V.U. Egorov, I.V. Karpov, E.A. Matveev

One of modern information technology directions is a virtualization of computing platforms. As for now the hardware support of the virtualization is provided by Intel and AMD. The virtual machine is controlled by a virtual machine monitor - the hypervisor. The developer of the hypervisor is responsible for solving variety of tasks one of which is the implementation of the memory management mechanism of the virtual machine. The goal of this article is to examine memory management mechanisms of virtual machines by Intel and AMD. Virtualization technologies from these two processor manufacturers are called respectively VT and SVM. The first part of the article is devoted to the memory management in modern processors. The rest of the article considers various aspects of the memory virtualization of virtual machines. Issues of the memory management of virtual machines in real, protected and transit modes are considered as well. The article shows that the hypervisor has to maintain a table which maps the host physical memory address to the guest one. Besides that the hypervisor should also maintain page tables describing the virtual address space of the virtual machine when it is functioning in the protected mode with paging translation enabled. This set of page tables in fact duplicates the set of page tables in the virtual machine. The set of page tables in the hypervisor has to be changed in accordance with process switches inside the virtual machine. In other words the hypervisor should maintain separate sets of page tables for processes running in the virtual machine. Note that construction of each set of page tables by the hypervisor is time-consuming operation. In addition the hypervisor is responsible for keeping the contents of page tables in up to date state inside the virtual machine. In particular the hypervisor must programmatically fill out the bits A (Accessed) and D (Dirty) inside the virtual machine PTEs. There are two approaches to the management mechanism of addressing paged memory in the virtual machine named respectively the "brute force" method and the "virtual TLBs" method. TLBs stands for Translation Lookaside Buffers. The "brute force" method is a complete emulation of any hardware operations on address translation performed by the hypervisor. The "virtual TLBs" method is based on the strategy of real processor-s TLBs emulation by the hypervisor. The article describes both the methods; it is shown that the "virtual TLBs" method is more preferable. There are additional facilities introduced by processor manufacturers (Intel and AMD) to accelerate the memory virtualization. Such facilities are also described in the article. In Intel processors such facilities are implemented as virtual processor IDs (VPID) and Extended Page Tables (EPT). In AMD processors such facilities are implemented as the Address Space Identifiers ASID and as the mechanism of nested page tables (Nested Paging Facility, NPF). Use of the EPT and NPF helps to eliminate the duplicate set of page tables in the hypervisor. Unfortunately those facilities are present not at all processors which support the hardware virtualization. It is shown that use of these technologies requires the modification of the basic algorithms of memory handling by the hypervisor. Besides for maintenance of working capacity of all computers that support the hardware virtualization, developers are obliged to realize algorithms of the hypervisor as with usage of the mechanisms accelerating memory virtualization and without it. The article also describes the algorithm of functioning of virtual machine devices mapped into the address space of physical memory as well as the behavior of the hypervisor when it handles page violation. The applicability of various aspects of the hardware virtualization technology