The VMM traps privileged instructions and they are translated using binary translation, but actually into what are these special instructions translated into?
Thanks
Asked
Active
Viewed 1.6k times
2 Answers
26
Binary translation is a system virtualization technique.
The sensitive instructions in the binary of Guest OS are replaced by either Hypervisor calls which safely handle such sensitive instructions or by some undefined opcodes which result in a CPU trap. Such a CPU trap is handled by the Hypervisor.
On most modern CPUs, context sensitive instructions are Non-Virtualizable. Binary translation is a technique to overcome this limitation.
For example, if the Guest had wanted to modify/read the CPUs Processor Status Word containing important flags/control bitfields, the Host program would scan the guest binary for such instructions and replace them with either a call to hypervisor or some dummy opcode.
Para-Virtualization on the other hand is a technique where the source code of the guest os is modified. All system resource access related code is modified with Hypervisor APIs.
Raj
- 857
- 11
- 26
-
As such, why is there [lower "virtualization overhead"](http://www.vmware.com/files/pdf/VMware_paravirtualization.pdf) with Para-Virtualization? Shouldn't Para-Virtualization actually have **higher** overhead? – Pacerier Apr 22 '15 at 06:48
-
3In the case of para-virtualization, the source code has already been modified. Such an image directly calls hypervisor APIs. In the case of Binary translation, the native OS must first scan the guest OS instruction stream and make modifications to the stream as needed. Thus between the two, Para-Virtualization incurs lower overhead. – Raj May 24 '15 at 10:46
-
2@Raj While para virtualization do seem to have apparently much lower run time overhead, it can **only** be used on 'open source' systems since the hypervisor would have to provide custom APIs and they need to be used instead of the OS's generic functions. Even if your hypervisor has a unified and consistent API model, some systems like the evergreen Windows operating systems as well as Apple's OSes are not conducive to such changes. So it does have it's cons – AjB Jun 08 '15 at 11:36
17
See VMware_paravirtualization.pdf, pages 3 and 4.
This approach, depicted in Figure 5, translates kernel code to replace nonvirtualizable instructions with new sequences of instructions that have the intended effect on the virtual hardware.
So the privileged instructions are translated into other instructions, which access the virtual BIOS, memory management, and devices provided by the Virtual Machine Monitor, instead of executing directly on the real hardware.
Exactly what these instructions are, is defined by the VM implementation. Vendors of proprietary virtualization software don't necessarily publish their binary translation techniques.
makes
- 6,438
- 3
- 40
- 58
-
2The link to the PDF is broken. See - https://www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/techpaper/VMware_paravirtualization.pdf – nsane Sep 15 '16 at 11:01
-