Professional Documents
Culture Documents
Seminar Report
On
HARDWARE
VIRTUALISATION
Submitted in partial fulfillment of the
requirements for the award ofthe degree
of
BACHELOR OF TECHNOLOGY
In
COMPUTER SCIENCE AND ENGINEERING
Submitted by
SHASHANK TIWARI
B. TECH (CS-81)
APJAKTU, LUCKNOW
JAN-2021
ABSTRACT
The goal of this paper is to look into the field of hardware virtualisation, as well as to provide an
overview of human-computer interaction and its definition.
Numerous systems have been designed which use virtualization to subdivide the ample resources
of a modern computer. Some require specialized hardware, or cannot support commodity
operating systems. Some target 100% binary compatibility at the expense of performance. Others
sacrifice security or functionality for speed. Few offer resource isolation or performance
guarantees; most provide only best-effort provisioning, risking denial of service.
The goal is to integrate all these facilities into a single virtual machine so that the user does not
have to resort to different resources for different purposes. Integration is one of the sole purposes
of this paper.
1
ACKNOWLEDGEMENT
I wish to express my profound and sincere gratitude to Mr. Devendra Kumar Sir, Department of
Computer Science Engineering, SRMGPC, LUCKNOW, who guided me into the intricacies of
this seminar non-chalantly with matchless magnanimity.
I thank to Dr. Atul Kumar, Head of the Department of Computer Science Engineering,
SRMGPC, LUCKNOW, for extending their support during course of this investigation.
SHASHANK TIWARI
DECLARATION
I, SHASHANK TIWARI, Roll. No. 161210089, studying in the Final year of Bachelor of
Technology in Computer Science and Engineering at SHRI RAMSWRAOOP MEMORIAL
GROUP OF PROFESSIONAL COLLEGES, LUCKNOW, hereby declare that this project work
entitled “HARDWARE VIRTUALISATION” which is submitted by me in the fulfilment of my
seminar report work for the session 2020-2021.
I further undertake that the matter embodied in the dissertation has not been submitted previously
for the award of any degree or certification by me to any other university or institution. The
activity work done in this project has been kept extremely confidential. I hereby declare that the
above provided statement has been written with absolute authenticity.
SHASHANK TIWARI
LIST OF SYMBOLS, ABBREVIATIONS AND NOMENCLATURE
Hardware virtualization is the virtualization of computers as complete hardware platforms, certain logical
abstractions of their componentry, or only the functionality required to run various operating systems.
Virtualization hides the physical characteristics of a computing platform from the users, presenting instead
an abstract computing platform.[1][2] At its origins, the software that controlled virtualization was called a
"control program", but the terms "hypervisor" or "virtual machine monitor" became preferred over time.
The term "virtualization" was coined in the 1960s to refer to a virtual machine (sometimes called "pseudo
machine"), a term which itself dates from the experimental IBM M44/44X system.[3] The creation and
management of virtual machines has been called "platform virtualization", or "server virtualization", more
recently.
Platform virtualization is performed on a given hardware platform by host software (a control program),
which creates a simulated computer environment, a virtual machine (VM), for its guest software. The guest
software is not limited to user applications; many hosts allow the execution of complete operating systems.
The guest software executes as if it were running directly on the physical hardware, with several notable
caveats. Access to physical system resources (such as the network access, display, keyboard, and disk
storage) is generally managed at a more restrictive level than the host processor and system-memory.
Guests are often restricted from accessing specific peripheral devices, or may be limited to a subset of the
device's native capabilities, depending on the hardware access policy implemented by the virtualization
host.
Virtualization often exacts performance penalties, both in resources required to run the hypervisor, and as
well as in reduced performance on the virtual machine compared to running native on the physical
machine.
Working
How Virtualization Happens
Diane Barrett, Gregory Kipper, in Virtualization and Forensics, 2010
Virtualizing Hardware Platforms
Hardware virtualization, sometimes called platform or server virtualization, is executed on a particular
hardware platform by host software. Essentially, it hides the physical hardware. The host software that is
actually a control program is called a hypervisor. The hypervisor creates a simulated computer
environment for the guest software that could be anything from user applications to complete OSes. The
guest software performs as if it were running directly on the physical hardware. However, access to
physical resources such as network access and physical ports is usually managed at a more restrictive level
than the processor and memory. Guests are often restricted from accessing specific peripheral devices.
Managing network connections and external ports such as USB from inside the guest software can be
challenging. Figure 1.4 shows the concept behind virtualizing hardware platforms.
Virtualizing the CPU has several implications for guest OSes. Principally, the insertion of a hypervisor
below the operating system violates the usual assumption that the OS is the most privileged entity in the
system. In order to protect the hypervisor from OS misbehavior (and domains from one another) guest
OSes must be modified to run at a lower privilege level. Many processor architectures only provide two
privilege levels. In these cases the guest OS would share the lower privilege level with applications. The
guest OS would then protect itself by running in a separate addressspace from its applications, and
indirectly pass control to and from applications via the hypervisor to set the virtual privilege level and
change the current address space. Again, if the processor’s TLB supports address-space tags then
expensive TLB flushes can be avoided.
Rather than emulating existing hardware devices, as is typically done in fully-virtualized environments,
Xen exposes a set of clean and simple device abstractions. This allows us to design an interface that is both
efficient and satisfies our requirements for protection and isolation. To this end, I/O data is transferred to
and from each domain via Xen, using shared-memory, asynchronous bufferdescriptor rings. These provide
a high-performance communication mechanism for passing buffer information vertically through the
system, while allowing Xen to efficiently perform validation checks (for example, checking that buffers
are contained within a domain’s memory reservation).
Detailed Design
Control Transfer: Hypercalls and Events Two mechanisms exist for control interactions between Xen and
an overlying domain: synchronous calls from a domain to Xen may be made using a hypercall, while
notifications are delivered to domains from Xen using an asynchronous event mechanism. The hypercall
interface allows domainsto perform a synchronous software trap into the hypervisor to perform a
privileged operation, analogous to the use of system calls in conventional operating systems. An example
use of a hypercall is to request a set of pagetable updates, in which Xen validates and applies a list of
updates, returning control to the calling domain when this is completed.
Data Transfer: I/O Rings The presence of a hypervisor means there is an additional protection domain
between guest OSes and I/O devices, so it is crucial that a data transfer mechanism be provided that allows
data to move vertically through the system with as little overhead as possible. Two main factors have
shaped the design of our I/O-transfer mechanism: resource management and event notification. For
resource accountability, we attempt to minimize the work required to demultiplex data to a specific domain
when an interrupt is received from a device — the overhead of managing buffers is carried out later where
computation may be accounted to the appropriate domain. Similarly, memory committed to device I/O is
provided by the relevant domains wherever possible to prevent the crosstalk inherent in shared buffer
pools; I/O buffers are protected during data transfer by pinning the underlying page frames within Xen.