Select Page

Deep Dive in Virtualization

One idea for the virtualization framework is what is called Full Virtualization. In full virtualization the idea is to leave the operating system pretty much untouched so you can run the unchanged binary of the operating system on top of the hypervisor. This is called full virtualization because the operating system is completely untouched. Nothing has been changed. Not even a single line of code is modified in these operating systems in order to run on the hypervisor simultaneously.

The Trap and Emulate Strategy

We have to be a little bit clever to get this to work, however. Operating systems running on top of the hypervisor are run as user-level processes. They are not running at the same level of privilege as a Linux operating system that is running on bare metal. But if the operating system code is unchanged, it doesn’t know that it does not have the privilege for doing certain things that it would do normally on bare metal hardware. In other words, when the operating system executes some privileged instructions, meaning they have to be in a privileged mode or kernel mode to run on bare metal in order to execute those instructions, those instructions will create a trap that goes into the hypervisor and the hypervisor will then emulate the intended functionality of the operating system. This is what is called the trap and emulate strategy.

Deep Dive in Virtualization

Essentially, each operating system thinks it is running on bare metal, and therefore it does exactly what it would have done on a bare-metal processor. This means that it will try to execute certain privileged instructions thinking it has the right privilege. But it does not have the right privilege, because it is run as a user-level process on top of the hypervisor. Therefore, when they try to do something that requires a high level of privilege than the user level, it will result in a trap into the hypervisor, and the hypervisor will then emulate the intended functionality of the particular operating system.

Issues with the Trap and Emulate Strategy

There are some thorny issues with this trap and emulate strategy of full virtualization. That is in some architectures, some privilege instructions may fail silently. What that means is, you would think that the instruction actually succeeded, but it did not, and you may never know about it.

How to Get Around This Problem

In fully virtualized systems, the hypervisor will resort to a binary translation strategy. It knows what are the things that might fail silently in the architecture. It looks for those gotchas in each of these individual binaries of the unmodified guest operating systems and through binary editing strategy they will ensure that those instructions are dealt with carefully. So that if those instructions fail silently, the hypervisor can catch it and take the appropriate action.

This was a problem in early instances of Intel architecture. Both Intel and AMD have since started adding virtualization support to the hardware so that such problems don’t exist anymore. But in the early going, when virtualization technology was first experimented with, in the late 90’s and the early 2000s, this was a problem that virtualization technology had to overcome in order to make sure that you can run operating systems as unchanged binaries on a fully virtualized hypervisor. Full virtualization is the technology that is employed in the VMware system.

Malvertising: The Dark Side of Online Advertising

Malvertising: The Dark Side of Online Advertising

Malvertising—once a shadowy threat lurking on the fringes of cybersecurity discourse—has emerged as a formidable adversary, directly targeting enterprises in the digital arena. As businesses increasingly rely on online advertising to connect with their audience,...

Conti Ransomware: In-Depth Technical Breakdown

Conti Ransomware: In-Depth Technical Breakdown

Conti ransomware has earned notoriety, notably for its involvement in the Costa Rican government hack. Operating as a ransomware-as-a-service (RaaS) group, Conti specializes in infiltrating networks, encrypting crucial data, and extorting exorbitant sums of money. In...

Supply Chain Attack: The Achilles’ Heel of Enterprise Security

Supply Chain Attack: The Achilles’ Heel of Enterprise Security

Supply chain attacks have emerged as a formidable threat vector in the landscape of cybercrime, posing significant risks to enterprises of all sizes and industries. Among the various tactics employed by threat actors, ransomware attacks leveraging supply chain...

How to Set Up S3 Object Storage for Veeam Data Platform

How to Set Up S3 Object Storage for Veeam Data Platform

Veeam v12 introduced Direct-to-Object storage, enabling S3 object storage as the primary backup repository. Prior to this, S3 object storage integration relied on Veeam's Scale-Out Backup Repository (SOBR), using a performance tier and a capacity tier, which extended...

Watering Hole Attacks Unveiled: A Comprehensive Cyberthreat Overview

Watering Hole Attacks Unveiled: A Comprehensive Cyberthreat Overview

Watering hole attacks, akin to their namesake in the natural world where predators strategically position themselves near watering holes to intercept prey, have become a significant peril in the digital realm. In the vast landscape of cybersecurity, understanding the...

You May Also Like

Subscribe To Our Newsletter

Join our mailing list to receive the latest news, updates, and promotions from StoneFly.

Please Confirm your subscription from the email