CS3451 Introduction to Operating Systems 2023

UNIT 5
VIRTUAL MACHINES AND MOBILE OS
Virtual Machines – History, Benefits and Features, Building Blocks, Types of Virtual
Machines and their Implementations, Virtualization and Operating-System Components;
Mobile OS - iOS and Android.

5.1 VIRTUAL MACHINES – HISTORY, BENEFITS AND FEATURES

5.1.1 What is Virtual Machine

 A virtual machine (VM) is a virtual environment which functions as a virtual computer

system with its own CPU, memory, network interface, and storage, created on a physical
hardware system.
 A piece of software called a hypervisor, or virtual machine manager, lets you run different
operating systems on different virtual machines at the same time.
 Virtual machine implementations involve several components. At the base is the host, the
underlying hardware system that runs the virtual machines.
 The virtual machine manager (VMM) (also known as a hypervisor) creates and runs
virtual machines by providing an interface that is identical to the host
 Each guest process is provided with a virtual copy of the host (Figure 5.1).

Fig 5.1: System Models (a) Nonvirtual Machine (b) Virtual Machine

 Usually, the guest process is in fact an operating system.

 A single physical machine can thus run multiple operating systems concurrently, each in its
own virtual machine.

Department of CSE Page 5.1

 CS3451 Introduction to Operating Systems 2023

5.1.2 Implementation of VMM

The implementation of VMMs varies greatly. Options include the following:

 Hardware-based solutions that provide support for virtual machine creation and
management via firmware.

Type 0 hypervisors

 These VMMs, which are commonly found in mainframe and large to midsized servers,
are generally known as type 0 hypervisors.
 IBM LPARs and Oracle LDOMs are examples

Type 1 hypervisors.

 Operating-system-like software built to provide virtualization, including VMware ESX

(mentioned above), Joyent SmartOS, and Citrix XenServer. These VMMs are known as
type 1 hypervisors.
 General-purpose operating systems that provide standard functions as well as VMM
functions, including Microsoft Windows Server with HyperV and Red Hat Linux with
the KVM feature. Because such systems have a feature set similar to type 1 hypervisors,
they are also known as type 1. •

Type 2 hypervisors

 Applications that run on standard operating systems but provide VMM features to guest
operating systems.
 These applications, which include VMware Workstation and Fusion, Parallels Desktop,
and Oracle VirtualBox, are type 2 hypervisors.

Paravirtualization

 Paravirtualization, a technique in which the guest operating system is modified to work in

cooperation with the VMM to optimize performance.

Programming-environment virtualization

 Programming-environment virtualization, in which VMMs do not virtualize real hardware

but instead create an optimized virtual system.
 This technique is used by Oracle Java and Microsoft.Net.

Emulators

 Emulators that allow applications written for one hardware environment to run on a very
different hardware environment, such as a different type of CPU.

Department of CSE Page 5.2

 CS3451 Introduction to Operating Systems 2023

Application Containment

 Application containment, which is not virtualization at all but rather provides

virtualization-like features by segregating applications from the operating system.
 Oracle Solaris Zones, BSD Jails, and IBM AIX WPARs “contain” applications, making
them more secure and manageable.

5.1.2 HISTORY

 Virtual machines first appeared commercially on IBM mainframes in 1972. Virtualization

was provided by the IBM VM operating system. This system has evolved and is still
available.
 IBM VM/370 divided a mainframe into multiple virtual machines, each running its own
operating system.
 A major difficulty with the VM approach involved disk systems.

❖ Suppose that the physical machine had three disk drives but wanted to support seven
virtual machines. Clearly, it could not allocate a disk drive to each virtual machine.

 The solution was to provide virtual disks—termed minidisks in IBM’s VM operating

system.
 The minidisks were identical to the system’s hard disks in all respects except size. The
system implemented each minidisk by allocating as many tracks on the physical disks as
the minidisk needed.
 Once the virtual machines were created, users could run any of the operating systems or
software packages that were available on the underlying machine.

5.1.3 The virtualization requirements

 Fidelity.
AVMM provides an environment for programs that is essentially identical to the
original machine.
 Performance.
Programs running within that environment show only minor performance
decreases.
 Safety.
The VMM is in complete control of system resources.
 By the late 1990s, Intel 80x86 CPUs had become common, fast, and rich in features.
 Both Xen and VMware created technologies, still used today, to allow guest operating
systems to run on the 80x86.
 Virtualization has expanded to include all common CPUs, many commercial and open
source tools, and many operating systems.

Department of CSE Page 5.3

 CS3451 Introduction to Operating Systems 2023

 For example, the open-source VirtualBox project (http://www.virtualbox.org) provides a

program that runs on Intel x86 and AMD 64 CPUs and on Windows, Linux, macOS, and
Solaris host operating systems.
 Possible guest operating systems include many versions of Windows, Linux, Solaris, and
BSD, including even MS-DOS and IBM OS/2.

5.2 BENEFITS AND FEATURES

 One important advantage of virtualization is that the host system is protected from the
virtual machines, just as the virtual machines are protected from each other.
 A virus inside a guest operating system might damage that operating system but is
unlikely to affect the host or the other guests.
 Since each virtual machine is almost completely isolated from all other virtual
machines, there are almost no protection problems.
 A potential disadvantage of isolation is that it can prevent sharing of resources.
 Two approaches to providing sharing have been implemented.

❖ First, it is possible to share a file-system volume and thus to share files.

❖ Second, it is possible to define a network of virtual machines, each of which can

send information over the virtual communications network.

 One feature common to most virtualization implementations is the ability to freeze, or

suspend, a running virtual machine.
 Many operating systems provide that basic feature for processes, but VMMs go one
step further and allow copies and snapshots to be made of the guest. The copy can be
used to create a new VM or to move a VM from one machine to another with its current
state intact.
 The guest can then resume where it was, as if on its original machine, creating a clone.
The snapshot records a point in time, and the guest can be reset to that point if necessary
(for example, if a change was made but is no longer wanted).
 A virtual machine system is a perfect vehicle for operating-system research and
development.
 The operating system runs on and controls the entire machine, so the system must be
stopped and taken out of use while changes are made and tested. This period is
commonly called system-development time.
 A virtual-machine system can eliminate much of this latter problem. System
programmers are given their own virtual machine, and system development is done on
the virtual machine instead of on a physical machine.
 Another advantage of virtual machines for developers is that multiple operating systems
can run concurrently on the developer’s workstation. This virtualized workstation allows
for rapid porting and testing of programs in varying environments.

Department of CSE Page 5.4

 CS3451 Introduction to Operating Systems 2023

 In addition, multiple versions of a program can run, each in its own isolated operating
system, within one system.
 A major advantage of virtual machines in production data-centre use is system
consolidation, which involves taking two or more separate systems and running them in
virtual machines on one system. Such physical-to-virtual conversions result in resource
optimization, since many lightly used systems can be combined to create one more
heavily used system.
 A virtual environment might include 100 physical servers, each running 20 virtual
servers. Without virtualization, 2,000 servers would require several system administrators.
With virtualization and its tools, the same work can be managed by one or two
administrators
.
1. One of the tools that make this possible is templating, in which one
standard virtual machine image, including an installed and configured guest
operating system and applications, is saved and used as a source for multiple
running VMs.
2. Other features include managing the patching of all guests, backing up and
restoring the guests, and monitoring their resource use.

 Virtualization can improve not only resource utilization but also resource management.
 Some VMMs include a live migration feature that moves a running guest from one
physical server to another without interrupting its operation or active network connections.
 Virtualization has laid the foundation for many other advances in computer facility
implementation, management, and monitoring.
 Cloud computing, for example, is made possible by virtualization in which resources
such as CPU, memory, and I/O are provided as services to customers using Internet
technologies.

5.3 BUILDING BLOCKS

 The ability to virtualize depends on the features provided by the CPU. If the features
 are sufficient, then it is possible to write a VMM that provides a guest environment.
Otherwise, virtualization is impossible.
 VMMs use several techniques to implement virtualization, including trap-and-emulate
and binary translation.
 The important concept found in most virtualization options is the implementation of a
virtual CPU (VCPU).
 The VCPU does not execute code. Rather, it represents the state of the CPU as the guest
machine believes it to be. For each guest, the VMM maintains a VCPU representing that
guest’s current CPU state.

Department of CSE Page 5.5

 CS3451 Introduction to Operating Systems 2023

 When the guest is context-switched onto a CPU by the VMM, information from the
VCPU is used to load the right context, much as a general-purpose operating system
would use the PCB.

5.3.1 Trap-and-Emulate

 On a typical dual-mode system, the virtual machine guest can execute only in user mode
(unless extra hardware support is provided). The kernel, of course, runs in kernel mode,
and it is not safe to allow user-level code to run in kernel mode.
 Just as the physical machine has two modes, so must the virtual machine.
Consequently, we must have a virtual user mode and a virtual kernel mode, both of
which run in physical user mode.
 Those actions that cause a transfer from user mode to kernel mode on a real machine
(such as a system call, an interrupt, or an attempt to execute a privileged instruction)
must also cause a transfer from virtual user mode to virtual kernel mode in the virtual
machine.
 When the kernel in the guest attempts to execute a privileged instruction, that is an error
(because the system is in user mode) and causes a trap to the VMM in the real machine.
The VMM gains control and executes (or “emulates”) the action that was attempted by
the guest kernel on the part of the guest. It then returns control to the virtual machine.
This is called the trap-and-emulate

Figure: 5.2 Trap-and-emulate virtualization implementation.

 With privileged instructions, time becomes an issue. All non privileged instructions run
natively on the hardware, providing the same performance for guests as native
applications.
 Privileged instructions create extra overhead, however, causing the guest to run more
slowly than it would natively.

Department of CSE Page 5.6

 CS3451 Introduction to Operating Systems 2023

 In addition, the CPU is being multiprogrammed among many virtual machines, which
can further slowdown the virtual machines in unpredictable ways.
 This problem has been approached in various ways.
❖ IBM VM, for example, allows normal instructions for the virtual machines to execute
directly on the hardware.
❖ Only the privileged instructions (needed mainly for I/O must be emulated and hence
execute more slowly.
 In general, with the evolution of hardware, the performance of trap-and-emulate
functionality has been improved, and cases in which it is needed have been reduced.
❖ For example, many CPUs now have extra modes added to their standard dual-mode
operation.
❖ The VCPU need not keep track of what mode the guest operating system is in, because
the physical CPU performs that function.
❖ In fact, some CPUs provide guest CPU state management in hardware, so the VMM
need not supply that functionality, removing the extra overhead.
5.3.2 Binary Translation

 Binary translation is a software virtualization and includes the use of an interpreter. It

translates binary code to another binary but excluding nontrapping instructions.

Figure: 5.3 Binary translation virtualization implementation.

The basic steps are as follows:

 If the guest VCPU is in user mode, the guest can run its instructions natively on a physical
CPU.
 If the guest VCPU is in kernel mode, then the guest believes that it is running in kernel
mode. The VMM examines every instruction the guest executes in virtual kernel mode by

Department of CSE Page 5.7

 CS3451 Introduction to Operating Systems 2023

reading the next few instructions that the guest is going to execute, based on the guest’s
program counter.
 Instructions other than special instructions are run natively. Special instructions are
translated into a new set of instructions that perform the equivalent task—for example,
changing the flags in the VCPU.
 Binary translation is shown in Figure. It is implemented by translation code within the
VMM. The code reads native binary instructions dynamically from the guest, on demand,
and generates native binary code that executes in place of the original code.

Nested Page Table

 Let’s consider another issue in virtualization: memory management, specifically the page
tables. How can the VMM keep page-table state both for guests that believe they are
managing the page tables and for the VMM itself?

Fig:5.4 Nested Page Tables

Department of CSE Page 5.8

 CS3451 Introduction to Operating Systems 2023

 A common method, used with both trap-and-emulate and binary translation, is to use
nested page tables (NPTs). Each guest operating system maintains one or more page
tables to translate from virtual to physical memory.
 The VMM maintains NPTs to represent the guest’s page-table state, just as it creates a
VCPU to represent the guest’s CPU state. The VMM knows when the guest tries to
change its page table, and it makes the equivalent change in the NPT.
 When the guest is on the CPU, the VMM puts the pointer to the appropriate NPT into the
appropriate CPU register to make that table the active page table.
 If the guest needs to modify the page table (for example, fulfilling a page fault), then that
operation must be intercepted by the VMM and appropriate changes made to the nested
and system page tables
 Unfortunately, the use of NPTs can cause TLB misses to increase, and many other
complexities need to be addressed to achieve reasonable performance.

5.3.3 Hardware Assistance

 Without some level of hardware support, virtualization would be impossible. The more
hardware support available within a system, the more feature-rich and stable the virtual
machines can be and the better they can perform.

 Intel x86 CPU family, Intel added new virtualization support (the VT-x instructions), in
successive generations beginning in 2005. Now, binary translation is no longer needed.

 In fact, all major general-purpose CPUs now provide extended hardware support for
virtualization. For example, AMD virtualization technology (AMDV) has appeared in
several AMD processors starting in 2006.

 It defines two new modes of operation—host and guest—thus moving from a dual-mode
to a multimode processor.

 The VMM can enable host mode, define the characteristics of each guest virtual machine,
and then switch the system to guest mode, passing control of the system to a guest
operating system that is running in the virtual machine.

 In guest mode, the virtualized operating system thinks it is running on native hardware and
sees whatever devices are included in the host’s definition of the guest.
 If the guest tries to access a virtualized resource, then control is passed to the VMM to
manage that interaction.
 The functionality in Intel VT-x is similar, providing root and nonroot modes, equivalent to
host and guest modes. Both provide guest VCPU state data structures to load and save
guest CPU state automatically during guest context switches.

Department of CSE Page 5.9

 CS3451 Introduction to Operating Systems 2023

 In addition, virtual machine control structures (VMCSs) are provided to manage guest
and host state, as well as various guest execution controls, exit controls, and information
about why guests exit back to the host.
 AMD and Intel have also addressed memory management in the virtual environment. With
AMD’s RVI and Intel’s EPT memory-management enhancements, VMMs no longer need
to implement software NPTs.
 In essence, these CPUs implement nested page tables in hardware to allow the VMM to
fully control paging while the CPUs accelerate the translation from virtual to physical
addresses.
 The NPTs add a new layer, one representing the guest’s view of logical-to-physical
address translation.
 The CPU page-table walking function (traversing the data structure to find the desired
data) includes this new layer as necessary, walking through the guest table to the VMM
table to find the physical address desired.
 A TLB miss results in a performance penalty, because more tables (the guest and host
page tables) must be traversed to complete the lookup.
 Figure 5.4 shows the extra translation work performed by the hardware to translate from a
guest virtual address to a final physical address. I/O is another area improved by hardware
assistance.
 Consider that the standard direct-memory-access (DMA) controller accepts a target
memory address and a source I/O device and transfers data between the two without
operating-system action.
 Without hardware assistance, a guest might try to set up a DMA transfer that affects the
memory of the VMM or other guests. In CPUs that provide hardware-assisted DMA (such
as Intel CPUs with VT-d), even DMA has a level of indirection.

 First, the VMM sets up protection domains to tell the CPU which physical
memory belongs to each guest.
 Next, it assigns the I/O devices to the protection domains, allowing them direct
access to those memory regions and only those regions.
 The hardware then transforms the address in a DMA request issued by an I/O
device to the host physical memory address associated with the I/O.

 In this manner, DMA transfers are passed through between a guest and a device without
VMM interference.
 Similarly, interrupts must be delivered to the appropriate guest and must not be visible to
other guests.
 By providing an interrupt remapping feature, CPUs with virtualization hardware
assistance automatically deliver an interrupt destined for a guest to a core that is currently
running a thread of that guest.

Department of CSE Page 5.10

 CS3451 Introduction to Operating Systems 2023

 That way, the guest receives interrupts without any need for the VMM to intercede in
their delivery.
 Without interrupt remapping, malicious guests could generate interrupts that could be
used to gain control of the host system

5.4 TYPES OF VIRTUAL MACHINES AND THEIR IMPLEMENTATIONS

5.4.1 The Virtual Machine Life Cycle

 Whatever the hypervisor type, at the time a virtual machine is created, its creator gives the
VMM certain parameters.
 These parameters usually include:
❖ the number of CPUs,
❖ amount of memory,
❖ networking details,
❖ and storage details the VMM will take into account when creating the guest.
 For example, a user might want to create a new guest with two virtual CPUs, 4 GB of
memory, 10 GB of disk space, one network interface that gets its IP address via DHCP, and
access to the DVD drive.
 The VMM then creates the virtual machine with those parameters.
 In the case of a type 0 hypervisor, the resources are usually dedicated.
 For other hypervisor types, the resources are dedicated or virtualized, depending on the
type.
 Finally, when the virtual machine is no longer needed, it can be deleted. When this
happens, the VMM first frees up any used disk space and then removes the configuration
associated with the virtual machine, essentially forgetting the virtual machine.
 Creating a virtual machine from an existing one can be as easy as clicking the “clone”
button and providing a new name and IP address. This ease of creation can lead to virtual
machine sprawl, which occurs when there are so many virtual machines on a system that
their use, history, and state become confusing and difficult to track.

5.4.2 Type 0 Hypervisor

 Type 0 hypervisors have existed for many years under many names, including
“partitions” and “domains.”
 They are a hardware feature, and that brings its own positives and negatives.
 Operating systems need do nothing special to take advantage of their features.

Department of CSE Page 5.11

 CS3451 Introduction to Operating Systems 2023

Figure:5.5 Type 0 hypervisor

5.4.3 Type 1 Hypervisor

 A type 1 hypervisor acts like a lightweight operating system and runs directly on the
host’s hardware.
 The most commonly deployed type of hypervisor is the type 1 or bare-metal hypervisor,
where virtualization software is installed directly on the hardware where the operating
system is normally installed.
 Because bare-metal hypervisors are isolated from the attack-prone operating system, they
are extremely secure.
 In addition, they generally perform better and more efficiently than hosted hypervisors.
 For these reasons, most enterprise companies choose bare-metal hypervisors for data
centre computing needs.
 By using type 1 hypervisors, data-center managers can control and manage the operating
systems and applications in new and sophisticated ways.
 An important benefit is the ability to consolidate more operating systems and applications
onto fewer systems.

❖ For example, rather than having ten systems running at 10 percent utilization each, a data
center might have one server manage the entire load.

 If utilization increases, guests and their applications can be moved to less-loaded systems
live, without interruption of service.
 Using snapshots and cloning, the system can save the states of guests and duplicate those
states.
 Another type of type 1 hypervisor includes various general-purpose operating systems
with VMM functionality.

❖ Here, an operating system such as Red- Hat Enterprise Linux, Windows, or Oracle Solaris
performs its normal duties as well as providing a VMM allowing other operating systems to run as
guests.

Department of CSE Page 5.12

 CS3451 Introduction to Operating Systems 2023

Fig:5.6 Type 1 Hypervisor

5.4.4 Type 2 Hypervisor

 Type-2 Hypervisor– runs on the operating system of the physical host machine, hence
they are also called hosted hypervisors.
 These hypervisors are hosted on the operating system, and the hypervisor runs on that

layer as another software to enable virtualization.

5.4.4.1 Components available in Type 2 Hypervisor

 A physical server
 OS installed on that server hardware (OS like Windows, Linux, macOS)
 Type-2 hypervisor on that OS
 Virtual machine instances/guest VMs

Fig: 5.7 Type 2 Hypervisor

 These hypervisors are usually used in environments where there are a small number of
servers.

Department of CSE Page 5.13

 CS3451 Introduction to Operating Systems 2023

 They do not need a separate management console to set up and manage the virtual
machines. These operations can typically be done on the server that has the hypervisor
hosted. This hypervisor is basically treated as an application on your host system.

5.4.4.2 Advantages of Type-2 hypervisor

Simple management:

 They essentially act as management consoles. There is no need to install a separate

software package to manage the virtual machines running on type-2 hypervisors.

Useful for testing purposes:

 They are convenient for testing any new software or research projects. You can simply
run multiple instances with different OSes to test how the software works in each
environment.

Examples of Type 2 Hypervisors

 VMware Workstation Pro/VMware Fusion, Oracle VirtualBox, etc…

5.4.6 Paravirtualization:

 Paravirtualization works differently than the other types of virtualization.

 Rather than try to trick a guest operating system into believing it has a system to itself,
paravirtualization presents the guest with a system that is similar but not identical to the
guest’s preferred system.
 The guest must be modified to run on the paravirtualized virtual hardware.
 The gain for this extra work is more efficient use of resources and a smaller virtualization
layer.
 In Paravirtualization the source code of an OS is modified in order to run as a guest OS in
a virtual machine (VM) environment. Calls to the hardware from the guest OS are
replaced with calls to the VM monitor (VMM).
 Para-virtualization needs to modify the guest operating systems.
 A para virtualized VM provides special APIs requiring substantial OS modifications in
user applications.
 Para-virtualization attempts to reduce the virtualization overhead, and thus improve
performance by modifying only the guest OS kernel. The Xen VMM became the leader in
paravirtulization by implementing several techniques to optimize the performance of
guests as well as of the host system.
 For memory management, Xen did not implement nested page tables. Rather, each guest
had its own set of page tables, set to read-only.
 Xen required the guest to use a specific mechanism, a hypercall from the guest to the
hypervisor VMM, when a page-table change was needed.

Department of CSE Page 5.14

 CS3451 Introduction to Operating Systems 2023

 This meant that the guest operating system’s kernel code must have been changed from
the default code to these Xen-specific methods.

Fig 5.8 Xen I/O via shared circular buffer

 To optimize performance, Xen allowed the guest to queue up multiple page-table changes
asynchronously via hypercalls and then checked to ensure that the changes were complete
before continuing operation.
 Xen allowed virtualization of x86 CPUs without the use of binary translation, instead
requiring modifications in the guest operating systems like the one described above.
 Over time, Xen has taken advantage of hardware features supporting virtualization. As a
result, it no longer requires modified guests and essentially does not need the
paravirtualization method.
 Paravirtualization is still used in other solutions, however, such as type 0 hypervisors

. 5.4.7 Programming-Environment Virtualization

 Here, a programming language is designed to run within a custom-built virtualized

environment.

❖ For example, Oracle’s Java has many features that depend on its running in the
Java virtual machine (JVM), including specific methods for security and memory
management.

 Java programs run within the JVM environment, and the JVM is compiled to be a native
program on systems on which it runs.

Department of CSE Page 5.15

 CS3451 Introduction to Operating Systems 2023

❖ This arrangement means that Java programs are written once and then can run on any
system (including all of the major operating systems) on which a JVM is available.

 The same can be said of interpreted languages, which run inside programs that read
each instruction and interpret it into native operations.

5.4.8 Emulation

 Emulation is useful when the host system has one system architecture, and the guest
system was compiled for a different architecture.

❖ For example, suppose a company has replaced its outdated computer system
with a new system but would like to continue to run certain important programs that were
compiled for the old system. The programs could be run in an emulator that translates
each of the outdated system’s instructions into the native instruction set of the new
system.

 The major challenge of emulation is performance. Instruction-set emulation may run an

order of magnitude slower than native instructions, because it may take ten instructions on
the new system to read, parse, and simulate an instruction from the old system.
 Another challenge for emulator writers is that it is difficult to create a correct emulator
because, in essence, this task involves writing an entire CPU in software.
 Many popular video games were written for platforms that are no longer in production.
Users who want to run those games frequently can find an emulator of such a platform
and then run the game unmodified within the emulator.

5.4.9 Application Containment

 The goal of virtualization in some instances is to provide a method to segregate

applications, manage their performance and resource use, and create an easy way to start,
stop, move, and manage them. In such cases, perhaps full-fledged virtualization is not
needed.
 If the applications are all compiled for the same operating system, then we do not need
complete virtualization to provide these features. We can instead use application
containment.
 For example, Oracle Solaris has included containers, or zones, that create a virtual layer
between the operating system and the applications. In this system, only one kernel is
installed, and the hardware is not virtualized. Rather, the operating system and its devices
are virtualized, providing processes within a zone with the impression that they are the
only processes on the system.
 One or more containers can be created, and each can have its own applications, network
stacks, network address and ports, user accounts, and so on.

Department of CSE Page 5.16

 CS3451 Introduction to Operating Systems 2023

 CPU and memory resources can be divided among the zones and the system-wide
processes. Each zone, in fact, can run its own scheduler to optimize the performance of
its applications on the allotted resources.

Figure:5.9 Solaris 10 with two zones

The above figure shows a Solaris 10 system with two containers and the standard “global” user
space.

 Containers are much lighter weight than other virtualization methods. That is, they use
fewer system resources and are faster to instantiate and destroy, more similar to processes
than virtual machines. For this reason, they are becoming more commonly used,
especially in cloud computing.
 FreeBSD was perhaps the first operating system to include a container-like feature
(calle“jails”)
 Linux added the LXC container feature in 2014. It is now included in the common Linux
distributions via a flag in the clone() system call.
 Containers are also easy to automate and manage, leading to orchestration tools like
docker and Kubernetes.
 Orchestration tools are means of automating and coordinating systems and services.
Their aim is to make it simple to run entire suites of distributed applications, just as
operating systems make it simple to run a single program.

5.5 VIRTUALIZATION AND OPERATING-SYSTEM COMPONENTS

 In this section, we take a deeper dive into the operating-system aspects of virtualization,
including how the VMM provides core operating-system functions like scheduling, I/O,
and memory management.

Department of CSE Page 5.17

 CS3451 Introduction to Operating Systems 2023

5.5.1 CPU Scheduling

 A system with virtualization, even a single-CPU system, frequently acts like a

multiprocessor system.
 The virtualization software presents one or more virtual CPUs to each of the virtual
machines running on the system and then schedules the use of the physical CPUs among
the virtual machines.
 The significant variations among virtualization technologies make it difficult to
summarize the effect of virtualization on scheduling.

❖ The VMM has a number of physical CPUs available and a number of

threads to run on those CPUs. The threads can be VMM threads or guest threads.

❖ Guests are configured with a certain number of virtual CPUs at

creation time, and that number can be adjusted throughout the life of the VM.

❖ When there are enough CPUs to allocate the requested number to each
guest, the VMM can treat the CPUs as dedicated and schedule only a given guest’s
threads on that guest’s CPUs. In this situation, the guests act much like native
operating systems running on native CPUs.

 The VMM itself needs some CPU cycles for guest management and I/O management and
can steal cycles from the guests by scheduling its threads across all of the system CPUs,
but the impact of this action is relatively minor.
 More difficult is the case of overcommitment, in which the guests are configured for
more CPUs than exist in the system. Here, a VMM can use standard scheduling
algorithms to make progress on each thread but can also add a fairness aspect to those
algorithms.

❖ For example, if there are six hardware CPUs and twelve guest
allocated CPUs, the VMM can allocate CPU resources proportionally, giving each
guest half of the CPU resources it believes it has.

❖ The VMM can still present all twelve virtual CPUs to the guests, but in
mapping them onto physical CPUs, the VMM can use its scheduler to distribute
them appropriately.

 Within a virtual machine, this operating system receives only what CPU resources the
virtualization system gives it. A 100-millisecond time slice may take much more than 100
milliseconds of virtual CPU time.
 Depending on how busy the system is, the time slice may take a second or more, resulting in
very poor response times for users logged into that virtual machine. The effect on a real-time
operating system can be even more serious.

Department of CSE Page 5.18

 CS3451 Introduction to Operating Systems 2023

5.5.2 Memory Management

 Efficient memory use in general-purpose operating systems is a major key to

performance.
 In virtualized environments, there are more users of memory (the guests and their
applications, as well as the VMM), leading to more pressure on memory use.
 Further adding to this pressure is the fact that VMMs typically overcommit memory, so
that the total memory allocated to guests exceeds the amount that physically exists in the
system.
 The extra need for efficient memory use is not lost on the implementers of VMMs, who
take extensive measures to ensure the optimal use of memory.

❖ For example, VMware ESX uses several methods of memory management.

Before memory optimization can occur, the VMM must establish how much real memory
each guest should use. To do that, the VMM first evaluates each guest’s maximum
memory size.

❖ Next, the VMM computes a target real-memory allocation for each guest
based on the configured memory for those guest and other factors, such as over
commitment and system load.

5.5.2.1 Mechanisms to reclaim memory from the guests

i) One approach is to provide double paging. Here, the VMM has its own
pagereplacement algorithms and loads pages into a backing store that the guest believes is
physical memory.

ii) A common solution is for the VMM to install in each guest a pseudo– device driver or
kernel module that the VMM controls. (A pseudo–device driver uses device-driver interfaces,
appearing to the kernel to be a device driver, but does not actually control a device. Rather, it is an
easy way to add kernel-mode code without directly modifying the kernel.) This balloon memory
manager communicates with the VMM and is told to allocate or deallocate memory.

 If told to allocate, it allocates memory and tells the operating system to pin the
allocated pages into physical memory.
 Pinning locks a page into physical memory so that it cannot be moved or paged
out.

iii) Another common method for reducing memory pressure is for the VMM to determine
if the same page has been loaded more than once. If this is the case, the VMM reduces the number
of copies of the page to one and maps the other users of the page to that one copy.

Department of CSE Page 5.19

 CS3451 Introduction to Operating Systems 2023

5.5.3 I/O

 An operating system’s device-driver mechanism provides a uniform interface to the

operating system whatever the I/O device.
 Device-driver interfaces are designed to allow third-party hardware manufacturers to
provide device drivers connecting their devices to the operating system.
 Virtualization takes advantage of this built-in flexibility by providing specific virtualized
devices to guest operating systems.
 VMMs vary greatly in how they provide I/O to their guests. I/O devices may be dedicated
to guests, for example, or the VMM may have device drivers onto which it maps guest
I/O.
 The VMM may also provide idealized device drivers to guests. In this case, the guest sees
an easy-to-control device, but in reality, that simple device driver communicates to the
VMM, which sends the requests to a more complicated real device through a more
complex real device driver.
 I/O in virtual environments is complicated and requires careful VMM design and
implementation.
 Hypervisor and hardware combination allow direct access to improve I/O performance.
 With type 0 hypervisors that provide direct device access, guests can often run at the
same speed as native operating systems.
 With direct device access in type 1 and 2 hypervisors, performance can be similar to that
of native operating systems if certain hardware support is present.
 The hardware needs to provide DMA pass-through with facilities like VT-d, as well as
direct interrupt delivery (interrupts going directly to the guests).
 In addition to direct access, VMMs provide shared access to devices.
 Consider a disk drive to which multiple guests have access. The VMM
must provide protection while the device is being shared, assuring that a guest
can access only the blocks specified in the guest’s configuration.
 General-purpose operating systems typically have one Internet protocol (IP) address,
although they sometimes have more than one.
 With virtualization, each guest needs at least one IP address, because that is the guest’s
main mode of communication. Therefore, a server running a VMM may have dozens of
addresses, and the VMM acts as a virtual switch to route the network packets to the
addressed guests.
 The guests can be “directly” connected to the network by an IP address that is seen by the
broader network (this is known as bridging). Alternatively, the VMM can provide a
network address translation (NAT) address.
 The NAT address is local to the server on which the guest is running, and the VMM
provides routing between the broader network and the guest.

Department of CSE Page 5.20

 CS3451 Introduction to Operating Systems 2023

5.5.4 Storage Management

 Virtualized environments need to approach storage management differently than do native

operating systems.

If multiple operating systems have been installed, what and where is the boot disk.

❖ The solution to this problem depends on the type of hypervisor. Type 0 hypervisors
often allow root disk partitioning, partly because these systems tend to run fewer guests than other
systems.

❖ Alternatively, a disk manager may be part of the control partition, and that disk
manager may provide disk space (including boot disks) to the other partitions.

❖ Type 1 hypervisors store the guest root disk (and configuration information) in one or
more files in the file systems provided by the VMM.

❖ Type 2 hypervisors store the same information in the host operating system’s file
systems.

❖ A disk image, containing all of the contents of the root disk of the guest, is contained
in one file in the VMM.

 Moving a virtual machine from one system to another that runs the same VMM is as
simple as halting the guest, copying the image to the other system, and starting the guest there.
 Guests sometimes need more disk space than is available in their root disk image

❖ For example, a nonvirtualized database server might use several file systems
spread across many disks to store various parts of the database. Virtualizing such a database
usually involves creating several files and having the VMM present those to the guest as disks.
The guest then executes as usual, with the VMM translating the disk I/O requests coming from
the guest into file I/O commands to the correct files.

 VMMs provide a mechanism to capture a physical system as it is currently configured and

convert it to a guest that the VMM can manage and run. This physical-to-virtual (P-to-V)
conversion reads the disk blocks of the physical system’s disks and stores them in files on the
VMM’s system or on shared storage that the VMM can access.
 VMMs also provide a virtual-to physical (V-to-P) procedure for converting a guest to a
physical system. This procedure is sometimes needed for debugging.

5.5.5 Live Migration

 One feature not found in general-purpose operating systems but found in type 0 and type
1 hypervisors is the live migration of a running guest from one system to another.

Department of CSE Page 5.21

 CS3451 Introduction to Operating Systems 2023

5.5.5.1 Working of Live Migration

 A running guest on one system is copied to another system running the same VMM.
 The copy occurs with so little interruption of service that users logged in to the guest, as
well as network connections to the guest, continue without noticeable impact.
 This rather astonishing ability is very powerful in resource management and hardware
administration.
 After all, compare it with the steps necessary without virtualization

❖ we must warn users

❖ shut down the processes,
❖ possibly move the binaries,
❖ restart the processes on the new system.
 Only then can users access the services again.
 With live migration, we can decrease the load on an overloaded system or make hardware or
system changes with no discernable disruption for users.

5.5.5.2 The VMM migrates a guest via the following steps:

 The source VMM establishes a connection with the target VMM and confirms that it is
allowed to send a guest.
 The target creates a new guest by creating a new VCPU, new nested page table, and other
state storage.

Figure:5.10: Live migration of a guest between two servers.

 The source sends all read-only memory pages to the target.

 The source sends all read–write pages to the target, marking them as clean.

Department of CSE Page 5.22

 CS3451 Introduction to Operating Systems 2023

 The source repeats step 4, because during that step some pages were probably modified
by the guest and are now dirty. These pages need to be sent again and marked again as
clean.
 When the cycle of steps 4 and 5 becomes very short, the source VMM freezes the guest,
sends the VCPU’s final state, other state details, and the final dirty pages, and tells the
target to start running the guest. Once the target acknowledges that the guest is running,
the source terminates the guest.

5.5.5.3 Limitations of Live Migration

 Live migration is possible. It means that most of the guest’s state is maintained
within the guest— for example, open file tables, system-call state, kernel state,
and so on.
 Used disk space is usually much larger than used memory
 Disks associated with the guest cannot be moved as part of a live migration.

Live migration makes it possible to manage data centers

 Live migration makes it possible to manage data centers in entirely new ways. For
example, virtualization management tools can monitor all the VMMs in an environment
and automatically balance resource use by moving guests between the VMMs.
 These tools can also optimize the use of electricity and cooling by migrating all guests off
selected servers if other servers can handle the load and powering down the selected
servers entirely.
 If the load increases, the tools can power up the servers and migrate guests back to them.

5.6 MOBILE OS - IOS AND ANDROID

5.6.1 iOS

 iOS is a mobile operating system designed for the iPhone smartphone and iPad tablet
computer.

5.6.1.1 Functions of the various layers include the following:

User experience layer

❖ This layer defines the software interface that allows users to interact with the computing devices.
macOS uses the Aqua user interface, which is designed for a mouse or trackpad, whereas iOS uses the
Springboard user interface, which is designed for touch devices.

Application frameworks layer

❖ This layer includes the Cocoa and Cocoa Touch frameworks, which provide an API for the
Objective-C and Swift programming languages.

Department of CSE Page 5.23

 CS3451 Introduction to Operating Systems 2023

Figure 5.11: Architecture of Apple’s macOS and iOS operating systems

❖ The primary difference between Cocoa and Cocoa Touch is that the former is used for
developing macOS applications, and the latter by iOS to provide support for hardware features
unique to mobile devices, such as touch screens.

Core frameworks.

❖ This layer defines frameworks that support graphics and media including, Quicktime and
OpenGL.

Kernel environment

❖ This environment, also known as Darwin, includes the Mach microkernel and the BSD UNIX
kernel.

 As shown in Figure: 5.11 , applications can be designed to take advantage of user-

experience features or to bypass them and interact directly with either the application
framework or the core framework.
 An application can communicate directly with the kernel environment.

5.6.1.2 The Darvin’s Layered System

 Darwin uses a hybrid structure.

 Darwin is a layered system that consists primarily of the Mach microkernel and the BSD
UNIX kernel.

Department of CSE Page 5.24

 CS3451 Introduction to Operating Systems 2023


 Darwin’s structure is shown in Figure: 5.12
 Darwin provides two system-call interfaces: Mach system calls (known as traps) and
BSD system calls (which provide POSIX functionality).
 The interface to these system calls is a rich set of libraries that includes not only the
standard C library but also libraries that provide networking, security, and programming
language support
 Fundamental Operating system services provided by iOS
o ❖ Memory management,
o ❖ CPU scheduling,
o ❖ interprocess communication (IPC) facilities such as message passing and
remote procedure calls (RPCs).
 Much of the functionality provided by Mach is available through kernel abstractions,
which include tasks (a Mach process), threads, memory objects, and ports (used for IPC).
 The kernel environment provides an I/O kit for development of device drivers and
dynamically loadable modules (which macOS refers to as kernel extensions, or kexts).

5.6.2 ANDROID

 The Android operating system was designed by the Open Handset Alliance (led primarily
by Google) and was developed for Android smartphones and tablet computers.
 Whereas iOS is designed to run on Apple mobile devices and is close-sourced, Android
runs on a variety of mobile platforms and is opensourced.

Department of CSE Page 5.25

 CS3451 Introduction to Operating Systems 2023

 The structure of Android appears in Figure 5.13.

 Android is similar to iOS in that it is a layered stack of software that provides a rich set
of frameworks supporting graphics, audio, and hardware features.
 These features, in turn, provide a platform for developing mobile, applications that run on
a multitude of Android-enabled devices.
 Software designers for Android devices develop applications in the Java language, but
they do not generally use the standard Java API.
 Google has designed a separate Android API for Java development. Java applications are
compiled into a form that can execute on the Android RunTime ART, a virtual machine
designed for Android and optimized for mobile devices with limited memory and CPU
processing capabilities.
 Java programs are first compiled to a Java bytecode .class file and then translated into an
executable .dex file.
 Whereas many Java virtual machines perform just-in-time (JIT) compilation to improve
application efficiency, ART performs ahead-of-time (AOT) compilation. Here, .dex files
are compiled into native machine code when they are installed on a device, from which
they can execute on the ART.
 AOT compilation allows more efficient application execution as well as reduced power
consumption, features that are crucial for mobile systems.
 Android developers can also write Java programs that use the Java native interface—or
JNI—which allows developers to bypass the virtual machine and instead write Java
programs that can access specific hardware features.
 Programs written using JNI are generally not portable from one hardware device to
another.
 The set of native libraries available for Android applications includes frameworks for
developing web browsers (webkit), database support (SQLite), and network support, such
as secure sockets (SSLs).

Department of CSE Page 5.26

 CS3451 Introduction to Operating Systems 2023

 Because Android can run on an almost unlimited number of hardware devices, Google
has chosen to abstract the physical hardware through the hardware abstraction layer, or
HAL.
 By abstracting all hardware, such as the camera, GPS chip, and other sensors, the HAL
provides applications with a consistent view independent of specific hardware.
 This feature, of course, allows developers to write programs that are portable across
different hardware platforms.
 The standard C library used by Linux systems is the GNU C library (glibc). Google
instead developed the Bionic standard C library for Android.
 Not only does Bionic have a smaller memory footprint than glibc, but it also has been
designed for the slower CPUs that characterize mobile devices.
 At the bottom of Android’s software stack is the Linux kernel. Google has modified the
Linux kernel used in Android in a variety of areas to support the special needs of mobile
systems, such as power management.
 It has also made changes in memory management and allocation and has added a new
form of IPC known as Binder

Department of CSE Page 5.27

 CS3451 Introduction to Operating Systems 2023

REVIEW QUESTIONS

PART-A (2-Marks)

1. What is Virtual Machine

 A virtual machine (VM) is a virtual environment which functions as a virtual computer
system with its own CPU, memory, network interface, and storage, created on a physical
hardware system.
 A piece of software called a hypervisor, or virtual machine manager, lets you run
different operating systems on different virtual machines at the same time.

2. What is Binary Translation?

 Binary translation is a software virtualization and includes the use of an interpreter. It
translates binary code to another binary but excluding nontrapping instructions.

3. List down the requirements for Virtualization.

 Fidelity.
❖ AVMM provides an environment for programs that is essentially identical to
the original machine.
 Performance.
❖ Programs running within that environment show only minor performance
decreases
 Safety.
❖ The VMM is in complete control of system resources.

4.List down the parameters involved in Virtual Machine Life Cycle.

➢ These parameters usually include:
❖ the number of CPUs,
❖ amount of memory,
❖ networking details,
❖ and storage details

Department of CSE Page 5.28

 CS3451 Introduction to Operating Systems 2023

5. What is Type 0 Hypervisor?

➢ In Type 0 Hypervisor the VMM itself is encoded in the firmware and loaded at boot time. In
turn, it loads the guest images to run in each partition.

➢ A type 0 hypervisor can run multiple guest operating systems (one in each hardware partition).

➢ All those guests, because they are running on raw hardware, can in turn be VMMs.

6. What is Type 1 Hypervisor?

➢A type 1 hypervisor acts like a lightweight operating system and runs directly on

the host’s hardware.

➢The most commonly deployed type of hypervisor is the type 1 or bare-metal

hypervisor, where virtualization software is installed directly on the hardware where

the operating system is normally installed.

Department of CSE Page 5.29

 CS3451 Introduction to Operating Systems 2023

7. What is Type 2 Hypervisor

➢Type-2 Hypervisor– runs on the operating system of the physical host machine,

hence they are also called hosted hypervisors.

➢These hypervisors are hosted on the operating system, and the hypervisor runs on

that layer as another software to enable virtualization.

Department of CSE Page 5.30

 CS3451 Introduction to Operating Systems 2023

8. List the components available in a Type 2 Hypervisor

 A physical server

 OS installed on that server hardware (OSes like Windows, Linux, macOS)

 Type-2 hypervisor on that OS

 Virtual machine instances/guest VMs

9. What are the advantages of Type 2 Hypervisor?

Simple management:

❖ They essentially act as management consoles. There is no need to install a separate software
package to manage the virtual machines running on type-2 hypervisors. Useful for testing purposes:

❖ They are convenient for testing any new software or research projects. You can simply run
multiple instances with different OSes to test how the software works in each environment.

10. What is Para-Virtualization?

➢ In Paravirtualization the source code of an OS is modified in order to run as a guest OS in a virtual

machine (VM) environment. Calls to the hardware from the guest OS are replaced with calls to the VM
monitor (VMM).

➢ Para-virtualization needs to modify the guest operating systems

11. Write short notes on Emulation.

➢ Emulation is useful when the host system has one system architecture, and the guest system
was compiled for a different architecture.

➢ For example, suppose a company has replaced its outdated computer system with a new system
but would like to continue to run certain important programs that were compiled for the old system. The
programs could be run in an emulator that translates each of the outdated system’s instructions into the
native instruction set of the new system.

Department of CSE Page 5.31

 CS3451 Introduction to Operating Systems 2023

12. What are the challenges the programmer faced in Emulation.

➢ The major challenge of emulation is performance. Instruction-set emulation may run an order
of magnitude slower than native instructions, because it may take ten instructions on the new system to
read, parse, and simulate an instruction from the old system.

➢ Another challenge for emulator writers is that it is difficult to create a correct emulator
because, in essence, this task involves writing an entire CPU in software.

13. Write short notes on VMM.

➢ Virtual Machine Monitor, also called a “hypervisor,” this is one of many hardware
virtualization techniques that allow multiple operating systems, termed guests, to run concurrently on a
host computer.

➢ It manages the operation of a virtualized environment on top of a physical host machine

14. What is iOS

➢ iOS is a mobile operating system designed for the iPhone smartphone and iPad tablet
computer.

15. Draw the structure of Darvin’s layered system.

Department of CSE Page 5.32

 CS3451 Introduction to Operating Systems 2023

16. What are the system call interfaces provided by the Darvin’s layered system.

➢ Darwin provides two system-call interfaces: Mach system calls (known as traps) and BSD
system calls (which provide POSIX functionality).

17. List down the fundamental operating system services provided by the iOS.

➢ Memory management,

➢ CPU scheduling,

➢ Interprocess communication (IPC) facilities such as message passing and remote procedure
calls (RPCs).

18. What is Android OS?

➢ The Android operating system was designed by the Open Handset Alliance (led primarily by
Google) and was developed for Android smartphones and tablet computers.

➢ Whereas iOS is designed to run on Apple mobile devices and is close-sourced, Android runs
on a variety of mobile platforms and is open sourced.

Department of CSE Page 5.33

 CS3451 Introduction to Operating Systems 2023

19. What is Live Migration in OS Virtualization?

➢ Live migration refers to the process of moving a virtual machine (VM) running on one physical
host to another host without disrupting normal operations or causing any downtime or other adverse effects
for the end user. Live migration is considered a major step in virtualization.

20. Compare between Full Virtualization and Para-Virtualization

Full Virtualization Para-Virtualization

A common and cost-effective type of An Enhancement of virtualization

virtualization in which computer service technology in which the guest OS is

Department of CSE Page 5.34

 CS3451 Introduction to Operating Systems 2023

requests are separated from the physical recompiled prior to installation inside a VM
hardware that facilitates them

Allows the Guest OS to execute Allows the Guest OS to communicate with

Independently. the Hypervisor

Guest OS issues hardware calls to access Guest OS directly communicates with the
hardware hypervisor using drivers

Lower Performance Higher Performance

21. Compare between Bare-Metal Hypervisor and Hosted Hypervisor

Bare-Metal Hypervisor Hosted Hypervisor

It is also called as Type 1 Hypervisor It is also called as Type 2 Hypervisor

It run’s directly on the host hardware to It run’s on a conventional operating system

control the hardware and to manage the guest just as other computer programs do.
OS.

It run’s directly on the host hardware Runs on operating systems similar to other
computer programs

Examples: Xen, Microsoft Hyper V, VMware Examples: VMware Workstations, Oracle

ESX/ESXi, Oracle VM Server for x86
Virtual Box, VMware Player.

Department of CSE Page 5.35

 CS3451 Introduction to Operating Systems 2023

PART-B

1. What is Virtual Machine? Elaborate on the History, benefits, and features of Virtual Machine with
examples.

2. Discuss briefly about the building blocks of virtualization with neat diagrams.

3. Explain briefly about the different types of Virtual machines with neat diagrams.

4. What is Hypervisor? Discuss about the different types of virtualization with neat diagrams.

5. Write short notes on Full Virtualization and Para Virtualization with neat diagrams.

6. Explain briefly about virtualization and operating system components with examples.

7. What is Live Migration? Discuss about the steps involved in Live Migration with neat diagrams.

8. Discuss about Android Operating System with neat diagram.

9. Elaborate on iOS with neat diagrams.

10. Discuss about Darvin’s Layered System with neat diagram.

Department of CSE Page 5.36