Full virtualization

From Wikipedia, the free encyclopedia

Note: The concept of full virtualization is well established in the literature, but not always using this specific term. See virtualization regarding terminology.

Full virtualization, in computer science, is a virtualization technique used to implement a certain kind of virtual machine environment: one that provides a complete simulation of the underlying hardware. The result is a system in which all software capable of execution on the raw hardware can be run in the virtual machine. In particular, this includes all operating systems. (This is different from other forms of virtualization – which allow only certain or modified software to run within a virtual machine.)

The prototypical illustration of full virtualization is in the control program of IBM's CP/CMS operating system – first demonstrated with IBM's CP-40 research system in 1967, then distributed via open source in CP/CMS in 1967-1972, and re-implemented in IBM's VM family from 1972 to the present. Each CP/CMS user was provided a simulated, stand-alone computer. Each such virtual machine had the complete capabilities of the underlying machine, and (for its user) the virtual machine was indistinguishable from a private system. This simulation was comprehensive, and was based on the Principles of Operation manual for the hardware. It thus included such elements as instruction set, main memory, interrupts, exceptions, and device access. The result was a single machine that could be multiplexed among many users.

Full virtualization is only possible given the right combination of hardware and software elements. For example, it was not possible with most of IBM's System/360 series, only with the IBM System/360-67; nor was it possible with IBM's early System/370 systems, until IBM added virtual memory hardware to the System/370 series in 1972. Similarly, full virtualization is not (quite) possible with the x86 platform (see x86 virtualization – although many virtual machine systems for this platform are close enough to be called full virtualization, e.g. VMware Workstation, VMware Server (formerly GSX Server), VirtualBox, Parallels Desktop, Adeos, Mac-on-Linux, Win4BSD, and Win4Lin Pro).

A key challenge for full virtualization is the interception and simulation of privileged operations, such as I/O instructions. The effects of every operation performed within a given virtual machine must be kept within that virtual machine – virtual operations cannot be allowed to alter the state of any other virtual machine, the control program, or the hardware. Some machine instructions can be executed directly by the hardware, since their effects are entirely contained within the elements managed by the control program, such as memory locations and arithmetic registers. But other instructions that would "pierce the virtual machine" cannot be allowed to execute directly; they must instead be trapped and simulated. Such instructions either access or affect state information that is outside the virtual machine.

Full virtualization has proven highly successful for a) sharing a computer system among multiple users, and b) isolating users from each other (and from the control program) to achieve improved reliability and security.