Shulou(Shulou.com)05/31 Report--

In this issue, the editor will bring you about how to analyze CPU virtualization in the principle of KVM virtualization. The article is rich in content and analyzes and narrates it from a professional point of view. I hope you can get something after reading this article.

Introduction to CPU Virtualization

The instruction set of the virtual machine runs directly on the physical CPU of the host. When the instructions in the virtual machine are designed for IO operations or some special instructions, control is transferred to the host (here it is actually transferred to vm monitor, check VMM below), that is, a demo process, which is represented as a user-level process on the host.

It is more appropriate to explain it with a picture.

VMM completes the vCPU, initializes the memory, calls the interface of KVM through ioctl, completes the creation of the virtual machine, and creates a thread to run VM, because VM will set various registers to help KVM find the entry of the instruction to be loaded (main function) during the early initialization. So after the thread invokes the KVM interface, control of the physical CPU is handed over to VM. VM runs in VMX non-root mode, which is a special CPU execution mode provided by Intel-V or AMD-V. Then when VM executes a special instruction, CPU saves the context of the current VM to the VMCS register (which is a pointer that holds the actual context address), and then switches the execution power to VMM. VMM gets the reason returned by VM and handles it. If it is an IO request, VMM can directly read the memory of VM and simulate the IO operation, then call the VMRESUME instruction, and VM continues to execute. In VM's view, the instruction of the IO operation is executed by CPU.

Intel-V technology

Intel-V technology is a set of special operation mode of CPU provided by Intel to support virtualization.

Intel-V Virtualization Technology Architecture

Intel-V extends the processor level on the IA-32 processor. The original CPU supports four levels of ring0~ring3, but Linux uses only two of the ring0,ring3. When the CPU register indicates that the current CPU is at the ring0 level, CPU is running kernel code. When CPU is at the ring3 level, it means that CPU is running user-level code. When a system call or process switch occurs, CPU moves from the ring3 level to the ring0 level. Hardware operations are not allowed at the ring3 level, and all hardware operations need the API provided by the system.

For example, an IO operation:

Int nread = read (fd, buffer, 1024)

When this code is executed, then find the system call number, save it to the register eax, and then stack the corresponding parameters and generate a system call interrupt, corresponding to int $0x80. After the system call interrupt is generated, the CPU will switch to ring0 mode, the kernel reads the parameters through the register, and completes the final IO follow-up operation, and returns to ring3 mode after the operation is completed.

Movel $3jie% eaxmovel fd,%ebxmovel buffer,%ecxmovel 1024% edx int $0x80

Intel-V adds VMX mode on the basis of ring0~ring3, and VMX is divided into root and non-root. The VMX root pattern here is for VMM (VM monitor was mentioned earlier), which, in the KVM architecture, is the pattern that the qemu-kvm process runs. VMX non-root mode is running Guest,Guest also divides ring0 ~ ring3, but he is not aware that he is in VMX non-root mode.

The handover between Guest and VMM is divided into two parts: VM entry and VM exit. There are several situations that can lead to VM exit, such as Guest performing hardware access operations, or Guest invoking the VMCALL instruction or invoking the exit instruction or generating a page fault, or accessing the registers of a particular device. When Guest is in VMX mode, no instructions or registers are provided to get whether it is in this mode, that is, Guest cannot determine whether the current CPU is in VMX mode. When VM exit is generated, CPU saves the exit reason to MSRs (the special register group of VMX mode), which corresponds to KVM as vCPU- > kvm_run- > exit_reason. VMM does the corresponding processing according to exit_reason.

Life cycle of VMM

As shown in the figure above, VMM starts with the VMXON instruction and ends with the VMXOFF instruction.

The first time you start Guest, load Guest through the VMLAUNCH instruction, and everything is new, such as the starting rip register. Subsequent Guest exit followed by entry is through the VMRESUME directive, which loads what VMCS (described later) points to into the context of the current Guest so that Guest can continue execution.

VMCS (Virtual-Machine control structure)

As the name implies, VMCS is the virtual machine control structure. As mentioned many times before, when Guest Exit, the context of the current Guest is saved to VMCS, and the context of VMCS is restored to VMM when Guest entry. VMCS is a 64-bit pointer to a real memory address. VMCS is in vCPU, which means there are as many VMCS pointers as there are currently vCPU. The operation of VMCS includes VMREAD,VMWRITE,VMCLEAR.

Guest exit Reason

Here is the exit reason defined by qemu-kvm. You can see that there are many things that can cause Guest to transfer control. Choose a few to explain.

Static int (* const kvm_vmx_exit_handlers []) (struct kvm_vcpu * vcpu) = {[EXIT_REASON_EXCEPTION_NMI] = handle_exception, [EXIT_REASON_EXTERNAL_INTERRUPT] = handle_external_interrupt, [EXIT_REASON_TRIPLE_FAULT] = handle_triple_fault, [EXIT_REASON_NMI_WINDOW] = handle_nmi_window / / accessed the IO device [EXIT_REASON_IO_INSTRUCTION] = handle_io, / / accessed the CR register Address register, same as DR register (debug register) Used to debug [EXIT_REASON_CR_ACCESS] = handle_cr, [EXIT_REASON_DR_ACCESS] = handle_dr, [EXIT_REASON_CPUID] = handle_cpuid, / / accessed the MSR register [EXIT_REASON_MSR_READ] = handle_rdmsr [EXIT_REASON_MSR_WRITE] = handle_wrmsr, [EXIT_REASON_PENDING_INTERRUPT] = handle_interrupt_window, / / Guest executed the HLT instruction Demo appetizer is this command [EXIT_REASON_HLT] = handle_halt, [EXIT_REASON_INVD] = handle_invd, [EXIT_REASON_INVLPG] = handle_invlpg, [EXIT_REASON_RDPMC] = handle_rdpmc, / / it is not clear what the following VM series instructions are for Guess is recursive VM (running virtual machine in virtual machine) [EXIT_REASON_VMCALL] = handle_vmcall, [EXIT_REASON_VMCLEAR] = handle_vmclear, [EXIT_REASON_VMLAUNCH] = handle_vmlaunch, [EXIT_REASON_VMPTRLD] = handle_vmptrld, [EXIT_REASON_VMPTRST] = handle_vmptrst [EXIT_REASON_VMREAD] = handle_vmread, [EXIT_REASON_VMRESUME] = handle_vmresume, [EXIT_REASON_VMWRITE] = handle_vmwrite, [EXIT_REASON_VMOFF] = handle_vmoff, [EXIT_REASON_VMON] = handle_vmon [EXIT_REASON_TPR_BELOW_THRESHOLD] = handle_tpr_below_threshold, / / visited advanced PCI devices [EXIT_REASON_APIC_ACCESS] = handle_apic_access, [EXIT_REASON_APIC_WRITE] = handle_apic_write, [EXIT_REASON_EOI_INDUCED] = handle_apic_eoi_induced [EXIT_REASON_WBINVD] = handle_wbinvd, [EXIT_REASON_XSETBV] = handle_xsetbv, / / process switching [EXIT_REASON_TASK_SWITCH] = handle_task_switch, [EXIT_REASON_MCE_DURING_VMENTRY] = handle_machine_check / / ept is a hardware memory virtualization technology of Intel [EXIT_REASON_EPT_VIOLATION] = handle_ept_violation, [EXIT_REASON_EPT_MISCONFIG] = handle_ept_misconfig, / / pause instructions [EXIT_REASON_PAUSE_INSTRUCTION] = handle_pause, [EXIT_REASON_MWAIT_INSTRUCTION] = handle_invalid_op have been executed [EXIT_REASON_MONITOR_INSTRUCTION] = handle_invalid_op, [EXIT_REASON_INVEPT] = handle_invept,}

KVM's CPU virtualization relies on the virtualization technology provided by Intel-V, which runs Guest in VMX mode and returns control to VMM when special operations are performed. VMM handles the special operation and then returns the result to Guest.

CPU virtualization can be said to be the most critical core of KVM, figuring out VM Exit and VM Entry. The subsequent IO virtualization and memory virtualization are all based on this.

The above is the editor for you to share how to analyze KVM virtualization in the principle of CPU virtualization, if you happen to have similar doubts, you might as well refer to the above analysis to understand. If you want to know more about it, you are welcome to follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.