1. Field of the Invention
The present invention relates to a data processing apparatus capable of controlling at least one instruction execution right, and more particularly to a data processing apparatus capable of independently controlling a reference right for accessing one or more internal resources at the time of executing a given instruction. More specifically, the present invention relates to a virtual computer system having programmable privilege levels.
2. Description of Related Art
Heretofore, the reference right to internal resources in the data processing apparatus has been controlled by sorting the operations of the instructions into "privileged operation" and "non-privileged operation". Specifically, the data processing apparatus has an execution status register for distinguishing whether or not the processor itself is in a privileged condition or in a non-privileged condition. In most cases, this execution status register is a register for holding at least one part of a program status word (PSW). In the privileged condition, it is allowed to execute all the instructions, and in the non-privileged condition, the execution of only the non-privileged instructions is allowed. In other words, the execution of the privileged instructions is inhibited in the non-privileged mode. With this arrangement, the operation of important internal resources are all treated as the privileged instructions, so as to prevent the leakage of the internal resources by the non-privileged instructions.
However, if a virtual computer system (virtual machine) is constructed by using the above mentioned conventional data processing apparatus, the performance will drop when the privileged instructions are executed. This virtual machine is intended to realize a plurality of operating systems on one computer system, and a few types of systems are actually used.
The virtual machine system comprises one real machine and one or more machines associated thereto. A software for performing one or more operating systems on the real machine is called "virtual machine monitor", which is hereinafter called "host OS". On the other hand, one or more operating systems managed by the virtual machine monitor are called "guest OS". In addition, one or more machine interfaces constructed by the real machine and the host OS are called "virtual machine", and the respective guest OSs run on corresponding virtual machines.
Specifically, the host OS serves to perform the control of the resource management scheduling and the execution sequences of the respective virtual machines on the real machine, and also to execute the dispatch treatment. In addition, the host OS serves to simulate the privileged instructions of the guest OSs. Ordinarily, only the host 0S runs when the real machine is in the privileged condition. On the other hand, the guest OSs run only when the real machine is in the non-privileged condition, and therefore, they cannot directly execute the privileged instructions. However, since the guest OSs are prepared on the assumption that guest OS itself runs in the privileged condition, it is required that the privileged instructions of the guest OS run on the virtual machines as they are. Because of this, when the privileged instructions of the guest OS are detected, the privileged instructions of the guest OS are conventionally simulated in an exception processing routine of the host OS as the privileged instruction exception. In this method, every time the guest OS executes the privileged instructions, the exception processing routine of the host OS is necessarily triggered. Therefore, when the privileged instructions are executed by a guest OS, indirectly through the list, the performance will drop significantly in comparison to a direct execution of the privileged instructions.
In order to overcome the above problem, there has been proposed a so-called "privileged instruction assist" in which the privileged instructions of the guest OS is simulated by firmware and without generating the privileged instruction exception. However, this method cannot fundamentally solve the above mentioned problem. The reason for this is that as far as the privileged instructions of the guest OS is simulated or emulated by means of software or firmware, the overhead is inevitably large as compared with the case in which the privileged instructions themselves are directly executed. This problem is most noticeable when simple privileged instructions are executed.