CN102799480B - Method and device for closing interrupt in virtualization system - Google Patents

Method and device for closing interrupt in virtualization system Download PDF

Info

Publication number
CN102799480B
CN102799480B CN201210207137.5A CN201210207137A CN102799480B CN 102799480 B CN102799480 B CN 102799480B CN 201210207137 A CN201210207137 A CN 201210207137A CN 102799480 B CN102799480 B CN 102799480B
Authority
CN
China
Prior art keywords
guest
interrupt identification
interrupt
bit register
interface
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201210207137.5A
Other languages
Chinese (zh)
Other versions
CN102799480A (en
Inventor
马彬
郑章孝
白云鹏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
NANTONG HANGDA ELECTRONIC TECHNOLOGY Co.,Ltd.
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Priority to CN201210207137.5A priority Critical patent/CN102799480B/en
Publication of CN102799480A publication Critical patent/CN102799480A/en
Priority to PCT/CN2013/070810 priority patent/WO2013189180A1/en
Application granted granted Critical
Publication of CN102799480B publication Critical patent/CN102799480B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/48Program initiating; Program switching, e.g. by interrupt
    • G06F9/4806Task transfer initiation or dispatching
    • G06F9/4812Task transfer initiation or dispatching by interrupt, e.g. masked
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/44Arrangements for executing specific programs
    • G06F9/455Emulation; Interpretation; Software simulation, e.g. virtualisation or emulation of application or operating system execution engines
    • G06F9/45533Hypervisors; Virtual machine monitors
    • G06F9/45558Hypervisor-specific management and integration aspects
    • G06F2009/45583Memory management, e.g. access or allocation

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Memory System Of A Hierarchy Structure (AREA)

Abstract

The invention provides a method and device for closing interrupt in a virtualization system, which aim to better support the open/close interrupt of a Guest OS (Operating System) and reduce the influence on system operating efficiency. The method comprises the following steps of: offering an interface to the Guest OS of the virtualization operating system so as to allow the Guest OS to call the interface to set an interrupt flag for an interrupt flag register corresponding to the Guest OS in shared memory; checking the interrupt flag register; and avoiding sending virtual interrupt to the Guest OS if the interrupt flag register indicates that the Guest OS requires interrupt closing. The method provided by the invention does not rely on co-compiling of Hypervisor and the Guest OS, the Hypervisor has no need of sharing code sections with the Guest OS, and the access to the shared memory is realized through a virtual address, so that the interrupt closing/opening is quick, and the system operating efficiency is high.

Description

The method and apparatus of interruption is closed in virtualization system
Technical field
The present invention relates to computer realm, particularly relate in virtualization system the method and apparatus of closing interruption.
Background technology
Not interrupted when performing to prevent important system-program code or in order to ensure data consistency, operating system (Operating System, OS) needs to perform the operation of closing and interrupting.
Under the environment of non-virtualized, OS directly can close physical hardware and interrupt.But once deploy real-time embedded virtual component and Hypervisor, the distribution of interruption is just by Hypervisor unified management, and OS can not directly go to close physics hardware interrupts.Such as, at virtualization system, multiple client operating system (Guest OS) can operate in single physical central processing unit (Central Processing Unit, CPU) on, single Guest OS execution closedown can not affect the operation of other Guest OS on same physical cpu when interrupting, this just needs to unify Coordination Treatment closedown interruption by Hypervisor, and this operates.
In the virtualization system deploying Hypervisor, the one that prior art provides closes interrupt method: Hypervisor and Guest OS independent compilation, link reflection, by boot (BootLoader), the reflection of Hypervisor and Guest OS is loaded into internal memory, BootLoader starts Hypervisor, Hypervisor and starts each Guest OS more respectively.Due in virtualization system, interruption is that therefore, need Hypervisor to provide the communication modes of interrupt notification (Hyper Call), that is, Guest OS sends the request of closing and interrupting to Hypervisor by Hyper Call by the unified distribution of Hypervisor.After Hypervisor receives the request of closing and interrupting, then setting is forbidden interrupting to relevant Guest OS kernel distribution, namely closes interruption.
Hyper Call be generally applied in do not share a code segment the scene called across mapped interface (such as, what XEN provided calls across mapped interface) and different level of privilege pattern between interface interchange scene (such as, the syscall that Linux provides calls) etc., at present, under above-mentioned application scenarios, there is multiple implementation in Hyper Call, such as, by message communication, by communication interruption or by realizing the interface interchange function etc. between cross-module formula.Implementation due to Hyper Call generally all relates to the application to the universal communication such as internal memory and queue mechanism, therefore, if Guest OS needs to perform continually to open or close interrupt this operation, then the closedown interrupt method that above-mentioned prior art provides makes running efficiency of system lower.
Summary of the invention
The embodiment of the present invention provides in virtualization system the method and apparatus of closing interruption, to support that Guest OS ON/OFF is interrupted better, reduces the impact on running efficiency of system simultaneously.
The embodiment of the present invention provides a kind of method of closing interruption in virtualization system, described method comprises: provide interface, to make described Guest OS call described interface, interrupt identification bit register corresponding with described Guest OS in shared drive is arranged interrupt identification to virtualizing operating systems Guest OS, described shared drive is that real-time embedded virtual component Hypervisor and at least one Guest OS shares and physical memory for recording interrupt identification, and the memory headroom that Guest OS different in described shared drive and described Hypervisor shares is isolated mutually; Check described interrupt identification bit register; Interrupt if described interrupt identification bit register shows that described Guest OS needs are closed, then forbid sending virtual interrupt to described Guest OS.
The embodiment of the present invention provides the device of closing interruption in a kind of virtualization system, described device comprises: interface provides module, to make described Guest OS call described interface, interrupt identification bit register corresponding with described Guest OS in shared drive is arranged interrupt identification for providing interface to virtualizing operating systems Guest OS, described shared drive is that real-time embedded virtual component Hypervisor and at least one Guest OS shares and physical memory for recording interrupt identification, the memory headroom that Guest OS different in described shared drive and described Hypervisor shares is isolated mutually, zone bit checking module, for checking described interrupt identification bit register, interrupt holdoff sending module, if check that described interrupt identification bit register shows that described Guest OS needs are closed and interrupts for described zone bit checking module, then forbids sending virtual interrupt to described Guest OS.
From the invention described above embodiment, because real-time embedded virtual component Hypervisor provides interface to virtualizing operating systems Guest OS, Hypervisor can share with at least one Guest OS and be used for recording the interrupt identification bit register corresponding with described Guest OS in the physical memory of interrupt identification and shared drive and arrange interrupt identification by described Guest OS.With prior art by compared with the method that provides the communication modes of interrupt notification to close to interrupt, the method that the embodiment of the present invention provides does not rely on Hypervisor and Guest OS and jointly compiles, and Hypervisor does not need to share code segment with Guest OS; Be separated because virtualization layer is videoed with Guest OS, undertaken the access of shared drive by virtual address, therefore, interrupt hourly velocity in close/open fast, running efficiency of system is high.
Accompanying drawing explanation
In order to be illustrated more clearly in the technical scheme of the embodiment of the present invention, be briefly described to the required accompanying drawing used in prior art or embodiment description below, apparently, accompanying drawing in the following describes is only some embodiments of the present invention, for those skilled in the art, can also be obtained it as these accompanying drawings
His accompanying drawing.
Fig. 1 is the method flow schematic diagram of closing interruption in the virtualization system that provides of the embodiment of the present invention;
Fig. 2 the single physical CPU that provides of the embodiment of the present invention runs multiple Guest OS and single Guest OS to run on scene schematic diagram on multiple physical cpu;
Fig. 3 is the apparatus structure schematic diagram of closing interruption in the virtualization system that provides of the embodiment of the present invention;
Fig. 4 is the apparatus structure schematic diagram of closing interruption in the virtualization system that provides of another embodiment of the present invention;
Fig. 5 is the apparatus structure schematic diagram of closing interruption in the virtualization system that provides of another embodiment of the present invention;
Fig. 6 a is the apparatus structure schematic diagram of closing interruption in the virtualization system that provides of another embodiment of the present invention;
Fig. 6 b is the apparatus structure schematic diagram of closing interruption in the virtualization system that provides of another embodiment of the present invention;
Fig. 7 is the apparatus structure schematic diagram of closing interruption in the virtualization system that provides of another embodiment of the present invention.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, be clearly and completely described the technical scheme in the embodiment of the present invention, obviously, described embodiment is only the present invention's part embodiment, instead of whole embodiments.Based on the embodiment in the present invention, the every other embodiment that those skilled in the art obtain, all belongs to the scope of protection of the invention.
Refer to accompanying drawing 1, be the method flow schematic diagram that interruption is provided in the virtualization system that provides of the embodiment of the present invention, mainly comprise step S101, step S102 and step S103:
S101, there is provided interface, to make described Guest OS call described interface, interrupt identification bit register corresponding with described Guest OS in shared drive is arranged interrupt identification to virtualizing operating systems Guest OS, described shared drive is that real-time embedded virtual component Hypervisor and at least one Guest OS shares and physical memory for recording interrupt identification.
In embodiments of the present invention, Guest OS is a kind of virtualizing operating systems, this type operating system and general operation system difference are, not single physical CPU only runs such virtualizing operating systems or such virtualizing operating systems only operates on single physical CPU, namely not directly run on hardware layer (Hardware), but the real-time embedded virtual component Hypervisor run on hardware layer, as shown in Figure 2, that on single physical CPU, operation multiple Guest OS and single Guest OS runs on the scene schematic diagram on multiple physical cpu.Such as, Guest OS 0with Guest OS 1physical cpu is run on by Hypervisor 0(Core 0) on, and Guest OS nphysical cpu is run on by Hypervisor 1(Core 1), physical cpu 2(Core 2) and physical cpu n(Core n) on.
Being closed by the communication modes of interrupt notification (Hyper Call) from prior art interrupts different, and in embodiments of the present invention, real-time embedded virtual component Hypervisor provides one deck intermediate address, and this intermediate address manages with shadow page table; Set up Guest OS by Guest OS and set up the mapping of intermediate address to physical memory addresses to the mapping of intermediate address and Hypervisor, here Guest OS is called ground floor address maps to the mapping of intermediate address, intermediate address to the mapping of physical memory addresses is called second layer address maps.The effect of ground floor address maps be real-time embedded virtual component Hypervisor can on the real-time embedded virtual component Hypervisor of perception all Guest OS to the demand of physical memory and unified management, the effect of second layer address maps is that real-time embedded virtual component Hypervisor according to the demand of Guest OS to physical memory, can divide physical memory resource with having planning property.
After establishing ground floor address maps and second layer address maps, real-time embedded virtual component Hypervisor and at least one Guest OS can be set up and share and physical memory for recording interrupt identification.In the following description, for convenience of description, real-time embedded virtual component Hypervisor and at least one Guest OS is shared and the physical memory being used for recording interrupt identification referred to as " shared drive ", obviously, shared drive is a part for physical memory.As shown in Figure 3, be the schematic diagram that shared drive is provided at physical memory in the method that provides of the embodiment of the present invention.Shared drive can be accessed jointly by Hypervisor and at least one Guest OS, and, the memory headroom that Guest OS different in described shared drive and described Hypervisor shares is isolated mutually, and the memory headroom that namely in shared drive, any one Guest OS and Hypervisor shares and the memory headroom that another Guest OS and Hypervisor shares are isolation mutually.Such as, in fig. 3, Guest OS 0to share with Hypervisor and for " the VM in the physical memory that records interrupt identification and shared drive 0interrupt identification bit space ", Guest OS 1to share with Hypervisor and for " the VM in the physical memory that records interrupt identification and shared drive 1interrupt identification bit space " and Guest OS 2to share with Hypervisor and for " the VM in the physical memory that records interrupt identification and shared drive 2interrupt identification bit space " be isolation mutually.
As one embodiment of the invention, there is provided interface interrupt identification bit register corresponding with described Guest OS in shared drive is arranged interrupt identification to make described Guest OS call described interface can be to virtualizing operating systems Guest OS: real-time embedded virtual component Hypervisor provides interface to call described interface to make described Guest OS to Guest OS, according to the intermediate address information that described interface provides, by ground floor address maps access intermediate address, described shared drive is accessed by second layer address maps according to described intermediate address, the interrupt identification bit register corresponding with described Guest OS is arranged interrupt identification, such as, use logical zero to represent and close and interrupt, use logical one to represent and open interruption.It should be noted that, because real-time embedded virtual component Hypervisor establishes ground floor address maps and second layer address maps, therefore, Guest OS is when arranging interrupt identification, although be the interface accessing intermediate address provided by aforementioned ground floor address maps and real-time embedded virtual component Hypervisor, then, finally shared drive is had access to by second layer address maps, but in system operation, for Guest OS, from directly to access shared drive not different, namely Guest OS thinks directly to access shared drive, the interrupt identification bit register corresponding with this Guest OS is arranged interrupt identification.
S102, checks described interrupt identification bit register.
As one embodiment of the invention, when checking described interrupt identification bit register, can be that the vectorial abnormality processing function of specifying of execute exception is to check described interrupt identification bit register.Particularly, the physical discontinuity that hardware produces, such as, first common physical interruption or rapid physical interruption etc. are routed to physics core by GIC, physics core runs Hypervisor program, then the exception vector table of Hypervisor is entered into, and the abnormality processing function that the exception vector jumping to Hypervisor is specified, in the interrupt processing process of Hypervisor, check the content of interrupt identification bit register.
In the embodiment of above-mentioned inspection interrupt identification bit register, it can be the clock provided according to real-time embedded virtual component Hypervisor, periodically interrupt identification bit register described in poll, namely described interrupt identification bit register is initiatively checked, also can be under the triggering of the physical discontinuity of hardware generation, check described interrupt identification bit register, i.e. the described interrupt identification bit register of passive inspection.
S103, interrupts if described interrupt identification bit register shows that described Guest OS needs are closed, then forbid sending virtual interrupt to described Guest OS.
Such as, interrupt if use logical zero to represent and close, use logical one to represent and open interruption, then the content being checked through interrupt identification bit register is logical zero, then forbid the physical discontinuity produced to described Guest OS transmission hardware.
The method of closing interruption from the virtualization system that the invention described above embodiment provides is known, because real-time embedded virtual component Hypervisor provides interface to virtualizing operating systems Guest OS, Hypervisor can share with at least one Guest OS and be used for recording the interrupt identification bit register corresponding with described Guest OS in the physical memory of interrupt identification and shared drive and arrange interrupt identification by described Guest OS.With prior art by compared with the method that provides the communication modes of interrupt notification to close to interrupt, the method that the embodiment of the present invention provides does not rely on Hypervisor and Guest OS and jointly compiles, and Hypervisor does not need to share code segment with Guest OS; Be separated because virtualization layer is videoed with Guest OS, undertaken the access of shared drive by virtual address, therefore, interrupt hourly velocity in close/open fast, running efficiency of system is high.
Referring to accompanying drawing 4, is the apparatus structure schematic diagram of closing interruption in the virtualization system that provides of the embodiment of the present invention.For convenience of explanation, illustrate only the part relevant to the embodiment of the present invention.The device of closing interruption in the virtualization system of accompanying drawing 4 example comprises interface provides module 401, zone bit checking module 402 and interrupt holdoff sending module 403, wherein:
Interface provides module 401, to make described Guest OS call described interface, interrupt identification bit register corresponding with described Guest OS in shared drive is arranged interrupt identification for providing interface to virtualizing operating systems Guest OS, described shared drive is that real-time embedded virtual component Hypervisor and at least one Guest OS shares and physical memory for recording interrupt identification, wherein, the memory headroom that different in described shared drive Guest OS and described Hypervisor shares is isolated mutually.
Zone bit checking module 402, with the described interrupt identification bit register of inspection.
Interrupt holdoff sending module 403, if check that described interrupt identification bit register shows that described Guest OS needs are closed and interrupts for described zone bit checking module 402, then forbids sending virtual interrupt to described Guest OS.
It should be noted that, close in the embodiment of the device of interruption in above virtualization system, the division of each functional module only illustrates, can be as required in practical application, the facility of the such as configuration requirement of corresponding hardware or the realization of software is considered, and above-mentioned functions distribution is completed by different functional modules, the inner structure by described cable modem eedle threader is divided into different functional modules, to complete all or part of function described above.And, in practical application, corresponding functional module in the present embodiment can be by corresponding hardware implementing, also can perform corresponding software by corresponding hardware to complete, such as, aforesaid interface provides module, can be have to perform aforementionedly to provide interface with make described Guest OS call hardware that interrupt identification bit register corresponding with described Guest OS in shared drive to be arranged interrupt identification by described interface to virtualizing operating systems Guest OS, such as interface provider, also can be general processor or other hardware devices that can perform corresponding computer program thus complete aforementioned function, for another example aforesaid zone bit checking module, can be that there is the hardware performing the described interrupt flag bit register functions of aforementioned inspection, such as zone bit detector also can be general processor or other hardware devices (each embodiment that this instructions provides all can apply foregoing description principle) that can perform corresponding computer program thus complete aforementioned function.
The interface of accompanying drawing 4 example provides module 401 can comprise interface interchange unit 501 and interrupt identification setting unit 502, closes the device of interruption in the virtualization system that another embodiment of the present invention provides as shown in Figure 5, wherein:
Interface interchange unit 501, calls described interface for providing interface to virtualizing operating systems Guest OS to make described Guest OS;
Interrupt identification setting unit 502, for the intermediate address information provided according to described interface, by ground floor address maps access intermediate address, according to described intermediate address and by second layer address maps, the interrupt identification bit register corresponding with described Guest OS is arranged interrupt identification, described ground floor address maps is the mapping of described Guest OS to intermediate address, described second layer address maps is the mapping of described intermediate address to physical memory addresses, and described physical memory comprises described shared drive.
The device of closing interruption in the virtualization system of accompanying drawing 4 or accompanying drawing 5 example can also comprise mapping and set up module 601 and shared drive sets up module 602, the device of interruption is closed in the virtualization system that another embodiment of the present invention provides as shown in accompanying drawing 6a or accompanying drawing 6b, wherein:
Module 601 is set up in mapping, for setting up Guest OS to the mapping of intermediate address and described intermediate address to the mapping of physical memory addresses.
Shared drive sets up module 602, and for setting up described shared drive, the memory headroom that Guest OS different in described shared drive and described Hypervisor shares is isolated mutually.
The clock that the zone bit checking module 402 of accompanying drawing 4 example can provide according to real-time embedded virtual component Hypervisor, periodically interrupt identification bit register described in poll, under the triggering of the physical discontinuity that also can produce at hardware, check described interrupt identification bit register.Zone bit checking module 402 can comprise the first performance element 701, closes the device of interruption in the virtualization system that another embodiment of the present invention provides as shown in Figure 7,
Performance element 701, for the vectorial abnormality processing function of specifying of execute exception to check described interrupt identification bit register.Particularly, the physical discontinuity that hardware produces, such as, first common physical interruption or rapid physical interruption etc. are routed to physics core by GIC, physics core runs Hypervisor program, then the exception vector table of Hypervisor is entered into, and the abnormality processing function that the exception vector jumping to Hypervisor is specified, the abnormality processing function that in performance element 701 execute exception vector table, exception vector is specified in the interrupt processing process of Hypervisor is to check the content of interrupt identification bit register.
It should be noted that, the content such as information interaction, implementation between each module/unit of said apparatus, due to the inventive method embodiment based on same design, its technique effect brought is identical with the inventive method embodiment, particular content see describing in the inventive method embodiment, can repeat no more herein.
The all or part of step that one of ordinary skill in the art will appreciate that in the various methods of above-described embodiment is that the hardware that can carry out instruction relevant by program has come, such as following various method one or more or all:
There is provided interface, to make described Guest OS call described interface, interrupt identification bit register corresponding with described Guest OS in shared drive is arranged interrupt identification to virtualizing operating systems Guest OS, described shared drive is that real-time embedded virtual component Hypervisor and at least one Guest OS shares and physical memory for recording interrupt identification;
Check described interrupt identification bit register;
Interrupt if described interrupt identification bit register shows that described Guest OS needs are closed, then forbid sending virtual interrupt to described Guest OS.
One of ordinary skill in the art will appreciate that all or part of step in the various methods of above-described embodiment is that the hardware that can carry out instruction relevant by program has come, this program can be stored in a computer-readable recording medium, storage medium can comprise: ROM (read-only memory) (ROM, Read Only Memory), random access memory (RAM, Random Access Memory), disk or CD etc.
The method and apparatus of closing interruption in the virtualization system provided the embodiment of the present invention is above described in detail, apply specific case herein to set forth principle of the present invention and embodiment, the explanation of above embodiment just understands method of the present invention and core concept thereof for helping; Meanwhile, for one of ordinary skill in the art, according to thought of the present invention, all will change in specific embodiments and applications, in sum, this description should not be construed as limitation of the present invention.

Claims (8)

1. close a method for interruption in virtualization system, it is characterized in that, described method comprises:
There is provided interface, to make described Guest OS call described interface, interrupt identification bit register corresponding with described Guest OS in shared drive is arranged interrupt identification to virtualizing operating systems Guest OS, described shared drive is that real-time embedded virtual component Hypervisor and at least one Guest OS shares and physical memory for recording interrupt identification, and the memory headroom that Guest OS different in described shared drive and described Hypervisor shares is isolated mutually;
Check described interrupt identification bit register;
Interrupt if described interrupt identification bit register shows that described Guest OS needs are closed, then forbid sending virtual interrupt to described Guest OS;
Describedly provide interface, to make described Guest OS call described interface, interrupt identification bit register corresponding with described Guest OS in shared drive is arranged interrupt identification to virtualizing operating systems Guest OS, comprising:
Interface is provided to call described interface to make described Guest OS to virtualizing operating systems Guest OS;
According to the intermediate address information that described interface provides, by ground floor address maps access intermediate address, access described shared drive according to described intermediate address by second layer address maps, the interrupt identification bit register corresponding with described Guest OS arranged interrupt identification.
2. the method for claim 1, is characterized in that, described to virtualizing operating systems Guest OS provide interface with make described Guest OS interrupt identification bit register corresponding with described Guest OS in shared drive arranged interrupt identification before also comprise:
Set up Guest OS to the mapping of intermediate address and described intermediate address to the mapping of physical memory addresses;
Set up described shared drive.
3. the method for claim 1, is characterized in that, the described interrupt identification bit register of described inspection comprises:
According to the clock that described Hypervisor provides, periodically interrupt identification bit register described in poll; Or
Under the triggering of the physical discontinuity of hardware generation, check described interrupt identification bit register.
4. method as claimed in claim 3, it is characterized in that, the described interrupt identification bit register of described inspection comprises:
The abnormality processing function that execute exception vector is specified is to check described interrupt identification bit register.
5. close a device for interruption in virtualization system, it is characterized in that, described device comprises:
Interface provides module, to make described Guest OS call described interface, interrupt identification bit register corresponding with described Guest OS in shared drive is arranged interrupt identification for providing interface to virtualizing operating systems Guest OS, described shared drive is that real-time embedded virtual component Hypervisor and at least one GuestOS shares and physical memory for recording interrupt identification, and the memory headroom that Guest OS different in described shared drive and described Hypervisor shares is isolated mutually;
Zone bit checking module, for checking described interrupt identification bit register;
Interrupt holdoff sending module, if check that described interrupt identification bit register shows that described Guest OS needs are closed and interrupts for described zone bit checking module, then forbids sending virtual interrupt to described Guest OS;
Described interface provides module to comprise:
Interface interchange unit, calls described interface for providing interface to virtualizing operating systems Guest OS to make described Guest OS;
Interrupt identification setting unit, for the intermediate address information provided according to described interface, by ground floor address maps access intermediate address, access described shared drive according to described intermediate address by second layer address maps, the interrupt identification bit register corresponding with described Guest OS arranged interrupt identification.
6. device as claimed in claim 5, it is characterized in that, described device also comprises:
Module is set up in mapping, for setting up Guest OS to the mapping of intermediate address and described intermediate address to the mapping of physical memory addresses;
Shared drive sets up module, for setting up described shared drive.
7. device as claimed in claim 5, is characterized in that, the clock that described zone bit checking module provides according to described Hypervisor, periodically interrupt identification bit register described in poll; Or
Under the triggering of the physical discontinuity that zone bit checking module produces at hardware, check described interrupt identification bit register.
8. device as claimed in claim 7, it is characterized in that, described zone bit checking module comprises:
Performance element, for the vectorial abnormality processing function of specifying of execute exception to check described interrupt identification bit register.
CN201210207137.5A 2012-06-21 2012-06-21 Method and device for closing interrupt in virtualization system Active CN102799480B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201210207137.5A CN102799480B (en) 2012-06-21 2012-06-21 Method and device for closing interrupt in virtualization system
PCT/CN2013/070810 WO2013189180A1 (en) 2012-06-21 2013-01-22 Method and device for disabling interruption in virtualization system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201210207137.5A CN102799480B (en) 2012-06-21 2012-06-21 Method and device for closing interrupt in virtualization system

Publications (2)

Publication Number Publication Date
CN102799480A CN102799480A (en) 2012-11-28
CN102799480B true CN102799480B (en) 2015-06-17

Family

ID=47198595

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201210207137.5A Active CN102799480B (en) 2012-06-21 2012-06-21 Method and device for closing interrupt in virtualization system

Country Status (2)

Country Link
CN (1) CN102799480B (en)
WO (1) WO2013189180A1 (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102799480B (en) * 2012-06-21 2015-06-17 华为技术有限公司 Method and device for closing interrupt in virtualization system
CN111240898B (en) * 2020-01-09 2023-08-15 中瓴智行(成都)科技有限公司 Method and system for realizing black box based on Hypervisor
CN116382856B (en) * 2023-06-02 2023-09-26 麒麟软件有限公司 Method for enhancing system instantaneity based on virtualized nesting

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101620547A (en) * 2009-07-03 2010-01-06 中国人民解放军国防科学技术大学 Virtual physical interrupt processing method of X86 computer
CN102279769A (en) * 2011-07-08 2011-12-14 西安交通大学 Embedded-Hypervisor-oriented interruption virtualization operation method

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060005190A1 (en) * 2004-06-30 2006-01-05 Microsoft Corporation Systems and methods for implementing an operating system in a virtual machine environment
CN101398768B (en) * 2008-10-28 2011-06-15 北京航空航天大学 Construct method of distributed virtual machine monitor system
CN102799480B (en) * 2012-06-21 2015-06-17 华为技术有限公司 Method and device for closing interrupt in virtualization system

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101620547A (en) * 2009-07-03 2010-01-06 中国人民解放军国防科学技术大学 Virtual physical interrupt processing method of X86 computer
CN102279769A (en) * 2011-07-08 2011-12-14 西安交通大学 Embedded-Hypervisor-oriented interruption virtualization operation method

Also Published As

Publication number Publication date
CN102799480A (en) 2012-11-28
WO2013189180A1 (en) 2013-12-27

Similar Documents

Publication Publication Date Title
JP6864749B2 (en) Intermediate host integrated circuit between virtual machine instance and customer programmable logic circuit
US10838755B2 (en) Transparent secure interception handling
US9529650B2 (en) Method and apparatus for accessing hardware resource
US10592434B2 (en) Hypervisor-enforced self encrypting memory in computing fabric
CN101364184B (en) Spinning cycle detection in environment of virtual machine
US8479208B2 (en) System partitioning to present software as platform level functionality including mode logic to maintain and enforce partitioning in first and configure partitioning in second mode
US9454676B2 (en) Technologies for preventing hook-skipping attacks using processor virtualization features
US8151264B2 (en) Injecting virtualization events in a layered virtualization architecture
US20150281336A1 (en) Distributable computational units in a continuous computing fabric environment
US20140053272A1 (en) Multilevel Introspection of Nested Virtual Machines
US9841987B2 (en) Transparent secure interception handling
US11163597B2 (en) Persistent guest and software-defined storage in computing fabric
Bazargan et al. State-of-the-art of virtualization, its security threats and deployment models
US10956188B2 (en) Transparent interpretation of guest instructions in secure virtual machine environment
US20080082881A1 (en) In situ processor margin testing
KR20210154769A (en) Micro kernel-based extensible hypervisor
US20100169884A1 (en) Injecting transactions to support the virtualization of a physical device controller
JP7465046B2 (en) Injecting interrupts and exceptions into the secure virtual machine
CN102799480B (en) Method and device for closing interrupt in virtualization system
US11029991B2 (en) Dispatch of a secure virtual machine
US11656888B2 (en) Performing an application snapshot using process virtual machine resources
US9747118B2 (en) Guest-specific microcode
US11182183B2 (en) Workload placement using conflict cost
US8291415B2 (en) Paging instruction for a virtualization engine to local storage
Bazargan et al. Understanding the security challenges of virtualized environments

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
TR01 Transfer of patent right

Effective date of registration: 20191225

Address after: Room 302, No. 8319, Yanshan Road, Bengbu City, Anhui Province

Patentee after: Bengbu Lichao Information Technology Co., Ltd

Address before: 518129 Bantian HUAWEI headquarters office building, Longgang District, Guangdong, Shenzhen

Patentee before: Huawei Technologies Co., Ltd.

TR01 Transfer of patent right
TR01 Transfer of patent right

Effective date of registration: 20201016

Address after: 226000 No. 998 Century Avenue, hi tech Zone, Jiangsu, Nantong

Patentee after: NANTONG HANGDA ELECTRONIC TECHNOLOGY Co.,Ltd.

Address before: Room 302, No. 8319, Yanshan Road, Bengbu City, Anhui Province

Patentee before: Bengbu Lichao Information Technology Co.,Ltd.

TR01 Transfer of patent right