How does Hypervisor deal with sensitive instructions executed from host process that is not VM-instance?
Question
I know So-called Type2 Hypervisor(such as VMWare Workstation, VirtualBox) is implemented as kernel module. And VM-instance is host OS process.
Assume the following situation.(I understand this is strange but for simplicity)
- A Machine has one CPU.
- Host OS is Windows that has two process, calc.exe and VM-instance(booting Linux).
- calc.exe has some sensitive instruction.
I don't understand that whether Hypervisor traps sensitive instructions or not, while running calc.exe on CPU.
I have two ideas.
i) Hypervisor traps sensitive instructions from calc.exe. Hypervisor identifies calc.exe or VM-instance process. And if necessary Hypervisor emulates it that executed from VM-instance process.
ii) Hypervisor doesn't execute vmresume when VM-EXIT caused by interrupt for context switch. In other words, CPU is "VMX ROOT MODE" while executes calc.exe. Therefore Hypervisor doesn't work.
In case of ii), How does Hypervisor execute vmresume when VM-instance process is reassigned to CPU?
Thank you.
1 answers
solution1
0 ACCPTED 2021-07-26 21:10:05
Being "sensitive" means an instruction could tell the difference between running inside a guest VM or not. (Or could affect state outside the guest VM). calc.exe isn't running inside a guest VM so it doesn't matter what it does.
calc.exe is basically part of the hypervisor. It's up to normal OS mechanisms to stop a user-space process from messing up other processes (including the guest VM), ie not letting them disable interrupts or overwrite the memory of other processes.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.