1. Field
The present disclosure pertains to the field of information processing, and more particularly, to the field of virtualizing resources in information processing systems.
2. Description of Related Art
Generally, the concept of virtualization of resources in information processing systems allows multiple instances of one or more operating systems (each, an “OS”) to run on a single information processing system, even though each OS is designed to have complete, direct control over the system and its resources. Virtualization is typically implemented by using software (e.g., a virtual machine monitor, or a “VMM”) to present to each OS a “virtual machine” (“VM”) having virtual resources that the OS may completely and directly control, while the VMM maintains a system environment for implementing virtualization policies such as sharing and/or allocating the physical resources among the VMs (the “virtualization environment”). Each OS, and any other software, that runs on a VM is referred to as a “guest” or as “guest software,” while a “host” or “host software” is software, such as a VMM, that runs outside of, and may or may not be aware of, the virtualization environment.
A processor in an information processing system may support virtualization, for example, by supporting an instruction to enter a virtualization environment to run a guest on a VM. In the virtualization environment, certain events, operations, and situations, such as external interrupts or attempts to access privileged registers or resources, may be “intercepted,” i.e., cause the processor to exit the virtualization environment so that a VMM may operate, for example, to implement virtualization policies. A processor may also support other instructions for maintaining a virtualization environment, and may include register bits that indicate or control virtualization capabilities of the processor.
The system's privileged resources may include input/output (“I/O”) devices that may be accessed through I/O transactions and/or through memory transactions where the I/O device has been mapped to a memory address (a “memory mapped device”). I/O transactions may be intercepted to prevent a guest from directly accessing an I/O device. Memory transactions to memory-mapped I/O devices may be intercepted in a page-based memory management architecture by marking pages to which an I/O device has been mapped as not present or not writable, thereby causing a page fault intercept if a guest attempts to access the memory mapped device.