Information Technology Reference
In-Depth Information
Virtualizing an operating system on an x86 processor is a difficult task, espe-
cially without Intel VT-x or AMD-V hardware features. Before describing how
VirtualBox works, a quick review of the x86 storage protection model is necessary.
The Intel x86 architecture defines four levels of storage protection called
rings,
which are numbered from 0 (the most privileged) to 3 (the least privileged). These
rings are used by operating systems to protect critical system memory from pro-
gramming errors in less-privileged user applications. Of these four levels, ring 0
is special in that it allows software to access real processor resources such as reg-
isters, page tables, and service interrupts. Most operating systems execute user
programs in ring 3 and their kernel services in ring 0.
VirtualBox runs a single process on the host operating system for each virtual
guest. All of the guest user code is run natively in ring 3, just as it would be if it
were running in the host. As a result, user code will perform at native speed when
running in a guest virtual machine.
To protect the host against failures in the guest, the guest kernel code is not al-
lowed to run in ring 0 but instead runs in ring 1 if there is no hardware virtualiza-
tion support, or in a VT-x ring 0 context if such support is available. This presents
a problem because the guest may be executing instructions that are permitted
only in ring 0 while other instructions behave differently when run in ring 1. To
maintain proper operation of the guest kernel, the VirtualBox Virtual Machine
Monitor (VMM) scans the ring 1 code and either replaces the troublesome code
paths with direct hypervisor calls or executes them in a safe emulator.
In some situations, the VMM may not be able to determine exactly what the
relocated ring 1 guest code is doing. In these cases, VirtualBox makes use of a
QEMU emulator to achieve the same general goals. Examples include running
BIOS code, real-mode operations early during guest booting when the guest dis-
ables interrupts, or when an instruction is known to cause a trap that may require
emulation.
Because this emulation is slow compared to the direct execution of guest code,
the VMM includes a code scanner that is unique for each supported guest. As
mentioned earlier, this scanner will identify code paths and replace them with
direct calls into the hypervisor for a more correct and efficient implementation of
the operation. In addition, each time a guest fault occurs, the VMM will analyze
the cause of the fault to see if the offending code stream can be replaced by a less
expensive method in the future. As a consequence of this approach, VirtualBox
performs better than a typical emulator or code recompiler. It can also run a fully
virtualized guest at nearly the same speed as one that is assisted by Intel VT-x or
AMD-V features.
Search WWH ::
Custom Search