Hardware Trends1

Leendert van Doorn IBM Research leendert@watson..com

Abstract As is rolling out its Vanderpool processor virtualization technology and AMD its Secure technology, we are only seeing the first wave of processor virtualization assists. Over the next few years the x86 space will change dramatically. We will see the introduction of massive multi-core, 64-bit, 2nd generation processor virtualization capabilities, I/O isolation capabilities, and hardware security assists. Both Intel and AMD are differentiating their processors by providing enhancements that enable you to run multiple virtual machines in such a way that the guest is unaware that it is being virtualized. Ironically, largely because these technologies have been unavailable for so long, Linux and Windows are going into a different direction: . With paravirtualization the guest collaborates closely with the virtual machine monitor through a set of well defined software interfaces. This approach does not require any new hardware features at all and has the potential of performing much better. So, this raises an interesting dilemma: Some of the new virtualization capabilities may already be obsolete before they are brought to market. In this talk I will discuss the new virtualization technologies that will be introduced over the next few years, how they help virtualization, what challenges they pose and how these virtualization technologies will likely consolidate.

Bio Leendert van Doorn is a senior manager at IBM's T.J. Watson Research Center where he manages the secure systems and security analysis departments. He received his Ph.D. from the Vrije Universiteit in Amsterdam where he worked on the design and implementation of microkernels. Nowadays his research interests include FIPS 140-2 level 4 physically secure coprocessors, trusted systems, and virtualization. Leendert is actively involved in IBM's virtualization strategy, he is one of the IBM open virtualization architects, leading IBM's secure and trusted virtual initiatives, and he is on the board of directors for the Trusted Computing Group. Despite all these distractions, he still contributes code to the open source hypervisor such as the recent integrated support code for AMD Pacific and Intel VT-x. When conference calls and meetings are getting too much for him, he is known to find refuge at CMU where he collaborates with his students.

1 This talk is based on publicly available information, either from published processor manuals, white papers, presentations and source code from open source projects such as Xen.

Copyright is held by the author/owner(s). VEE’06 June 14–16, 2006, Ottawa, Ontario, Canada. ACM 1-59593-332-6/06/0006.

45