Pensieve

Recent Notes

Virtualization

7 min read

Virtualization in the context of operating systems refers to the creation of virtual (rather than actual) versions of something, such as hardware platforms, operating systems, storage devices, or network resources. In virtualization, the kernel can impact the usermode while in client server, the

  • Interpreters in Virtualization:
    • The concept of having two “interpreters” refers to one being a virtual machine (VM), or the “pretend interpreter,” and the other being the actual physical hardware, or the “real interpreter.”
    • The “pretend interpreter” is essentially a software emulation of a computer system. It runs in a window like any other program, but simulates a complete hardware environment that an operating system can run within. It has its own set of virtual hardware, including a CPU, memory, and disk storage, all of which are mapped to the real hardware on the physical machine but are entirely controlled by the virtual machine’s system.
    • The “instruction pointer” within the pretend interpreter is a special register within the CPU that keeps track of where a computer is in its program sequence
      • in a virtualized environment, this instruction pointer operates within the confines of the virtual machine’s memory, not affecting the host system’s memory.
      • This virtual instruction pointer interacts with what it perceives as the VM’s own memory, though it’s actually an isolated space within the real system’s memory, often referred to as “emulated memory.”
  • Emulated Memory:
    • The “emulated memory” is a segment of the host system’s actual physical memory, sectioned off and allocated to a virtual machine. From the VM’s perspective, this emulated memory is its “own” RAM.
      • it’s actually just a portion of the larger system memory on the host. This abstraction layer is vital for the VM to function, as it believes it’s interacting with its own hardware resources, though it’s actually interfacing with virtualized representations of these resources.
      • This approach allows multiple VMs to operate on a single physical machine without interfering with one another, enhancing resource utilization and system security.

Example: Read System Call

How can we create the system call that acts like a function call but with hard modularity?

  • (ISRS): When an instruction fails, the hardware goes to a table of memory where each of the entries is a fallback code for invalid instructions. These are also called hardware traps
  • The int instruction tells the hardware please pretend there is an error with the following error code, so int 0x80 would go to the trap table and figure out what the low level code is for that “error”
    • this is called protected transfer of control, where the instructions within the table after the trap is the kernel code that cannot be accessed

Hardware of Virtualization

  • In Linux, the mechanism for initiating a system call involves placing a specific system call number in a designated register (like %eax on x86 architecture) and then executing a special instruction (like int 0x80 or syscall) that causes the processor to switch from user mode to kernel mode.
  • The system call number is essentially an index that the kernel uses to identify the specific system call function to execute. Different system calls have different numbers, each associated with a specific operation.
  • Additional arguments required for the system call are passed using other registers (like %ebx, %ecx, %edx, %esi, etc., on x86). These registers will contain values or pointers that are arguments to the function that the system call is meant to execute.
  • After the system call is completed, control is returned to the calling user-mode process, and the processor reverts from kernel mode back to user mode.
    • For the user, it looks like a function call but it is a lot more expensive and gives you hard modularity

System Calls and Privileged Operations

  • Privileged Instructions: Commands only executable in kernel mode, affecting critical system functions and hardware interactions.
  • Hardware Interfaces: Channels for software-hardware communication
    • include privileged (sensitive operations) and non-privileged (general use) types.
  • Kernel’s Role: Acts as an intermediary between applications and hardware.
    • Operates in a privileged state, allowing direct hardware interaction and execution of privileged instructions.
  • Applications and System Calls:
    • Applications run in non-privileged user mode, request privileged operations via system calls.
    • System calls are controlled entry points into the kernel for specific services or operations.
  • Traps and Context Switches:
    • Mechanisms that switch execution from user mode to kernel mode, allowing system calls to invoke privileged operations.
    • Initiate a context switch, pausing application execution and transferring control to the kernel.

What does our Virtual Machine Need?

The Virtual Machine Needs:

  • ALU (this must be fully supported within the virtual machine similarly to the physical machine for performance reasons)
  • Registers (full speed for register access, but some might be too sensitive for this to work)
  • Primary Memory (user memory at full speed, kernel buffers should be decided by the kernel)
    • mmap is a system call that allows you to contreol cr3 and the virtualized system that you are managing
  • IO (typically should not be accessed)

For all of these things, we use system calls to interact with the kernel to make these happen. The kernel is the arbiter that decides whether or not you are allowed to do it.

Understanding Process Management in Single-Core Machines

Registers and Multiplexing:

  • In a computer system, especially in a single-core context, there exists only one set of registers.
  • Multiplexing is a technique used to share this single set of hardware resources (like registers) among multiple processes or tasks.
  • This approach involves saving and restoring register contexts during task switches, allowing each process to use the registers as if they were dedicated to them.

Process Table:

  • The operating system maintains a “process table,” which is a data structure that keeps track of all the processes in the system.
  • Each entry in the process table, typically starting from index 1, represents an individual process and contains vital information about it.
  • Important details stored include the process’s current state, its register context (including the instruction pointer), memory information, and other scheduling-related data.

Context Switching:

  • When the kernel scheduler decides to allow a new process to run, it performs a “context switch.”
  • During a context switch, the state of the currently running process (including its registers) is saved to a specific area in RAM known as the process’s context.
  • The saved state includes the instruction pointer, which keeps track of where the process was executing, thus allowing the process to resume from the same point when it’s scheduled to run again.
  • The state of the new process to be run is then loaded from its context in RAM, and execution begins or resumes for this process.

Process Illusion:

  • Despite the physical limitation of having a single core, the operating system provides the illusion that all processes are running concurrently.
  • This is achieved through rapid context switches, where processes are paused and resumed so quickly that they seem to be executing simultaneously.
  • Each process perceives itself as running continuously, unaware that it gets frozen and unfrozen in memory due to the scheduler’s actions.

Device Types

  • Network devices have spontaneous data generation
    • have a stream of data
    • potentially have an infinite amount of data
  • Storage devices are typically more request, response
    • random access to stored data
    • finite

There is a school of thought that believes that these types of devices should have different methods of accesssing the data

Linked Map of Contexts

Computer Science

Graph View