A virtual machine architecture logically partitions a physical machine, such that the underlying hardware of the machine is time-shared and appears as one or more independently operating virtual machines (VMs). A Virtual Machine Monitor (VMM) runs on a computer and facilitates for other software the abstraction of one or more VMs. Each VM may function as a self-contained platform, running its own operating system (OS) and application software. The software running in a VM is collectively referred to herein as guest software.
The guest software expects to operate as if it were running on a dedicated computer rather than in a VM. That is, the guest software expects to control various events and have access to hardware resources on the computer (e.g., physical machine). The hardware resources of the physical machine may include one or more processors, resources resident on the processors (e.g., control registers, caches, and others), memory (and structures residing in memory, e.g., descriptor tables), and other resources (e.g., input-output devices) that reside in the physical machine. The events may include interrupts, exceptions, platform events (e.g., initialization (INIT) or system management interrupts (SMIs), and the like).
The VMM may swap guest software state in and out of the devices, memory and the registers of the physical machine as needed. The VMM may enhance performance of a VM by permitting the direct access to the underlying physical machine. This may be especially appropriate when an operation is being performed in non-privileged mode in the guest software, which limits software access to the physical machine or when operations will not make use of hardware resources in the physical machine which the VMM wishes to retain control.
The VMM regains control whenever a guest operation may affect the correct execution of the VMM or any of the non-executing VMs. Usually, the VMM examines such operations, determining if a problem exists before permitting the operation to proceed to the underlying physical machine or emulating the operation on the behalf of a guest. For example, the VMM may need to regain control when the guest accesses I/O devices, when it attempts to change machine configuration (e.g., by changing control register values), when it attempts to access certain regions of memory, and the like.
Existing systems that support VM operation, control the execution environment of a VM using a fixed format structure, herein referred to as a Virtual Machine Control Structure (VMCS). The VMCS is stored in a region of memory and contains, for example, state of the guest, state of the VMM, and control information indicating under which conditions the VMM wishes to regain control during guest execution. The processor(s) in the physical machine reads information from the VMCS to determine the execution environment of the VM and VMM, and to constrain the behavior of the guest software under control of the VMM.
Conventional architectures locate the VMCS in the memory of the physical machine and allow the VMM to access it using ordinary memory read and write instructions. For this reason, the format of the VMCS must be defined architecturally in the processor instruction set architecture (and documented in specifications and manuals in a manner similar to other system structures and instruction encodings). The VMM is coded directly to these specifications. This structuring limits the flexibility in implementation of the processor(s) supporting the VMM. Since the form of the VMCS is architecturally-defined, the microarchitecture of a particular processor implementation may not make changes in the format, contents, organization, or storage requirements of the VMCS data for reasons of performance, extensibility, compatibility, security, and the like, without also requiring corresponding modifications to the installed base of VMM implementations.
Therefore, there is a need for more flexible implementations of virtual machine architectures, which are not rigidly coupled to the underlying implementation of the physical machines.