Sunday, May 18, 2008

Why Para-vitualization was needed?

Why Para-vitualization was needed?
I had this question in my mind for some time but the answer was not clear to me. So, I read some docs and figured it out.

From http://en.wikipedia.org/wiki/Intel-VT
x86 virtualization is the method by which x86-based "guest" operating systems are run under another "host" x86 operating system, with little or no modification of the guest OS. The x86 processor architecture did not originally meet the Popek and Goldberg virtualization requirements. As a result, it was very difficult to implement a general virtual machine on an x86 processor.

From http://www.kernelthread.com/publications/virtualization/
One of the most popular architectures, IA-32(x86), is not virtualization friendly. The analysis in a paper titled Analysis of the Intel Pentium's Ability to Support a Secure Virtual Machine Monitor reports at least seventeen instructions on the Pentium that make it "non-virtualizable". IA-32's privileged instructions cause a General Protection Exception when executed in non-privileged mode. Instructions like STR can be problematic: STR can be executed at any privilege level, but it tells you the security state of the machine (the value it retrieves has the Requestor Privilege Level, or RPL).

To overcome this guest OS was modified, so that it was aware that it is being virtualized.

And this is called para-vitualization.

From http://www.ibm.com/developerworks/linux/library/l-linux-kvm/
Older x86 processors produce different results for certain instructions depending upon the domain of execution. This creates a problem, because the hypervisor should execute in only the most protected domain. For this reason, virtualization solutions such as VMware will pre-scan code that is to execute to replace these instructions with trap instructions so that the hypervisor can handle them appropriately. Xen, supporting a cooperative method of virtualization, requires no modification, because the guest is aware that it's being virtualized and is modified. KVM simply ignores this problem and mandates that if you want virtualization, you'll have to run on newer hardware.

0 Comments:

Post a Comment

Subscribe to Post Comments [Atom]

<< Home