC/disk/dev
Virtual Private Network (VPN)
Private network  Public network
 Summary
 Virtual is better than Real
 Virtualization is everywhere
 Virtualization is a Software Layer
 Virtualization is an Isomorphism
 Virtualization is about Mapping
 Virtual Machine is Versatile
 From Real to Virtual
( 我如何與 VM 結緣 )
 HP ARIES Project : A Process VM
Migrate HP-PA executables to HP/Intel Itanium Machines.
Dynamic binary translation techniques were developed.
Today, HP-PA machines no longer exist. All HP products
are based on commodity processors.
 VMware Workstations and Servers: System VM
Hardware consolidation: desktop consolidation and server
consolidation. Running multiple OSes simultaneously on
the same hardware.
 Efficient Emulation for VM
 Process Virtual Machines:
Often Cross-ISA
– Dynamic Binary Translation
 E.g. QEMU, ARIES, Rosetta, Intel-32/EL, ….

 System Virtual Machine

– Trapping privileged/sensitive instructions
 Software support Often Same-ISA
 Hardware support
– Intel VT-x, Intel VT-i, AMD-V, ARM Virtualization Extensions
– Intel VT-d, Intel VT-c
– IOMMU
 Dynamic Binary Translation
 A common approach to speed up emulations
– Application migration
 Cross-ISA
e.g. IA-32 Execution Layer  IA32 to Itanium
Rosetta  PPC to IA32/X64
ARIES  HP-PARISC to Itanium
FX!32  IA32 to DEC Alpha
Houdini  ARM to x86
 Same-ISA
e.g. Dynamo, Adore, DynamoRIO, PIN, Valgrind
– Virtual platform building
 Future hardware
e.g. ARMIE  ARM SVE Simulator
Shade  SUN SPARC simulator
 Friendly developing environment
e.g. Android Emulator  Develop Android applications
Department of Computer
Science and Engineering 22
 Retargetable DBT

Guests Hosts
ARMv7 ARMv7
QEMU
ARMv8 ARMv8
X86
DBT IR X86

MIPS MIPS

New ISAs
Department of Computer
Science and Engineering
 CPU Virtualization
 ISA Virtualizablity
Ideally, if an ISA has
privileged instructions
Non-privileged
and non-privileged instructions
exclusively separated so that
Privileged all control-sensitive and
behavior-sensitive instructions
are privileged instructions, then
The trap-and-emulate model can
be efficiently implemented.

System VMs 24
 Instruction Types -- Summary

Non-
Privileged
Innocuous
Privileged

Behavior- Sensitive Control- Sensitive

sensitive sensitive

 Innocuous Instructions: Those that are not control or behavior

sensitive

System VMs 25
 Non-
Privileged
Innocuous
Privileged

Behavior- Sensitive Control- Sensitive

sensitive sensitive

Ideally, we would like to trap those sensitive instructions.

Running guest OS in de-privileged mode has two problems

 trapping too many – no need to trap on all sensitive insts

 trapping too few -- some sensitive instructions are not trapped

System VMs 26
 Para-Virtualization vs. Full Virtualization
 Full Virtualization (FV)
– Transparent. Guest OSes are unmodified.
 Para-Virtualization (PV)
– Special hooks to allow the guests and host to
communicate.
– Simplifies VMM and reduce overhead
– Require the guest OS to be explicitly ported
for the “Para-API”.

System VMs 27
 Hardware Assisted System VM: VT-x

Pre VT-x Post VT-x

VMM ring de-privileging of guest OS VMM executes in the VMX root-mode

Guest OS aware it is not at Ring 0 Guest OS de-privileging eliminated

Guest OS runs directly on hardware

Source: [2] 28
 Full Virtualization
 Support multiple guest OSes on a single hardware
platform; all running the same ISA
Windows Solaris
Linux Application
Application Application

Unmodified Unmodified Unmodified

Linux OS Windows Solaris

Virtual Intel x86 Virtual Intel x86 Virtual Intel x86

traps
Hypervisor

Intel x86
Hardware
Memory I/O devices
System VMs 29
 SW-Assisted Virtualization
 DBT to translate

Windows Solaris
Linux Application
Application Application

Unmodified Unmodified Unmodified

Linux OS Windows Solaris

Virtual Intel x86 Virtual Intel x86 Virtual Intel x86

traps
Hypervisor

Intel x86
Hardware
Memory + Support for VM I/O devices
System VMs 30
 HW-Assisted Virtualization
 Hardware support virtualization have been added to
simplify Full Virtualization since 2005, such as Intel
VT-x, VT-i, VT-d, VT-c, AMD-V, ….
Windows Solaris
Linux Application
Application Application

Unmodified Unmodified Unmodified

Linux OS Windows Solaris

Virtual Intel x86 Virtual Intel x86 Virtual Intel x86

traps
Hypervisor

Intel x86
Hardware
Memory + Support for VM I/O devices
System VMs 31
 Para-virtualization
 Guest OSes may be modified to communicate with the
hypervisor via hypercalls. I/O drivers have been
specialized.
Windows Solaris
Linux Application
Application Application

Modified Modified Modified

Linux OS Windows Solaris
Virtual Intel x86 Virtual Intel x86 Virtual Intel x86

Hypercalls
Hypervisor

Intel x86
Hardware
Memory I/O devices
System VMs 32