Virtualization is rocket science. In cooperation with the host operating system, VMware takes over complete control of the machine hundreds of times a second, handles pagetables completely manually, and may chose to wire (make-non-pageable) as much memory as it chooses. This talk explains why it still works. In 1999, VMware was the first virtualization solution for x86. 7 years later, there are only two competitors: Microsoft with VirtualPC (by dynarec genius Eric Traut of Apple DR fame) and that obscure Russian company that seems to offer the same product unter 3 different names (SVISTA, 2ON2, Parallels). The open source plex86 by Bochs creator Kevin Lawton failed. All this suggests that x86 virtualization is rocket science. This talk first summarizes some basic operating system features, like scheduling, managing page tables, and providing a system call interface, in order to have a common basis that can be talked about. The main part is about the tricks a conventional virtualization solution has to apply to run the guest operating system as a user mode process: The virtual machine monitor (VMM) has to set up address spaces for guest code, handle two-level pagetables, switch between the host and the guest(s), trap I/O accesses, and help cooperate in memory management between the host and the guest(s). The third part of the talk explains why the x86 architecture is not strictly virtualizable, what tricks VMware, VirtualPC and Parallels use to still make it possible, and what in what way Intel VT (Vanderpool) and AMD SVN (Pacifica) help to make x86 virtualization easier or possibly more efficient.
Secdocs is a project aimed to index high-quality IT security and hacking documents. These are fetched from multiple data sources: events, conferences and generally from interwebs.
Serving 8166 documents and 531.0 GB of hacking knowledge, indexed from 2419 authors from 163 security conferences.