DOCSLIB.ORG

Virtual Square (V 2) in Computer Science Education ∗

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Virtual Square (V 2) in Computer Science Education ∗ ∗ Virtual Square (V 2) in Computer Science Education Renzo Davoli Michael Goldweber University of Bologna Xavier University [email protected] [email protected] ABSTRACT General Terms It is common to name as virtual the imaginary space that can Experimentation, Security, Performance be created by software using computers and networks. This space is not only a set of processing and communications Keywords means and methods but it is also a space where humans can “meet,” exchange ideas, leave messages etc. Students Teaching, Operating Systems, Networking, Administration, in computer science must learn how to design, implement, Virtual Machine, Security, Laboratory manage and debug the systems and networks that create this virtual space. Furthermore, CS students need an ex- 1. DEFINITION OF A VIRTUAL SQUARE perimental environment –a playground– where they can de- 2 velop their skills at creating and supporting these virtual (V ) SYSTEM 2 environments. A Virtual Square (V ) system [3] consists of virtual or em- For this “playground” we propose a virtual world made up ulated machines connected together by virtual or emulated of emulated computer systems and emulated networks. This networks. 2 emulated world will be the students’ testing environment, The basic characteristics of a V system are the following: where they can run their own services, administer their own machines and set up security attacks without any danger • Consistency of the emulation. The overall system should behave as a real system of computers and networks. to real networks and systems. It is a virtual space based 2 on virtual machines and virtual networks but it is also a The extra layer of virtuality introduced by V can re- meeting place for computer science students, where they can duce the performance of the system. All the virtual computers and networks behave as real computers and test the effectiveness of their ideas. 2 This “space” therefore is a twice virtual space, which we networks, albeit as slower devices. Naturally, V net- 2 call virtual to the second power or virtual squared (V ). It works are effective if the speed of the emulation and is a also virtual location (i.e. a town square) where different the processing and communication power of the under- real computers, virtual systems and people can meet and lying real distributed system are sufficient to preserve communicate. usability, in terms of responsiveness for the users. 2 • Possibility to integrate V systems and real systems; Categories and Subject Descriptors 2 or to keep V systems completely disjoint if needed. K.3.2 [Computers and Education]: Computer and In- The consistency of the emulation must therefore be at formation Science EducationComputer science education; the internal processing level. If so, it is then possible to C.2.5 [Computer Systems Organization]: Local and interoperate between real systems and virtual systems Wide-Area NetworksEthernet,Internet; D.4.6 [Operating and to forward, switch or route packets between vir- Systems]: Security and ProtectionAccess controls; D.4.4 tual networks and real networks. On the other hand, [Operating Systems]: Communications ManagementNet- there can be cases in which it is desirable to have dis- 2 work communication joint, non intercommunicating V systems, unable to ∗ This work was partially supported by the WebMinds FIRB exchange any data with real systems and networks. project of the Italian Ministry of University, Research and 2 Education • Safety. V virtual machines and networks must run as standard user programs, with no need for dangerous kernel modules or specific root-required configurations in the underlying host systems and networks. Clearly, 2 Permission to make digital or hard copies of all or part of this work for when V networks are interfaced with real infrastruc- personal or classroom use is granted without fee provided that copies are tures, the real systems on the boundary may need some not made or distributed for profit or commercial advantage and that copies root-required configuration. bear this notice and the full citation on the first page. To copy otherwise, to 2 republish, to post on servers or to redistribute to lists, requires prior specific There are two components to a V system; emulated hosts permission and/or a fee. ITiCSE'05, June 27–29, 2005, Monte de Caparica, Portugal. and emulated networks. There are several currently avail- Copyright 2005 ACM 1-59593-024-8/05/0006 ...$5.00. able free or open source technologies that can be used as 2 2 V emulated hosts. The only V emulated/virtual network- MPS/µMPS [10, 8]. MPS and µMPS were designed for 2 ing environment (VDE) was developed as part of the V educational purposes. Like Qemu, Bochs and PearPC, initiative. MPS/µMPS are complete virtual systems. MPS em- 2 V systems have several applications. For example they ulates a MIPS based computer (user-level, complete have been used in research areas as diverse as security, pri- processor virtualization). It is a workbench for com- vacy, mobility, and software development. This paper fo- puter science students to run their experimental oper- 2 cuses on V system applications in computer science educa- ating systems in a real-world consistent virtual com- tion. Interested readers are referred to the Virtual Square puter while stripping off unnecessary complexities. µMPS Project Home Page[3] for information about these other uses is a MMU-simplifed version of MPS designed to be 2 for V systems. more accessible for undergraduate operating system experimentation. Both projects provide network in- 2. V 2 EMULATED HOSTS terface support. Currently several different virtual machines can be used Ale4NET [2]. Application Level Environment for Net- V 2 as the nodes in a system. working (Ale4NET) has just been released in alpha User-Mode Linux (U-ML) [13]. This is a project that version. It is an I/O Virtualization only system: with realizes a complete system virtualization through sys- Ale4NET Unix processes (or groups of processes) can tem trapping. It is a set of patches for the linux kernel join a virtual network. Ale4NET provides neither pro- which defines a new virtual “um” hardware architec- cessor nor system emulation. Instead network calls are ture. A kernel for the “um” architecture is just an diverted to a Ale4NET daemon that gives a completely different perspective of the connectivity. Ale4NET can executable for the host computer which includes the 2 I/O virtualization routines as well as the kernel itself. be used as a bridge to enter a V system from a host Since it runs at user level it does not require any spe- machine at the user-level. In fact, unlike a tuntap cific kernel support from the host machine. Special based solution, Ale4NET virtualizes the network in- attention is given to both security concerns and per- stead of creating an OS accessible interface. There- formance; e.g. the number of threads is purposely kept fore, there is no need for root access to set up net- low and the address space of the emulated kernel is in- work connectivity. Ale4NET traps system call via the accessible by the emulated tasks. the dynamic library preloading technique. The libc interface routines to access system calls are overrid- Qemu [11]. Quoting its author’s web site: “Qemu is a den by Ale4NET functions that trap network accesses. FAST! processor emulation using dynamic translation Ale4NET is IPv4 and IPv6 compatible, including a sin- to achieve good emulation speed.” Qemu is able to gle hybrid stack able to run both families of protocols. run just as a processor or as a complete system virtu- alizer. Running different executables it is possible to 2 3. V VIRTUAL NETWORKS run single executables compiled for different processor 2 architectures in a Linux environment. Furthermore, it V is able to use several networking tools. is possible to start a virtual machine and boot an entire 1. VDE: Virtual Distributed Ethernet [5] This is the operating system. Qemu runs on a number of differ- primary glue for a Virtual Square solution/environment. ent hardware architectures allowing for the running of Based on the idea of virtual switches and virtual crossed i386, ppc, arm and sparc executables. Qemu also pro- cables, VDE is able to create virtual Ethernet compli- vides a virtual machine emulating i386 and ppc based ant distributed networks. VDE supports several kinds architectures. This project is very active with new 2 of V machines (User-Mode Linux, Qemu, Bochs, MPS/µMPS, ports and features announced on a daily base. Finally, Ale4NET) and can be interfaced to the single virtual Qemu runs at user-level and virtualizes completely the world through a tuntap interface or via slirp support. processor architecture. VDE runs at user level, (it needs root access only when Bochs [9]. Bochs is a historically important virtual ma- a tuntap interface is required). VDE can be used as chine project. Bochs runs on several host architectures a general tunnel, a VPN, a tool for mobility, or as a (Linux, MacOS 9/X, and Windows) where it is able way to create a closed encrypted distributed network. to create a complete system virtualization of an i386 Furthermore, it is network protocol transparent: any architecture. Bochs relies on standard emulation tech- protocol able to run on an Ethernet can be supported niques thus it is quite slow when compared to modern by VDE. virtual machines. Bochs runs at user-level and com- pletely virtualizes the processor architecture. 2. Tuntap kernel support Tuntap is a general virtual interface for the linux kernel. Quoting the linux kernel PearPC [7] This project is conceptually similar to Bochs documentation file: “tuntap provides packet reception but implements a PPC architecture instead of an i386 and transmission for user space programs.” It can be PC.
Load more

Recommended publications
  • Effective Virtual CPU Configuration with QEMU and Libvirt
    Effective Virtual CPU Configuration with QEMU and libvirt Kashyap Chamarthy <[email protected]> Open Source Summit Edinburgh, 2018 1 / 38 Timeline of recent CPU flaws, 2018 (a) Jan 03 • Spectre v1: Bounds Check Bypass Jan 03 • Spectre v2: Branch Target Injection Jan 03 • Meltdown: Rogue Data Cache Load May 21 • Spectre-NG: Speculative Store Bypass Jun 21 • TLBleed: Side-channel attack over shared TLBs 2 / 38 Timeline of recent CPU flaws, 2018 (b) Jun 29 • NetSpectre: Side-channel attack over local network Jul 10 • Spectre-NG: Bounds Check Bypass Store Aug 14 • L1TF: "L1 Terminal Fault" ... • ? 3 / 38 Related talks in the ‘References’ section Out of scope: Internals of various side-channel attacks How to exploit Meltdown & Spectre variants Details of performance implications What this talk is not about 4 / 38 Related talks in the ‘References’ section What this talk is not about Out of scope: Internals of various side-channel attacks How to exploit Meltdown & Spectre variants Details of performance implications 4 / 38 What this talk is not about Out of scope: Internals of various side-channel attacks How to exploit Meltdown & Spectre variants Details of performance implications Related talks in the ‘References’ section 4 / 38 OpenStack, et al. libguestfs Virt Driver (guestfish) libvirtd QMP QMP QEMU QEMU VM1 VM2 Custom Disk1 Disk2 Appliance ioctl() KVM-based virtualization components Linux with KVM 5 / 38 OpenStack, et al. libguestfs Virt Driver (guestfish) libvirtd QMP QMP Custom Appliance KVM-based virtualization components QEMU QEMU VM1 VM2 Disk1 Disk2 ioctl() Linux with KVM 5 / 38 OpenStack, et al. libguestfs Virt Driver (guestfish) Custom Appliance KVM-based virtualization components libvirtd QMP QMP QEMU QEMU VM1 VM2 Disk1 Disk2 ioctl() Linux with KVM 5 / 38 libguestfs (guestfish) Custom Appliance KVM-based virtualization components OpenStack, et al.
    [Show full text]
  • QEMU Parameter Jungle Slides
    Finding your way through the QEMU parameter jungle 2018-02-04 Thomas Huth <[email protected]> Legal ● Disclaimer: Opinions are my own and not necessarily the views of my employer ● “Jungle Leaves” background license: CC BY 3.0 US : https://creativecommons.org/licenses/by/3.0/us/ Image has been modified from the original at: https://www.freevector.com/jungle-leaves-vector-background 2 Introduction 3 Why a guide through the QEMU parameter jungle? 4 Why a guide through the QEMU parameter jungle? ● QEMU is a big project, supports lots of emulated devices, and lots of host backends ● 15 years of development → a lot of legacy ● $ qemu-system-i386 -h | wc -l 454 ● People regularly ask about CLI problems on mailing lists or in the IRC channels → Use libvirt, virt-manager, etc. if you just want an easier way to run a VM 5 General Know-How ● QEMU does not distinguish single-dash options from double-dash options: -h = --h = -help = --help ● QEMU starts with a set of default devices, e.g. a NIC and a VGA card. If you don't want this: --nodefaults or suppress certain default devices: --vga none --net none 6 Getting help about the options ● Parameter overview: -h or --help (of course) ● Many parameters provide info with “help”: --accel help ● Especially, use this to list available devices: --device help ● To list parameters of a device: --device e1000,help ● To list parameters of a machine: --machine q35,help 7 e1000 example ● $ qemu-system-x86_64 --device e1000,help [...] e1000.addr=int32 (PCI slot and function¼) e1000.x-pcie-extcap-init=bool (on/off) e1000.extra_mac_registers=bool (on/off) e1000.mac=str (Ethernet 6-byte MAC Address¼) e1000.netdev=str (ID of a netdev backend) ● $ qemu-system-x86_64 --device \ e1000,mac=52:54:00:12:34:56,addr=06.0 8 General Know How: Guest and Host There are always two parts of an emulated device: ● Emulated guest hardware, e.g.: --device e1000 ● The backend in the host, e.g.: --netdev tap Make sure to use right set of parameters for configuration! 9 “Classes” of QEMU parameters ● Convenience : Easy to use, but often limited scope.
    [Show full text]
  • Design and Evaluation of Self-Management Approaches for Virtual Machine-Based Environments
    Fachhochschule Wiesbaden Fachbereich Design Informatik Medien Studiengang Informatik Master-Thesis zur Erlangung des akademischen Grades Master of Science – M.Sc. Design and Evaluation of Self-Management Approaches for Virtual Machine-Based Environments vorgelegt von Dan Marinescu am 29. Februar 2008 Referent: Prof. Dr. Reinhold Kröger Korreferent: Prof. Dr. Steffen Reith II Erklärung gem. BBPO, Ziff. 6.4.2 Ich versichere, dass ich die Master-Thesis selbstständig verfasst und keine anderen als die angegebenen Hilfsmittel benutzt habe. Wiesbaden, 29.02.2008 Dan Marinescu Hiermit erkläre ich mein Einverständnis mit den im Folgenden aufgeführten Verbreitungs- formen dieser Master-Thesis: Verbreitungsform ja nein Einstellung der Arbeit in die √ Bibliothek der FHW Veröffentlichung des Titels der √ Arbeit im Internet Veröffentlichung der Arbeit im √ Internet Wiesbaden, 29.02.2008 Dan Marinescu III IV Contents 1 Introduction 1 2 Background 5 2.1 Virtualization ................................ 5 2.1.1 Taxonomy ............................. 5 2.1.2 Case Study: Xen .......................... 10 2.1.3 Live Migration ........................... 13 2.1.4 Hardware-Assisted Virtualization ................. 16 2.1.5 Management of Vitual Machine Environments .......... 17 2.2 Service Level Management ......................... 20 2.3 Autonomic Computing ........................... 21 2.3.1 Motivation ............................. 21 2.3.2 Taxonomy ............................. 22 2.3.3 Architectural Considerations .................... 23 2.3.4 Examples of Autonomic Computing Systems ........... 24 2.4 Complexity theory and Optimization .................... 25 2.4.1 Introduction to Complexity Theory ................ 25 2.4.2 Complexity Classes ......................... 25 2.4.3 Optimization Problems ....................... 26 2.4.4 The Knapsack Family of Problems ................. 27 2.4.5 Approximation Algorithms ..................... 29 2.4.6 Heuristics .............................. 32 V 3 Analysis 37 3.1 State of the Art ..............................
    [Show full text]
  • Virtual Square: All the Virtuality You Always Wanted but You Were Afraid to Ask
    Virtual Square: all the virtuality you always wanted but you were afraid to ask. Renzo Davoli i Computer Science Department vol Da ALMA MATER STUDIORUM: University of Bologna o Renz eft, yl WorkShop 2007 sul Calcolo e Reti dell'INFN op C 7 Rimini, 10 maggio 2007 00 2 © re ua Sq l ua t Vir Virtual Square VIRTUAL VIRTUAL VIRTUAL SQUARED i VIRTUAL SQUARE vol Da o VIRTUAL VIRTUAL Renz eft, VIRTUAL yl VIRTUAL op C 7 00 2 VIRTUAL © re VIRTUAL ua Sq l ua t Vir VIRTUALITY today ● Virtual Machines – historical topic – lots of papers – lots of tools i vol Da – ... but something is already missing o Renz ● Virtual Networking eft, yl op – less historical C 7 00 2 – several papers © re ua Sq l ua t Vir Virtual Square Virtualization concepts and tools are disconnected. i There is a world of new applications that vol Da can be realized by interoperating, o Renz integrated virtuality eft, yl op C 7 UNIFICATION IS NEEDED 00 2 © re ua Sq l ua t Vir Virtual Square © 2007 Copyleft, Renzo Davoli Vi rtual S qu are Some Examples of VM (free software) ● Qemu: PVM or SVM, User Mode User Access (or dual-mode with KQEMU, proprietary sw). – cross emulation platform (ia32, ia64, ppc, i m68k, sparc, arm...) vol Da o – dynamic translation Renz ● eft, XEN: SVM, Native. yl op C 7 – xen uses para-virtualization (O.S. in domain0 00 2 © has the real device drivers). re ua – (xen ideas come from the Denali project: Sq l ua t SVN, Native, real virtualization).
    [Show full text]
  • Virtual Machine Technologies and Their Application in the Delivery of ICT
    Virtual Machine Technologies and Their Application In The Delivery Of ICT William McEwan accq.ac.nz n Christchurch Polytechnic Institute of Technology Christchurch, New Zealand [email protected] ABSTRACT related areas - a virtual machine or network of virtual machines can be specially configured, allowing an Virtual Machine (VM) technology was first ordinary user supervisor rights, and it can be tested implemented and developed by IBM to destruction without any adverse effect on the corporation in the early 1960's as a underlying host system. mechanism for providing multi-user facilities This paper hopes to also illustrate how VM in a secure mainframe computing configurations can greatly reduce our dependency on environment. In recent years the power of special purpose, complex, and expensive laboratory personal computers has resulted in renewed setups. It also suggests the important additional role interest in the technology. This paper begins that VM and VNL is likely to play in offering hands-on by describing the development of VM. It practical experience to students in a distance e- discusses the different approaches by which learning environment. a VM can be implemented, and it briefly considers the advantages and disadvantages Keywords: Virtual Machines, operating systems, of each approach. VM technology has proven networks, e-learning, infrastructure, server hosting. to be extremely useful in facilitating the Annual NACCQ, Hamilton New Zealand July, 2002 www. Annual NACCQ, Hamilton New Zealand July, teaching of multiple operating systems. It th offers an alternative to the traditional 1. INTRODUCTION approaches of using complex combinations Virtual Machine (VM) technology is not new. It was of specially prepared and configured OS implemented on mainframe computing systems by the images installed via the network or installed IBM Corporation in the early 1960’s (Varian 1997 pp permanently on multiple partitions or on 3-25, Gribben 1989 p.2, Thornton 2000 p.3, Sugarman multiple physical hard drives.
    [Show full text]
  • OLD PRETENDER Lovrenc Gasparin, Fotolia
    COVER STORY Bochs Emulator Legacy emulator OLD PRETENDER Lovrenc Gasparin, Fotolia Gasparin, Lovrenc Bochs, the granddaddy of all emulators, is alive and kicking; thanks to regular vitamin jabs, the lively old pretender can even handle Windows XP. BY TIM SCHÜRMANN he PC emulator Bochs first saw the 2.2.6 version in the Universe reposi- box). This also applies if you want to the light of day in 1994. Bochs’ tory; you will additionally need to install run Bochs on a pre-Pentium CPU, such Tinventor, Kevin Lawton, distrib- the Bximage program. (Bximage is al- as a 486. uted the emulator under a commercial li- ready part of the Bochs RPM for open- After installation, the program will cense before selling to French Linux ven- SUSE.) If worst comes to worst, you can simulate a complete PC, including CPU, dor Mandriva (which was then known always build your own Bochs from the graphics, sound card, and network inter- as MandrakeSoft). Mandriva freed the source code (see the “Building Bochs” face. The virtual PC in a PC works so emulator from its commercial chains, re- leasing Bochs under the LGPL license. Building Bochs If you prefer to build your own Bochs, or an additional --enable-ne2000 parameter Installation if you have no alternative, you will first to configure. The extremely long list of Bochs has now found a new home at need to install the C++ compiler and de- parameters in the user manual [2] gives SourceForge.net [1] (Figure 1). You can veloper packages for the X11 system. you a list of available options.
    [Show full text]
  • Many Things Related to Qubesos
    Qubes OS Many things Many things related to QubesOS Author: Neowutran Contents 1 Wiping VM 2 1.1 Low level storage technologies .................. 2 1.1.1 Must read ......................... 2 1.1.2 TL;DR of my understanding of the issue ........ 2 1.1.3 Things that could by implemented by QubesOS .... 2 2 Create a Gaming HVM 2 2.1 References ............................. 2 2.2 Prerequise ............................. 3 2.3 Hardware ............................. 3 2.4 Checklist .............................. 4 2.5 IOMMU Group .......................... 4 2.6 GRUB modification ........................ 4 2.7 Patching stubdom-linux-rootfs.gz ................ 5 2.8 Pass the GPU ........................... 6 2.9 Conclusion ............................. 6 2.10 Bugs ................................ 6 3 Create a Linux Gaming HVM, integrated with QubesOS 7 3.1 Goals ................................ 7 3.2 Hardware used .......................... 7 3.3 Main steps summary ....................... 7 3.3.1 Detailled steps ...................... 8 3.3.2 Using a kernel provided by debian ............ 8 3.4 Xorg ................................ 8 3.4.1 Pulseaudio ......................... 11 3.5 Final notes ............................ 11 3.6 References ............................. 12 4 Nitrokey and QubeOS 12 5 Recovery: Mount disk 12 6 Disposable VM 13 6.1 Introduction ............................ 14 6.1.1 References ......................... 14 6.1.2 What is a disposable VM? ................ 14 6.2 Playing online video ....................... 14 6.3 Web browsing ........................... 15 6.4 Manipulating untrusted files/data ................ 16 1 6.5 Mounting LVM image ...................... 17 6.6 Replace sys-* VM ......................... 18 6.7 Replace some AppVMs ...................... 18 7 Building a new QubesOS package 18 7.1 References ............................. 18 7.2 Goal ................................ 18 7.3 The software ............................ 19 7.4 Packaging ............................. 19 7.5 Building .............................
    [Show full text]
  • QEMU for Xen Secure by Default
    QEMU for Xen secure by default Deprivileging the PC system emulator Ian Jackson <[email protected]> FOSDEM 2016 with assistance from Stefano Stabellini guest guest Xen PV driver IDE driver Xen PV protocol mmio, dma, etc. qemu Emulated IDE controller Xen PV backend (usually), syscalls (usually) dom0 (usu.dom0) kernel Device driver kernel Device driver PV HVM ... ... ... ... ... from Xen Security Team advisories page, http://xenbits.xen.org/xsa/ Xen on x86 modes, and device model bug implications Current status for users of upstream Xen and distros and future plans Status Device model Notes bugs mean PV Fully supported Safe (no DM) Only modified guests HVM qemu in dom0 Fully supported Vulnerable Current default as root HVM qemu stub DM Upstream but not Safe Ancient qemu qemu-xen-trad. in most distros. Build system problems HVM qemu stub DM In progress Safe Rump build system rump kernel Hard work! is mini distro HVM qemu dom0 Targeting No privilege esc. Defence in depth not as root Xen 4.7 Maybe dom0 DoS Hopefully, will be default Xen on x86 modes, and device model bug implications Current status for users of upstream Xen and distros and future plans Status Device model Notes bugs mean PV Fully supported Safe (no DM) Only modified guests HVM qemu in dom0 Fully supported Vulnerable Current default as root HVM qemu stub DM Upstream but not Safe Ancient qemu qemu-xen-trad. in most distros. Build system problems HVM qemu stub DM In progress Safe Rump build system rump kernel Hard work! is mini distro HVM qemu dom0 Targeting No privilege esc.
    [Show full text]
  • Hyperlink: Virtual Machine Introspection and Memory Forensic Analysis Without Kernel Source Code Jidong Xiao Boise State University
    Boise State University ScholarWorks Computer Science Faculty Publications and Department of Computer Science Presentations 1-1-2016 HyperLink: Virtual Machine Introspection and Memory Forensic Analysis without Kernel Source Code Jidong Xiao Boise State University Lei Lu VMware Inc. Haining Wang University of Delaware Xiaoyun Zhu Futurewei Technologies © 2016 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works. doi: 10.1109/ICAC.2016.46 HyperLink: Virtual Machine Introspection and Memory Forensic Analysis without Kernel Source Code Jidong Xiao∗, Lei Luy, Haining Wangz, Xiaoyun Zhux ∗Boise State University, Boise, Idaho, USA yVMware Inc., Palo Alto, California, USA zUniversity of Delaware, Newark, Delaware, USA xFuturewei Technologies, Santa Clara, California, USA Abstract— Virtual Machine Introspection (VMI) is an ap- nel rootkit detection [8], [9], kernel integrity protection [10], proach to inspecting and analyzing the software running inside a and detection of covertly executing binaries [11]. Being the virtual machine from the hypervisor. Similarly, memory forensics main enabling technology for cloud computing, virtualiza- analyzes the memory snapshots or dumps to understand the tion allows us allocating finite hardware resources among runtime state of a physical or virtual machine. The existing VMI a large number of software systems and programs. As the and memory forensic tools rely on up-to-date kernel information key component of virtualization, a hypervisor runs directly of the target operating system (OS) to work properly, which often requires the availability of the kernel source code.
    [Show full text]
  • Introduction to Virtualization Virtualization
    Introduction to Virtualization Prashant Shenoy Computer Science CS691D: Hot-OS Lecture 2, page 1 Virtualization • Virtualization: extend or replace an existing interface to mimic the behavior of another system. – Introduced in 1970s: run legacy software on newer mainframe hardware • Handle platform diversity by running apps in VMs – Portability and flexibility Computer Science CS691D: Hot-OS Lecture 2, page 2 Types of Interfaces • Different types of interfaces – Assembly instructions – System calls – APIs • Depending on what is replaced /mimiced, we obtain different forms of virtualization Computer Science CS691D: Hot-OS Lecture 2, page 3 Types of Virtualization • Emulation – VM emulates/simulates complete hardware – Unmodified guest OS for a different PC can be run • Bochs, VirtualPC for Mac, QEMU • Full/native Virtualization – VM simulates “enough” hardware to allow an unmodified guest OS to be run in isolation • Same hardware CPU – IBM VM family, VMWare Workstation, Parallels,… Computer Science CS691D: Hot-OS Lecture 2, page 4 Types of virtualization • Para-virtualization – VM does not simulate hardware – Use special API that a modified guest OS must use – Hypercalls trapped by the Hypervisor and serviced – Xen, VMWare ESX Server • OS-level virtualization – OS allows multiple secure virtual servers to be run – Guest OS is the same as the host OS, but appears isolated • apps see an isolated OS – Solaris Containers, BSD Jails, Linux Vserver • Application level virtualization – Application is gives its own copy of components that are not shared • (E.g., own registry files, global objects) - VE prevents conflicts – JVM Computer Science CS691D: Hot-OS Lecture 2, page 5 Examples • Application-level virtualization: “process virtual machine” • VMM /hypervisor Computer Science CS691D: Hot-OS Lecture 2, page 6 The Architecture of Virtual Machines J Smith and R.
    [Show full text]
  • Virtualizing Servers with Xen
    Virtualization Xen Features Escalabilidade Performance QoS Implementation Future Virtualizing servers with Xen Evaldo Gardenali VI International Conference of Unix at UNINET Virtualization Xen Features Escalabilidade Performance QoS Implementation Future Outline Virtualization Xen Features Scalability Performance Quality of Service Implementation Future of Xen Virtualization Xen Features Escalabilidade Performance QoS Implementation Future Overview Why? Support heterogeneous environments: Linux r 2.4 e 2.6, NetBSD r , Plan9 r FreeBSD r , OpenSolaris r Consolidate work Legacy Systems Gradual Upgrade Service Isolation Quality of Service Isolated testing and development Ease of administration Ease of relocation and migration Virtualization Xen Features Escalabilidade Performance QoS Implementation Future Virtualization Techniques Single System Image: Ensim r , Vservers, CKRM, VirtuozzoTM, BSD r jail(), Solaris r Zones √ Groups processes in “resource containers” Hard to get isolation × Emulation: QEMU, Bochs √ Portable Extremely slow × Virtualization: VMware r , VirtualPC r √ Runs unmodified Operating Systems Virtualizing x86 is inefficient × User Mode Kernel: User Mode Linux, CoLinux Guest runs as a process on the host OS × Low performance (I/O, context switches) × Paravirtualization: Xen r , Denali √ Excellent performance Requires port to special architecture × Virtualization Xen Features Escalabilidade Performance QoS Implementation Future Virtualization Techniques Single System Image: Ensim r , Vservers, CKRM, VirtuozzoTM, BSD r jail(), Solaris
    [Show full text]
  • Internetworking with TCP/IP
    Internetworking With TCP/IP Douglas Comer Computer Science Department Purdue University 250 N. University Street West Lafayette, IN 47907-2066 http://www.cs.purdue.edu/people/comer Copyright 2005. All rights reserved. This document may not be reproduced by any means without written consent of the author. PART I COURSE OVERVIEW AND INTRODUCTION Internetworking With TCP/IP vol 1 -- Part 1 1 2005 Topic And Scope Internetworking: an overview of concepts, terminology, and technology underlying the TCP/IP Internet protocol suite and the architecture of an internet. Internetworking With TCP/IP vol 1 -- Part 1 2 2005 You Will Learn Terminology (including acronyms) Concepts and principles ± The underlying model ± Encapsulation ± End-to-end paradigm Naming and addressing Functions of protocols including ARP, IP, TCP, UDP, SMTP, FTP, DHCP, and more Layering model Internetworking With TCP/IP vol 1 -- Part 1 3 2005 You Will Learn (continued) Internet architecture and routing Applications Internetworking With TCP/IP vol 1 -- Part 1 4 2005 What You Will NOT Learn A list of vendors, hardware products, software products, services, comparisons, or prices Alternative internetworking technologies (they have all disappeared!) Internetworking With TCP/IP vol 1 -- Part 1 5 2005 Schedule Of Topics Introduction Review of ± Network hardware ± Physical addressing Internet model and concept Internet (IP) addresses Higher-level protocols and the layering principle Examples of internet architecture Internetworking With TCP/IP vol 1 -- Part 1 6 2005 Schedule Of Topics
    [Show full text]