一直听闻嵌套虚拟化这一技术,但是从未深入研究过其底层原理。借此机会,本文将一探嵌套虚拟化。

嵌套虚拟化的绝佳入门材料为ODSI’10上的论文The Turtles Project: Design and Implementation of Nested Virtualization。本文内容主要是paperslides的notes。

1. Introduction

In nested virtualization, a hypervisor can run multiple other hypervisors with their associated virtual machines. 通俗地来说,套娃。

接下来将从CPU虚拟化,内存虚拟化,IO虚拟化这三个方面去介绍嵌套虚拟化的原理。

2. CPU: Nested VMX Virtualization

Approach for nested virtualization multiplexes multiple levels of virtualization (multiple hypervisors) on the single level of architectural support available.

2.1 VMX Trap and Emulate

2.2 VMCS Shadowing

2.3 VMEntry and VMExit Emulation

2.4 summary

3. MMU: Multi-dimensional Paging

4. I/O: Multi-level Device Assignment

5. Summary

  1. Approach for CPU virtualization works by having the lowest hypervisor inspect the trap and forward it to the hypervisors above it for emulation.

  2. For efficient memory virtualization, we developed multi-dimensional paging, which collapses the different memory translation tables into the one or two tables provided by the MMU.

  3. For efficient I/O virtualization, we bypass multiple levels of hypervisor I/O stacks to provide nested guests with direct assignment of I/O devices via multilevel device assignment.