Understanding Full Virtualiz

ation, Paravirtualization, a
nd Hardware Assist
 Contents
Introduction
Overview of x86 Virtualization
CPU Virtualization
Memory Virtualization
Device and I/O Virtualization
Summarizing the Current State of x86 Virtuali
zation Techniques
Conclusion
 Introduction
Figure 1 provides a summary timeline of x86
virtualization technologies from VMwares
binary translation to the recent applicatio
n of kernel paravirtualization and hardwar
e-assisted virtualization.
 Overview of x86 Virtualization
For industry standard x86 systems, virtualization a
pproaches use either a hosted or a hypervisor archi
tecture.

A hosted architecture installs and runs the virtual

ization layer as an application on top of an operat
ing system and supports the broadest range of hardw
are configurations.

A hypervisor architecture installs the virtualizati

on layer directly on a clean x86-based system. Sinc
e it has direct access to the hardware resources ra
ther than going through an operating system.
 A hypervisor is more efficient than a hosted archit
ecture and delivers greater scalability, robustness
and performance.

The virtualization layer is a hypervisor running di

rectly on the hardware. Each VMM running on the hyp
ervisor implements the virtual machine hardware abs
traction and is responsible for running a guest OS.
Each VMM has to partition and share the CPU, memory
and I/O devices to successfully virtualize the syst
em.
 CPU Virtualization
User level applications run in Ring 3,
the operating system needs to have
direct access to the memory and
hardware and must execute
its privileged instructions in Ring 0.

Virtualizing the x86 architecture

requires placing a virtualization layer under the
operating system to create and manage the virtual m
achines that deliver shared resources.

VMware resolved the challenge in 1998, developing

binary translation techniques.
 Technique 1 Full Virtualization using Bin
ary Translation
Translates kernel code to replace nonvirtualizable i
nstructions with new sequences of instructions that
have the intended effect on the virtual hardware.

User level code is directly executed on the processo

r for high performance virtualization.

The guest OS is not aware it is being

Virtualized and requires no
modification.

Full virtualization offers the best

isolation and security for virtual machines.
 Technique 2 OS Assisted Virtualization or
Paravirtualization
Modifying the OS kernel to replace nonvirtualizable
instructions with hypercalls that communicate directl
y with the virtualization layer.

Paravirtualization is different from

full virtualization, where the
unmodified OS does not know it is
virtualized and sensitive OS calls are
trapped using binary translation.

The performance advantage of paravirtualization over fu

ll
virtualization can vary greatly depending on the work
load.
 Paravirtualization cannot support unmodified operat
ing systems (e.g. Windows 2000/XP).

The open source Xen project is an example of paravi

rtualization that virtualizes the processor and mem
ory using a modified Linux kernel and virtualizes t
he I/O using custom guest OS device drivers.

It is very difficult to build the more sophisticate

d binary translation support necessary for full vir
tualization, modifying the guest OS to enable parav
irtualization is relatively easy.
 Technique 3 Hardware Assisted Virtualizat
ion
Intel Virtualization Technology (VT-x) and AMDs AM
D-V which both target privileged instructions with a
new
CPU execution mode feature that allows the VMM to r
un in a new root mode below ring 0.

privileged and sensitive calls are

set to automatically trap to the
hypervisor, removing the need
for either binary translation or
paravirtualization.
 Memory Virtualization
The operating system keeps mappings of virtual page
numbers to physical page numbers stored in page ta
bles. All modern x86 CPUs include a memory managemen
t unit (MMU) and a translation lookaside buffer (TL
B) to optimize virtual memory performance.

The guest OS continues to control the mapping of vir

tual addresses to the guest memory physical addresse
s, but the guest OS cannot have direct access to the
actual machine memory.

The VMM is responsible for mapping guest physical me

mory to the actual machine memory.
 the VMM uses TLB hardware to map the virtua
l memory directly to the machine memory to
avoid the two levels of translation on ever
y access.
 Device and I/O Virtualization
Software based I/O virtualization and management, in c
ontrast to a direct pass-through to the hardware, enab
les
simplified management.

The key to effective I/O virtualization is to preserve

these virtualization benefits while keeping the added
CPU utilization to a minimum.

The hypervisor virtualizes the physical hardware and p

resents each virtual machine with a standardized set o
f virtual devices. Virtual devices effectively emulate
well-known hardware and translate the virtual machin
e requests to the system hardware.
Summarizing the Current State of x86 Vi
rtualization Techniques
 Full Virtualization with Binary Translation
is the Most Established Technology Today
VMwares implementation delivers the highest
virtualization performance across commonly deploy
ed Windows and Linux operating systems with the mos
t robust feature set and greatest ease of managemen
t.

VMware can support both full virtualization and har

dware assisted virtualization on production servers
with the choice depending on the relative performan
ce.
 Conclusion
Tomorrows virtualization likely involves vendor-s
upported paravirtualized OSes that are installed in
to industry standard disk format files and able to
run either natively or on a variety of compatible a
nd interchangeable hypervisors that take advantage
of hardware assisted management of the CPU, memory
and I/O devices.

Today, VMware virtualization technology has been de

ployed by 100% of the Fortune 100 and 84% of the Fo
rtune 1000 as the leading solution on the market. T
here is no alternative that compares to VMware's pe
rformance, stability, ease of management, security,
support.