Virtual Machines
Computers include general purpose central processing units (CPUs) that are designed to execute a specific set of system instructions. A group of processors that have similar architecture or design specifications may be considered to be members of the same processor family. Examples of current processor families include the MOTOROLA 680×0 processor family, manufactured by MOTOROLA, Inc. of Phoenix, Ariz.; the INTEL 80×86 processor family, manufactured by INTEL Corporation of Sunnyvale, Calif.; and the POWERPC processor family, which is manufactured by MOTOROLA, Inc. and used in computers manufactured by APPLE Computer, Inc. of Cupertino, Calif. Although a group of processors may be in the same family because of their similar architecture and design considerations, processors may vary widely within a family according to their clock speed and other performance parameters.
Each family of microprocessors executes instructions that are unique to the processor family. The collective set of instructions that a processor or family of processors can execute is known as the processor's instruction set. As an example, the instruction set used by the INTEL 80×86 processor family is incompatible with the instruction set used by the POWERPC processor family. The INTEL 80×86 instruction set is based on the Complex Instruction Set Computer (CISC) format. The MOTOROLA POWERPC instruction set is based on the Reduced Instruction Set Computer (RISC) format. CISC processors use a large number of instructions, some of which can perform rather complicated functions, but which require generally many clock cycles to execute. RISC processors use a smaller number of available instructions to perform a simpler set of functions that are executed at a much higher rate.
The uniqueness of the processor family among computer systems also typically results in incompatibility among the other elements of hardware architecture of the computer systems. A computer system manufactured with a processor from the INTEL 80×86 processor family will have a hardware architecture that is different from the hardware architecture of a computer system manufactured with a processor from the POWERPC processor family. Because of the uniqueness of the processor instruction set and a computer system's hardware architecture, application software programs are typically written to run on a particular computer system running a particular operating system.
A computer manufacturer will want to maximize its market share by having more rather than fewer applications run on the microprocessor family associated with the computer manufacturer's product line. To expand the number of operating systems and application programs that can run on a computer system, a field of technology has developed in which a given computer having one type of CPU, called a host, will include an emulator program that allows the host computer to emulate the instructions of an unrelated type of CPU, called a guest. Thus, the host computer will execute an application that will cause one or more host instructions to be called in response to a given guest instruction. Thus, the host computer can both run software design for its own hardware architecture and software written for computers having an unrelated hardware architecture. As a more specific example, a computer system manufactured by APPLE Computer, for example, may run operating systems and program written for PC-based computer systems. It may also be possible to use an emulator program to operate concurrently on a single CPU multiple incompatible operating systems. In this arrangement, although each operating system is incompatible with the other, an emulator program can host one of the two operating systems, allowing the otherwise incompatible operating systems to run concurrently on the same computer system.
When a guest computer system is emulated on a host computer system, the guest computer system is said to be a virtual machine, as the host computer system exists only as a software representation of the operation of the hardware architecture of the guest computer system. The terms emulator and virtual machine are sometimes used interchangeably to denote the ability to mimic or emulate the hardware architecture of an entire computer system. As an example, the Virtual PC software created by CONNECTIX Corporation of San Mateo, Calif. emulates an entire computer that includes an INTEL 80×86 Pentium processor and various motherboard components and cards. The operation of these components is emulated in the virtual machine that is being run on the host machine. An emulator program executing on the operating system software and hardware architecture of the host computer, such as a computer system having a POWERPC processor, mimics the operation of the entire guest computer system. The emulator program acts as the interchange between the hardware architecture of the host machine and the instructions transmitted by the software running within the emulated environment.
The x86 Architectures
“x86” is the generic name for the series all microprocessor families that use the x86 instruction set architecture (ISA). IA32 is specific processor architectures developed by INTEL that uses the x86 ISA. x86 began with the INTEL's 8086 microprocessor. x86 processors include but are not limited to Intel's 8086, 286, 386, 486, PENTIUM, PENTIUM with MMX, PENTIUM PRO, PENTIUM II, PENTIUM III, and PENTIUM 4 processor families, as well as Advanced Micro Device's (AMD's) K5, K6, K6-2, K6-3, ATHLON, Enhanced ATHLON (a.k.a. “thunderbird”), ATHLON 4, and ATHLON MP, ATHLON 64, OPERTON, among others.
A virtual machine monitor (VMM) is a software layer that runs directly above the hardware, and the VMM virtualizes all the resources of the machine by exposing interfaces that are the same as the hardware the VMM is virtualizing (which enables the VMM to go unnoticed by operating system layers running above it). However, the x86 architectures, including the IA32 architecture and the like, contain many virtualization holes that present a number of challenges for a VMM implementation. First, the x86 architecture does not divide all processor state into either privileged state or user state where, among other things, privileged state should include any control or status fields that indicates the current privilege level, as well as other resources that need to be under the control of the underlying operating system (or “supervisor layer”) to implement resource control and protection barriers between user-level application instances. Second, the x86 architecture does not cause traps in all cases when access to a privileged state (whether read or write) is attempted at a user level. Third, the x86 architecture has no means for causing a trap when user-level code attempts to access a non-privileged state that should be virtualized (e.g. timer values, performance counters, processor feature registers). Fourth, while all in-memory processor structures should be either stored outside of the current address space or be protectable from errant or malicious memory accesses within the VM, the x86 architecture does not allow for this. Fifth and last, x86 architectures cannot restore all processor state at the time of an interrupt or trap to its pre-trap state after the interrupt or trap is handled.