Information Technology Reference
In-Depth Information
whether the virtual machine is executing in virtual user mode or virtual kernel
mode.
Hardware interrupts are vectored by the hardware to the host kernel. Special
handling is needed for time: time can elapse in the host without elapsing in the
guest. When a timer interrupt occurs, it may be that enough virtual time has
passed that the guest kernel is due a timer interrupt; in that case, the host
kernel returns from the interrupt to the interrupt handler for the guest kernel.
The guest kernel may in turn switch guest processes; its return from interrupt
will cause a privilege exception, returning back to the host kernel, which can
then resume the correct guest process.
Handling input/output interrupts is even simpler, as the simulation of the
virtual device does not need to be anything like a real device. When the guest
kernel makes a request to a virtual disk, it writes instructions to the buffer
descriptor ring for the disk device; the host kernel will need to translate these
instructions into operations on the virtual disk. The host kernel can simulate
the disk request however it likes | e.g., through regular le reads and writes,
copied into the guest kernel memory as if there was true DMA hardware. The
guest kernel will expect to receive an interrupt when the virtual disk completes
its work; this can be triggered by the timer interrupt as described above, but
vectored to the guest disk interrupt handler instead of the guest timer interrupt
handler.
2.6
Conclusion and future directions
The process concept { the ability to execute arbitrary user programs with re-
stricted rights { has been remarkably successful. With the exception of devices
that run only a single application at a time (such as embedded systems and
game consoles), every commercially successful operating system started in the
past two decades has provided process isolation and several existing systems
have switched over.
The reason for this success is obvious. Without process isolation, computer
systems would be much more fragile and less secure. As recently as a decade ago,
it was common for personal computers to crash on a daily basis. Today, it is not
unusual for laptops to remain working for weeks at a time without rebooting.
This has occurred even though the operating system and application software
on these systems has become more complex. While some of the improvement is
due to factors such as better hardware reliability and automated bug tracking,
process isolation has been a key technology in constructing more reliable systems
software.
Process isolation is also essential to building more secure computer systems.
Without isolation, computer users would be forced to trust everything loaded
onto the computer | not just the operating system code, but every application
