This articleArticleThere may be a little technical difficulty. If you have any reading difficulties, please contact me directly. I will give you more details. The main reason I wrote this section was that I was asked by many people why hyper-V needed a processor to support either AMD-V or Intel VT technology. Does this indicate that hyper-V has defects or other problems. Here I will explain that this is precisely the powerful Fundamental Principle of hyper-v.
Here I will explain in two parts: one is the popular virtualization solution principle and the other is the hyper-v solution technical principle.
With the development of virtualization technology, virtualization has evolved from pure software to processor-level, platform-level, and input/output-level virtualization. IsIntel virtualization technology for directed I/OAnd intel VT-D.
The main problems with pure software are performance and isolation. The main reason is that the traditional x86 processor architecture provides four different privilege levels for commands to protect the running of commands ~ Ring3, ring0 highest ring3 lowest. This is different from the process priority in the operating system we generally know. For example, gdt, IDT, LDT, and TSS commands run on privilege0 (ring0. Ring0 corresponds to kernal, ring1 corresponds to system services, ring2 corresponds to custom extensions, ring3 corresponds to applications, and the right figure shows the implementation of an operating system, most operating systems only use ring0 and ring3. This brings up a problem. The x86 operating system kernel runs at ring0, while for vmm, it is a big problem for them to run the operating system outside ring0 in ring3. Of course, there are always more methods than problems. The most popular solution isRing deprivilegingThere are two options: the customer OS runs on privilege 1 (0/1/3 Model) or privilege 3 (0/3/3 model ). If you have any questions, you can refer to some related documents or email me. I have no time to continue.
At least here, we know why the current virtual machine is so efficient. None of the client's OS can really run in privilege0, gdt, IDT, LDT, TSS, etc. commands that can only run in privilege0 must be run through simulation, which consumes a lot of resources. Performance is tolerable, and security is a critical issue. Because we have simulated some commands of ring0 on ring3, if we isolate them improperly, it will not only affect other customer OS, but also pose a powerful threat to the host operating system.
I tried my best to make this article simple and understandable, but I am constantly introducing new concepts and terms. I hope you will understand them here. Next we will talk about isolation. Ring deprivileging uses the segment limit (restricted segmentation) and paging (pagination) of the ia32 architecture to isolate ring deprivileging, however, the 64-bit operating system does not support segment limit. The paging mode is required. What's more, the paging mode cannot distinguish privilege0/1/2 from privilege3 or non-privilege3. To distinguish the primary operating system from the customer operating system, we can only run the client to privilege3. In this way, when I have multiple client virtual machines, they will be in the same privilege3, and privileg cannot protect them. This is the legendRing Compression-- Isolation issues brought about by ia32.
Now, let's talk about some shortcomings of traditional technologies. You may feel dizzy, and I will continue to do it later.