Virtual computing allows multiple virtual machines, each having their own operating system, to run on a host computer. The host computer has a virtualizer program that allows the host computer to emulate the instructions of a virtual machine program; which may have a different CPU model than the host computer. The host computer virtualizer program can also virtualize the hardware resources of the host machine for virtual machine use. The virtual machine that is requesting hardware resources such as CPU, memory, I/O and disk space is called a guest with respect to the host computer.
In a virtual machine, the guest computer system only exists in the host computer system as a pure software representation of the operation of one specific hardware architecture. The terms virtualizer, emulator, direct-executor, virtual machine, and processor emulation are sometimes used interchangeably to denote the ability to mimic or emulate the hardware architecture of an entire computer system using one or several approaches known and appreciated by those of skill in the art. A virtualizer program executing on the operating system software and hardware architecture of the host computer mimics the operation of the entire guest computer system.
The virtualizer program acts as the interchange between the hardware architecture of the host machine and the instructions transmitted by the software (e.g., operating systems, applications, etc.) running within the emulated guest virtual machine environment. In one virtual machine environment embodiment, the emulated environment may include a virtual machine monitor (VMM) which is a software layer that runs directly above the host hardware, perhaps running side-by-side and working in conjunction with the host operating system, and which can virtualize all the resources of the host machine (as well as certain virtual resources) by exposing interfaces that are the same as the hardware the VMM is virtualizing. This virtualization enables the virtualizer (as well as the host computer system itself) to go unnoticed by operating system layers running above it. In a virtual machine environment, the multiple virtual machines impose performance requirements on the hardware resources of the host machine. It is desirable to keep one virtual machine separated from the other virtual machines as well as separated from the host. Separation or isolation of one virtual machine from another is useful to segregate errors and faults such that one virtual machine fault does not affect another virtual machine. Thus, some virtual machine embodiments map the virtual machine hardware accesses into separate host computer system resources. One such resource is random access memory. This important system resource must be carefully managed in a virtual machine environment.
One type of CPU that may be used as a host computer resource is the x86 family of processors. This family has a built-in memory address lookup mechanism that allows a virtual address, say in one application, to be converted to a physical address via a process known as a page walk or paging. FIG. 1 shows a typical prior art page walk process, implemented in hardware in an x86 processor family.
A typical x86 family processor running with the paging enabled relies on a set of page descriptors and page tables to create a sparse map of virtual address to physical address translations. Such machines can extend the mapping structure by introducing a third lookup table, the page descriptor page tables (PDPT), and larger page table entries (PTE) to produce a physical address.
FIG. 1 represents a standard x86 family scheme 100 for determining a physical address from a virtual address. This first level translation is a hardware oriented translation and is built into the x86 hardware such that a physical address may be quickly derived from a virtual address. The virtual address is provided by the processor control register 110. In the example of a x86 machine, the control register is known as CR3. Control register data 115 is used to access a page descriptor table 120 which provides an index 125 to select a multiplicity of page descriptor tables 130, 140. In the FIG. 1 example, the page descriptor table 140 provides a reference to a specific page table from a multiplicity of page tables 150, 160, 170. A specific entry 180 in a selected page table 175 is selected by a reference obtained from the page descriptor data 145. The entry 180 is the physical address corresponding to the virtual address contained in the control register 110. This hardware oriented scheme provided by the x86 family is considered a fast and efficient way to convert a virtual address into a physical address useful for an application being run on the x86 processor.
The x86 processor may also contain a translation look-aside buffer (TLB) in which it places the most recently traversed table mappings, placing within the TLB the virtual address and related physical address. Subsequent processor memory accesses look to the TLB to avoid the page table walk of FIG. 1 resulting in higher efficiency in machine cycle use. But this efficiency is not normally used in the virtual machine environment.
When an operating system is executing in a virtual machine created by a VMM, the physical addresses of the guest are virtualized and it is often the case that these guest physical addresses do not correspond to host physical addresses. Consequently, these guest-generated page tables cannot be directly traversed by the address translation hardware described in FIG. 1. Instead, the Virtual Machine Monitor (VMM) refers to guest-generated tables to create a corresponding new set of shadow page tables to create mappings of the guest virtual addresses to host physical addresses. Accordingly, when a guest virtual address is loaded into the control register 110 by the guest virtual machine operating system, the page table walk results of FIG. 1 may become non-applicable and a machine exception is generated. The machine exception can then access a routine in the VMM to use the control register guest virtual address to point to the shadow mappings created by the VMM. This VMM intervention is very expensive in terms of machine cycles. Although the hardware oriented page walk of FIG. 1 may take on a dozen or so machine cycles, the VMM intervention may take thousands of machine cycles.
In addition, any changes the guest virtual machine makes to its page tables require VMM intervention to update the corresponding shadow page tables. The overhead of shadow page table maintenance is high both in time consumed to maintain the shadow mappings and in the memory space consumed by the shadow mappings. The VMM has to intercede any time the guest operating system makes any substantive changes to its mappings.
In addition, the translation look-aside table (TLB) cache, which normally speeds up processor operation, is largely rendered ineffective by a VMM intervention. The TLB is cleared any time multitasking occurs within a selected virtual machine. The TLB is also cleared any time the context changes from one virtual machine or guest to another virtual machine or guest. Thus, the implementation of virtual machine operation can adversely affect not only the hardware schemes for quick address lookup, such as the TLB, but also adversely affect the effectiveness of the page walk hardware.
Thus, there is a need for a method and system to implement fast memory translation from a guest virtual address to a host physical address in a virtual machine environment. It would be advantageous to take advantage of hardware already in place to facilitate a virtual address to physical address translation. The present invention addresses the aforementioned needs and solves them with additional advantages as expressed herein.