One of the primary functions of an operating system is to interface with physical resources on a computing system. A typical operating system might guard against accessing the physical resources in an inappropriate manner. For example, when one application is using a particular segment of memory, the operating system may protect that segment of memory from being altered by another application managed by that same operating system. Otherwise, the applications might not function as expected. Such access guards are often based on the assumption that the operating system is the only operating system running on the computing system.
However, sometimes it can be advantageous to run multiple operating systems on the same computing system. In that case, the implicit protections in each operating system to ensure safe operation with resources may no longer be sufficient. An operating system may not be able to control the accessing of the same physical resources by another operating system, and may not even have a mechanism for becoming aware of the existence of that other running operating system.
A hypervisor is a software layer that is configured to be interposed between one or more running operating systems and protected physical resources (such as processors, I/O ports, memory, interrupts, etc.). The hypervisor functionally multiplexes the protected physical resources for the operating systems, and manifests the resources to each operating system in a virtualized manner. For instance, as a simple example, suppose that there are two operating systems running on a computing system that has one processor and 1 Gigabyte (GB) of Random Access Memory (RAM). The hypervisor may allocate half of the processor cycles to each operating system, and half of the memory (512 Megabytes (MB) of RAM) to each operating system. Furthermore, the hypervisor may provide a virtualized range of RAM addressed to each operating system such that it appears to both operating systems that there is only 512 MB of RAM available.
When the operating system attempts to communicate with a physical resource and vice versa, the hypervisor performs appropriate buffering and transformations to allow each operating system to experience its environment as though it was the only operating system running on the computing system. Furthermore, the hypervisor does this is a manner that the physical resources on the computing system may be shared by multiple operating system instances while still being protected.
Traditionally, hypervisors are launched prior to running an operating system. This allows the hypervisor to start the operating system in a virtual machine by presenting a virtualized view of the physical resources. In order to immediately start the operating system in the virtual machine, the hypervisor includes extensive code for discovering the physical resources and their essential characteristics. Since physical resource discovery is done before there are any running operating systems, the operating system cannot be relied upon in this discovery process. Accordingly, the code for discovering physical resources in a hypervisor may be quite complex.