zoukankan      html  css  js  c++  java
  • Xen Memory Management

    • All low-level memory operations go through Xen.
    • Guest OSes are responsible for allocating and initializing PTs for processes (restricted to read only access)
      • allocates and initialize a page and register it with Xen to serve as the new PT
    • Direct page writes are intercepted, validated and applied by the Xen VMM
      • update can be batched into a single hypercall (reduce cost of entering/exiting Xen)
    • page_info struct associated with each machine page frame
      • page type (none, l1, l2, l3, l4, LDT, GDT, RW)
      • reference count – number of references to the page
      • page frame can be reused only when unpinned and its reference count is zero
    • Each domain has a maximum and current memory allocation
      • max allocation is set at domain creation time and cannot be modified
    • PT updates
      • hypercall –> mmu_update()
      • writable page tables –> vm_assist()
    • Xen exists in the top 64MB (0xFC000000 – 0xFFFFFFFF) section of every guest virtual address space (TLB flush avoided when entering/leaving the hypervisor)
      • not accessible or remappable by guest OSes.
    • “fast handler” for system calls - direct access from app into guest OS, without going through Xen
      • muse execute outside Ring 0
    • Each guest supports a “ballon” memory management driver - that is used by the VMM to dynamically adjust the guest’s memory usage
    • Page fault handling
      • faulting address is written into an extended stack frame on the guest OS stack (normally the faulting address is read from a privileged processor register (CR2))
    • In terms of page protection, Ring1/2 are considered to be part of ‘supervisor mode’. The WP bit in CR0 controls whether read-only restrictions are respected in supervisor mode – if the bit is clear then any mapped page is writable. Xen gets around this by always setting the WP bit and disallowing updates to it. xen/arch/x86/boot/x86_32.S#153
    • Xen provides a domain with a list of machine frames during bootstrapping, and it is the domain’s responsibility to create the pseudo-physical address space from this

    No guarantee that a domain will receive a contiguous stretch of physical memory. Most OSes do not have good support for operating in a fragmented physical address space.

    • Machine memory
      • entire amount of memory installed in the machine (physical memory)
      • 4kB machine page frames numbered consecutively starting from 0.
    • Pseudo-physical memory
      • per-domain abstraction.
      • allows a guest OS to consider its memory allocation to consist of a contiguous range of physical page frames starting at physical frame 0.
    • machine-to-physical table
      • globally readable table maintained by Xen
      • records the mapping from machine addresses to pseudo-physical addresses
      • table size is proportional to the amount of RAM installed in the machine
    • physical-to-machine table
      • per-domain table which performs the inverse (physical-to-machine) mapping.
      • table size is proportional to the memory allocation of the given domain.

    (XEN) VIRTUAL MEMORY ARRANGEMENT (for DOM0)
    (XEN) Loaded kernel: c0100000→c042e254
    (XEN) Init. ramdisk: c042f000→c07fca00
    (XEN) Phys-Mach map: c07fd000→c086e894 == 454 MB (as can be verified by: xm list)
    (XEN) Start info: c086f000→c0870000
    (XEN) Page tables: c0870000→c0874000 == 16 MB
    (XEN) Boot stack: c0874000→c0875000
    (XEN) TOTAL: c0000000→c0c00000 
    (XEN) ENTRY ADDRESS: c0100000


    x86-32 Xen supports only guests with 2-level page tables. PGD = l2, PTE =l1


    How to intercept interrupts from guest domains
    http://lists.xensource.com/archives/html/xen-devel/2006-09/msg00597.html
    http://lists.xensource.com/archives/html/xen-devel/2006-09/msg00604.html

    Page fault handling for Xen guests
    http://lists.xensource.com/archives/html/xen-devel/2006-02/msg00263.html

    show pagetable walk if guest cannot handle page
    http://lists.xensource.com/archives/html/xen-devel/2006-09/msg00612.html

    Memory management, mapping, paging questions...
    http://lists.xensource.com/archives/html/xen-devel/2006-10/msg01151.html

    Information related to shadowing
    http://lists.xensource.com/archives/html/xen-devel/2006-11/msg00319.html
    http://lists.xensource.com/archives/html/xen-devel/2006-11/msg00793.html
    http://lists.xensource.com/archives/html/xen-devel/2006-11/msg00802.html

    How to intercept memory operation in Xen
    http://lists.xensource.com/archives/html/xen-devel/2006-11/msg00659.html
    http://lists.xensource.com/archives/html/xen-devel/2006-11/msg00664.html
    http://lists.xensource.com/archives/html/xen-devel/2006-11/msg00717.html

    alert message from dom0 to domU
    http://lists.xensource.com/archives/html/xen-devel/2006-12/msg00967.html

    Share Memory Between DomainU and Domain0
    http://lists.xensource.com/archives/html/xen-devel/2006-12/msg01008.html

    Call hypercall straightly from user space
    http://lists.xensource.com/archives/html/xen-devel/2006-12/msg01061.html


    xen/arch/x86/traps.c#do_page_fault –> fixup_page_fault –> mm.c#ptwr_do_page_fault


    xen-3.0.2-2/xen/arch/x86/setup.c#__start_xen()
                    |                                 \
                    v                                  \
    xen-3.0.2-2/xen/common/domain.c#domain_create()     \
                    |                                    \
                    v                                     \
    xen-3.0.2-2/xen/arch/x86/domain.c#arch_domain_create() \
                                                            \
                                                             v
                    xen-3.0.2-2/xen/arch/x86/domain_build.c#construct_dom0()
    
    Xen-ELF image vmlinux-syms-2.6.16-xen has a special'__xen_guest' section
    
    
    Xen hypercall table:
    /xen-3.0.2-2/xen/arch/x86/x86_32/entry.S
    
    
    #I think this is called when DOM0 attempts to create a DOMU
    xen-3.0.2-2/xen/common/dom0_ops.c#do_dom0_op()
    
    
    
    
    trousers-0.2.7/src/tspi/spi_tpm.c#Tspi_TPM_Quote()
                    |
                    v
    trousers-0.2.7/src/tcsd_api/calltcsapi.c#TCSP_Quote()
                    |
                    v
    trousers-0.2.7/src/tcsd_api/tcstp.c#TCSP_Quote_TP()
                    |
                    v
    trousers-0.2.7/src/tcsd_api/tcstp.c#sendTCSDPacket()

    原文:https://wiki.cs.dartmouth.edu/nihal/doku.php/xen:memory

    一.x86_64是怎么嵌入到Dom0的线性空间的
    IA32是通过段保护机制做到的:高64M为Ring-0的Xen空间;
    1G-64M为Kernel的Ring-1空间;
    其他的3G给Application

    x86_64没有段保护机制,必须用页保护机制:2^64-2^47 --> 2^64 == 内核空间
    0 --> 2^47 == 用户空间
    中间空的部分可以作为他用 == 被Xen用了

    二.Xen采用直接模式 == Guest OS使用自己的页表直接访问HPA
    方法: 页表里的内容为HPA;页表项Guest OS只可读;普通的页Guest OS可直接读写。
    一旦更新引起Page异常。如果想要更新/操作页表,可以调用相应的Hypercall。
    VMM也能保证Guest OS只能访问自己的内存。

    Guest OS操作内存的流程:
    1.Guest OS访问一个新内存地址(GVA),PageFault ==> 更新Guest OS的页表
    2.Guest OS先找到页表的GPA,VMM根据GPA找到该GPA对应的HPA(通过P2M)
    ==> 相当于页表更新,调用页表更新的Hypercall(GPA,HPA)
    3.如果子页表不存在,需要挂接该子页
    ==> 相当于页表挂接操作,调用页表操作的Hypercall(线性地址,HPA)
    4.访问该PT表,重复以上2-3步,最终得到一个GVA==>HPA的地址

    三.可写页表
    由于对页表的操作开销比较大(每次都要进行Hypercall调用),在某些情况下可以改进它()。
    方法是:先把页表(实际上只要把总表PD表)拿下来,不让别人访问,把它作为Guest OS的普通的可读写页
    Guest OS随便更改,很多次更改完成后,最后提交给Hypercall,让VMM一次完全的完成更新操作。
    前提:PAE模式。因为PDE只有一个PD页。

    四.Balloon驱动(存在的Dom0和DomU中)
    为Dom0和DomU申请/释放内存
    可以查看自己和全Machine的内存状况
    Balloon驱动根据设置在XenStore的中的目标值来自动调整它的内存的大小。

    五.共享页是怎么实现的
    Start Info Page(包括里面的内容)是VMM在Domain初始化时拼成的,它的内容包括了Shared Info Page和XenStore的连接,进入Domain的前几件事就是把本Doamin的Shared Info Page利用页表更新上真正VMM已经分配了的存在Start Info Page。
    HVM的PV驱动(主要是)当然也要用Shared Info Page,它的Shared Info Page是自己拼成的。

    4.就算是Dom0利用VT-x不也很好吗,用了吗?
    没有用,半虚拟化不需要用VT-x技术,目的是为了提高系统的性能
    5.PAE模式是什么,有什么影响
    物理地址扩展 (PAE) 允许将最多64GB 的物理内存用作常规的4KB 页面,并扩展内核能使用的位数以将物理内存地址从32扩展到36。

    Dom0只有在迁移的时候才用到影子页表,其他时候都用直接访问物理内存。

    注释:
    gpfn/gfn: guset page frame number 客户物理页面号(客户操作系统使用gpfn/gfn对客户物理地址空间寻址)
    mfn: machine page frame number 机器页面号
    smfn: machine page frame number for shadow pages shadow页面所在的机器页面号
    l1e: level 1 page table entry 
    gl1e: level 1 guest page table entry
    sl1e: level 1 shadow page table entry 一级shadow页表项
    PV: para-virtualization
    HVM: Hardware assistant Virtual Machine

     
  • 相关阅读:
    P3970 [TJOI2014]上升子序列
    受欢迎的牛(Tarjan缩点模板)
    Y15BeTa的乱搞方法(占坑待填)
    Luogu P4145 上帝造题的七分钟2 / 花神游历各国
    Luogu P1525 【关押罪犯】
    Luogu P1077 摆花 NOIP2012pjT3
    Nowcoder deco的abs
    CSP-S前的芝士清单
    普天同庆
    线段树区改区查标记永久化板子
  • 原文地址:https://www.cnblogs.com/feisky/p/2439067.html
Copyright © 2011-2022 走看看