Select Page

Deep Dive in Virtualization

One idea for the virtualization framework is what is called Full Virtualization. In full virtualization the idea is to leave the operating system pretty much untouched so you can run the unchanged binary of the operating system on top of the hypervisor. This is called full virtualization because the operating system is completely untouched. Nothing has been changed. Not even a single line of code is modified in these operating systems in order to run on the hypervisor simultaneously.

The Trap and Emulate Strategy

We have to be a little bit clever to get this to work, however. Operating systems running on top of the hypervisor are run as user-level processes. They are not running at the same level of privilege as a Linux operating system that is running on bare metal. But if the operating system code is unchanged, it doesn’t know that it does not have the privilege for doing certain things that it would do normally on bare metal hardware. In other words, when the operating system executes some privileged instructions, meaning they have to be in a privileged mode or kernel mode to run on bare metal in order to execute those instructions, those instructions will create a trap that goes into the hypervisor and the hypervisor will then emulate the intended functionality of the operating system. This is what is called the trap and emulate strategy.

Deep Dive in Virtualization

Essentially, each operating system thinks it is running on bare metal, and therefore it does exactly what it would have done on a bare-metal processor. This means that it will try to execute certain privileged instructions thinking it has the right privilege. But it does not have the right privilege, because it is run as a user-level process on top of the hypervisor. Therefore, when they try to do something that requires a high level of privilege than the user level, it will result in a trap into the hypervisor, and the hypervisor will then emulate the intended functionality of the particular operating system.

Issues with the Trap and Emulate Strategy

There are some thorny issues with this trap and emulate strategy of full virtualization. That is in some architectures, some privilege instructions may fail silently. What that means is, you would think that the instruction actually succeeded, but it did not, and you may never know about it.

How to Get Around This Problem

In fully virtualized systems, the hypervisor will resort to a binary translation strategy. It knows what are the things that might fail silently in the architecture. It looks for those gotchas in each of these individual binaries of the unmodified guest operating systems and through binary editing strategy they will ensure that those instructions are dealt with carefully. So that if those instructions fail silently, the hypervisor can catch it and take the appropriate action.

This was a problem in early instances of Intel architecture. Both Intel and AMD have since started adding virtualization support to the hardware so that such problems don’t exist anymore. But in the early going, when virtualization technology was first experimented with, in the late 90’s and the early 2000s, this was a problem that virtualization technology had to overcome in order to make sure that you can run operating systems as unchanged binaries on a fully virtualized hypervisor. Full virtualization is the technology that is employed in the VMware system.

Recent Posts

DDoS Attacks Decoded: Defending Against Modern Cyber Onslaughts

DDoS Attacks Decoded: Defending Against Modern Cyber Onslaughts

In the vast realm of cybersecurity, few threats are as pervasive and disruptive as Distributed Denial of Service (DDoS) attacks. These orchestrated assaults on digital infrastructure can bring organizations to their knees, disrupting services, tarnishing reputations,...

Veeam-Ready Appliance with Immutable / WORM Storage

Veeam-Ready Appliance with Immutable / WORM Storage

For queries, quotes, & demos fill out this formWrite Once Read Many (WORM) storage repositories ensure security, simplify compliance and protect mission-critical backup data from threats such as ransomware,...

Botnets Unveiled: Navigating the Underworld of Cyber Threats

Botnets Unveiled: Navigating the Underworld of Cyber Threats

In today's interconnected digital landscape, where data is the lifeblood of businesses and individuals alike, cybersecurity has never been more critical. It's a world where cyber threats loom large, and among them, botnets stand out as a particularly menacing...

Remote Access Trojans (RATs): The Silent Invaders of Cybersecurity

Remote Access Trojans (RATs): The Silent Invaders of Cybersecurity

In the dynamic landscape of cybersecurity, one malicious entity has been silently making its presence felt - Remote Access Trojans, or RATs. These stealthy and malicious software pieces operate in the shadows, infiltrating systems, and granting unauthorized access to...

You May Also Like

Subscribe To Our Newsletter

Join our mailing list to receive the latest news, updates, and promotions from StoneFly.

Please Confirm your subscription from the email