摘要:
Various aspects are disclosed herein for attenuating spin waiting in a virtual machine environment comprising a plurality of virtual machines and virtual processors. Selected virtual processors can be given time slice extensions in order to prevent such virtual processors from becoming de-scheduled (and hence causing other virtual processors to have to spin wait). Selected virtual processors can also be expressly scheduled so that they can be given higher priority to resources, resulting in reduced spin waits for other virtual processors waiting on such selected virtual processors. Finally, various spin wait detection techniques can be incorporated into the time slice extension and express scheduling mechanisms, in order to identify potential and existing spin waiting scenarios.
摘要:
Various operations are provided that improve the scalability of virtual TLBs in multi-processor virtual machines, and they include: implicitly locking SPTs using per-processor generation counters; waiting for pending fills on other virtual processors to complete before servicing a GVA invalidation using the counters; write-protecting or unmaping guest pages in a deferred two-stage process or reclaiming SPTs in a deferred two-stage process; periodically coalescing two SPTs that shadow the same GPT with the same attributes; sharing SPTs between two SASes only at a specified level in a SPTT; flushing the entire virtual TLB using a generation counter; allocating a SPT to GPT from a NUMA node on which the GPT resides; having an instance for each NUMA node on which a virtual machine runs; and, correctly handling the serializing instructions executed by a guest in a virtual machine with more than one virtual processor sharing the virtual TLB.
摘要:
Various operations are disclosed for improving the operational efficiency of interrupt handling in a virtualized environment. A virtualized interrupt controller may obviate the need for an explicit end-of-interrupt command by providing an automatic EOI capability even when a physical interrupt controller offers no such mechanism. The use of a message pending bit for inter-partition communications facilitates avoiding an EOI command of inter-processor interrupts used in inter-partition communications whenever no further messages are cued for a particular message slot. A virtualized interrupt controller facilitates the selective EOI of an interrupt even when it is not the highest priority in-service interrupt irrespective of whether a physical interrupt controller provides such functionality.
摘要:
To determine whether to deploy a candidate VM to a candidate host, taking into consideration resources available from the candidate host and resources required by the candidate VM, a sub-rating is calculated for each of several resources available from the candidate host, where the sub-rating for the resource corresponds to an amount of the resource that is free after the candidate VM is deployed to the candidate host. Thereafter, a rating is calculated from the calculated sub-ratings to characterize how well the candidate host can accommodate the candidate VM. The rating for the candidate host are presented to a selector that determines whether to deploy the candidate VM to the candidate host based on the rating thereof.
摘要:
One or more virtual processors can be added or removed from a virtual machine based on CPU pressure measured within the virtual machine. In addition to the foregoing, CPU pressure can also be used to determine whether to remove a virtual processor from a virtual machine, which may cause the computer system to consume less power. In the alternative, virtual processors can be parked and/or unparked in order to reduce the amount of power consumed by the virtual machine. In addition, virtual processors can be forcibly parked during a migration operation.
摘要:
Techniques for reducing virtual machine input/output emulation overhead and decreasing the attack surface of a virtual machine architecture are disclosed.
摘要:
Several embodiments of the present invention provide a means for improving data access security in computer systems to support high-security applications, and certain of these embodiments are specifically directed to providing sector-level encryption of a virtual hard disk in a virtual machine environment. More specifically, certain embodiments are directed to providing sector-level encryption by using plug-ins in a virtual machine environment, thereby providing improved data access security in a computer system that supports high-security applications. Certain embodiments also use encryption plug-ins associated with standard encryption software for exchanging data between a virtual machine (VM) and its associated virtual hard drive(s) (VHDs). Moreover, several embodiments of the present invention are directed to the use of plug-in encryption services that interface with, and provide services for, a VM via a VM Encryption API (or its equivalent).
摘要:
Various operations are provided that improve the scalability of virtual TLBs in multi-processor virtual machines, and they include: implicitly locking SPTs using per-processor generation counters; waiting for pending fills on other virtual processors to complete before servicing a GVA invalidation using the counters; write-protecting or unmaping guest pages in a deferred two-stage process or reclaiming SPTs in a deferred two-stage process; periodically coalescing two SPTs that shadow the same GPT with the same attributes; sharing SPTs between two SASes only at a specified level in a SPTT; flushing the entire virtual TLB using a generation counter; allocating a SPT to GPT from a NUMA node on which the GPT resides; having an instance for each NUMA node on which a virtual machine runs; and, correctly handling the serializing instructions executed by a guest in a virtual machine with more than one virtual processor sharing the virtual TLB.
摘要:
A method of virtualizing memory through shadow page tables that cache translations from multiple guest address spaces in a virtual machine includes a software version of a hardware tagged translation look-aside buffer. Edits to guest page tables are detected by intercepting the creation of guest-writable mappings to guest page tables with translations cached in shadow page tables. The affected cached translations are marked as stale and purged upon an address space switch or an indiscriminate flush of translations by the guest. Thereby, non-stale translations remain cached but stale translations are discarded. The method includes tracking the guest-writable mappings to guest page tables, deferring discovery of such mappings to a guest page table for the first time until a purge of all cached translations when the number of untracked guest page tables exceeds a threshold, and sharing shadow page tables between shadow address spaces and between virtual processors.
摘要:
The present invention provides a virtualized computing systems and methods for transitioning in real time between LONG SUPER-MODE and LEGACY SUPER-MODE in the x86-64 architecture. In doing so, a virtual machine, which relies on the traditional 32-bit modes, i.e., REAL MODE and PROTECTED MODE (V86 SUB-MODE, RING-0 SUB-MODE, and RING-3 SUB-MODE), is able to run alongside other applications on x86-64 computer hardware (i.e., 64-bit). The method of performing a temporary processor mode context switch includes the steps of the virtual machine monitor's setting up a “virtual=real” page, placing the transition code for performing the processor mode context switch on this page, jumping to this page, disabling the memory management unit (MMU) of the x86-64 computer hardware, modifying the mode control register to set either the LONG SUPER-MODE bit or LEGACY SUPER-MODE bit, loading a new page table, and reactivating the MMU of the x86-64 computer hardware.