Virtual Machine Interface
CPU Privilege Level
There are four privilege level in x86 architecture, but most of OSes use only two privilege level. Therefore we can modify OSes to run in ring 1 and preserve ring 0 for Xen hypervisor. So that privilege instruction will trap to hypervisor for updating and validating.Exception
Guest OSes can register exception handler table to Xen Hypervisor . If the handler's code segment is not run in ring 0, Xen create a copy of exception stack frame on guest OS then transfer control to appropriate handler.Due to observe that system call is one of most frequently happened exception, improving system call's performance can largely effect overall system.To improve system call performance, Xen can check if any code segment of handler is in ring 0 when guest register exception handler. If there are no code segment in ring 0, guest OSes can directly execute the system call handler.
Memory Management
There are two TLB mechanism apply to Xen, that is software-managed TLB and tagged TLB. With software-managed TLB , Xen can manage TLB directly. Tagged TLB associate each TLB entry with an address-specific identifier so that hypervisor and each guest can maintain their TLB in the same time.There two principal in Xen's memory management. First , guest is response for allocating hardware page table. Second, Xen located in first 64 MB of every address space.
Device I/O
Different to other full virtualization system, which emulate each device I/O, Xen use an device abstract for device. Every device I/O will be transfer from it's domain to hypervisor by a shared-memory, asynchronous buffer- descriptor rings. In additional, Xen use event-delivery mechanism send back notification to each domain.
Mechanism Design
Control Transfer
Hypercall
To perform privilege instruction, domain U will trigger a software trap and send a hypercal to make Xen perform corresponding action.
