Quartz 4

Full Virtualization

3 min read

Full virtualization is a virtualization technique where the virtual machine simulates enough hardware to allow an unmodified guest operating system to run in isolation. In full virtualization, the guest OS is completely unaware that it is being virtualized and requires no modifications.

Key Characteristics

  • Guest operating system runs unmodified
  • No modifications to the guest OS source code or binaries
  • Complete isolation between guest and host
  • Higher resource overhead compared to other virtualization techniques

Challenges with x86 Architecture

The x86 architecture presented significant challenges for full virtualization because it doesn’t satisfy the Popek and Goldberg’s Theorem requirements:

  • Some sensitive instructions don’t trap when executed in user mode
  • These “critical instructions” prevent traditional trap-and-emulate virtualization

Binary Translation

To overcome these challenges, virtualization systems like VMware developed binary translation:

How Binary Translation Works

  1. Dynamic Code Analysis:

    • The VMM analyzes the guest OS code at runtime
    • Identifies sequences of instructions (translation units)
    • Looks for critical instructions in these units

  2. Code Replacement:

    • Critical instructions are replaced with alternative code that:
      • Achieves the same functionality
      • Allows the VMM to maintain control
      • May include explicit calls to the VMM

  3. Translation Cache:

    • Modified code blocks are stored in a translation cache
    • Frequently executed code benefits from this caching
    • Translation is done lazily (only when needed)

  4. Direct Execution:

    • Non-critical, unprivileged instructions run directly on the CPU
    • This minimizes performance overhead for regular code

Memory Management in Full Virtualization

Shadow Page Tables

To handle memory virtualization, full virtualization uses shadow page tables:

  1. Guest OS maintains its own page tables (logical to “physical” mapping)
  2. VMM maintains shadow page tables (logical to actual physical mapping)
  3. When guest modifies its page tables, operations trap to the VMM
  4. VMM updates shadow page tables accordingly
  5. The hardware MMU uses the shadow page tables for actual translation

This creates two levels of address translation:

  • Guest virtual address → Guest physical address
  • Guest physical address → Host physical address

Shadow page tables combine these translations for efficiency.

I/O Virtualization in Full Virtualization

Several approaches exist for I/O virtualization:

  1. Device Emulation:

    • VMM presents virtual devices to the guest
    • Common devices emulated include disk controllers, network cards, etc.
    • Guest uses standard drivers for these virtual devices

  2. Device Driver Interception:

    • VMM intercepts calls to virtual device drivers
    • Redirects to corresponding physical devices

  3. Device Passthrough:

    • Direct assignment of physical devices to VMs
    • Requires hardware support (IOMMU)
    • Offers better performance but limits device sharing

Performance Implications

Full virtualization has performance implications:

  • CPU overhead for binary translation
  • Memory overhead for shadow page tables
  • I/O performance degradation due to interception and emulation
  • High context switching overhead for privileged operations

Examples of Full Virtualization

  • VMware Workstation
  • Oracle VirtualBox
  • Microsoft Virtual PC
  • QEMU (when used without KVM)

Advantages and Disadvantages

Advantages

  • No modification to guest OS required
  • Can run any operating system designed for the same architecture
  • Complete isolation between VMs

Disadvantages

  • Performance overhead, especially for I/O operations
  • Complex implementation (especially binary translation)
  • Higher memory usage due to shadow page tables

Graph View

Backlinks