Hypervise Me! - HackMD

# Hypervise Me! J. Angra <table cellborder="1" cellspacing="2"> <tr><td align="center" border="2" style="font-size:24px">Slides</td> </tr> <tr><td align="center" border="2" style="font-size:16px"> <a href="https://hackmd.io/@bynx/rkedorfBF">https://hackmd.io/@bynx/rkedorfBF</a> </td> </tr> </table> --- ## So... What's a _Hypervisor_? Hypervisors, and their Virtual Machine Monitors (VMMs), create, manage, monitor, and allocate virtualized hardware to Guest kernels <table style="width:100%;margin-bottom:-35px" border="0"> <tr><td> <figure style="margin-left:-100px;font-size:18px"> <center>  <svg width="544pt" height="" viewBox="0.00 0.00 744.00 302.80" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"> <g id="graph0" class="graph" transform="scale(1 1) rotate(0) translate(4 298.8)"> <g id="clust3" class="cluster"> <title>cluster_vmm</title> <polygon fill="#add8e6" stroke="#000000" points="64,-80 64,-230.8 728,-230.8 728,-80 64,-80"></polygon> <text text-anchor="middle" x="396" y="-88.2" font-family="Times,serif" font-size="14.00" fill="#000000">Hypervisor / VMM</text> </g>  <g id="node1" class="node"> <title>guest_node</title> <polygon fill="#a52a2a" stroke="#000000" stroke-width="3" points="504,-294.8 292,-294.8 288,-290.8 288,-258.8 500,-258.8 504,-262.8 504,-294.8"></polygon> <polyline fill="none" stroke="#000000" stroke-width="3" points="500,-290.8 288,-290.8 "></polyline> <polyline fill="none" stroke="#000000" stroke-width="3" points="500,-290.8 500,-258.8 "></polyline> <polyline fill="none" stroke="#000000" stroke-width="3" points="500,-290.8 504,-294.8 "></polyline> <text text-anchor="middle" x="396" y="-272.6" font-family="Times,serif" font-size="14.00" fill="#000000">Guest OS</text> </g>  <g id="node2" class="node"> <title>d_node</title> <path fill="#ffc0cb" stroke="#000000" d="M264,-186.3C264,-186.3 528,-186.3 528,-186.3 534,-186.3 540,-192.3 540,-198.3 540,-198.3 540,-210.3 540,-210.3 540,-216.3 534,-222.3 528,-222.3 528,-222.3 264,-222.3 264,-222.3 258,-222.3 252,-216.3 252,-210.3 252,-210.3 252,-198.3 252,-198.3 252,-192.3 258,-186.3 264,-186.3"></path> <text text-anchor="middle" x="395.8184" y="-200.1" font-family="Times,serif" font-size="14.00" fill="#000000">Dispatcher</text> </g>  <g id="edge1" class="edge"> <title>guest_node->d_node</title> <path fill="none" stroke="#000000" d="M467.4287,-258.5052C477.4767,-249.8534 479.6134,-239.3759 473.8387,-229.9477"></path> <polygon fill="#000000" stroke="#000000" points="476.3668,-227.5227 467.1273,-222.3378 471.1168,-232.1528 476.3668,-227.5227"></polygon> </g>  <g id="edge6" class="edge"> <title>d_node->guest_node</title> <path fill="none" stroke="#000000" d="M324.8727,-222.3378C314.6677,-230.9531 312.3741,-241.4226 317.9917,-250.8714"></path> <polygon fill="#000000" stroke="#000000" points="315.3914,-253.2155 324.5713,-258.5052 320.6938,-248.6454 315.3914,-253.2155"></polygon> </g>  <g id="node3" class="node"> <title>a_node</title> <path fill="#ffc0cb" stroke="#000000" d="M84,-113.3C84,-113.3 276,-113.3 276,-113.3 282,-113.3 288,-119.3 288,-125.3 288,-125.3 288,-137.3 288,-137.3 288,-143.3 282,-149.3 276,-149.3 276,-149.3 84,-149.3 84,-149.3 78,-149.3 72,-143.3 72,-137.3 72,-137.3 72,-125.3 72,-125.3 72,-119.3 78,-113.3 84,-113.3"></path> <text text-anchor="middle" x="179.9341" y="-127.1" font-family="Times,serif" font-size="14.00" fill="#000000">Allocator</text> </g>  <g id="edge2" class="edge"> <title>d_node->a_node</title> <path fill="none" stroke="#000000" d="M271.618,-186.2551C231.2404,-176.5157 193.8348,-164.3975 171.5933,-154.0207"></path> <polygon fill="#000000" stroke="#000000" points="172.9855,-150.8022 162.4851,-149.3904 169.8132,-157.0421 172.9855,-150.8022"></polygon> </g>  <g id="node4" class="node"> <title>i_node</title> <path fill="#ffc0cb" stroke="#000000" d="M516,-113.3C516,-113.3 708,-113.3 708,-113.3 714,-113.3 720,-119.3 720,-125.3 720,-125.3 720,-137.3 720,-137.3 720,-143.3 714,-149.3 708,-149.3 708,-149.3 516,-149.3 516,-149.3 510,-149.3 504,-143.3 504,-137.3 504,-137.3 504,-125.3 504,-125.3 504,-119.3 510,-113.3 516,-113.3"></path> <text text-anchor="middle" x="611.9499" y="-127.1" font-family="Times,serif" font-size="14.00" fill="#000000">Interpreter Routine</text> </g>  <g id="edge3" class="edge"> <title>d_node->i_node</title> <path fill="none" stroke="#000000" d="M378.4046,-186.2551C399.2358,-174.499 444.9098,-159.2768 493.9838,-147.8351"></path> <polygon fill="#000000" stroke="#000000" points="494.86,-151.2254 503.8376,-145.5993 493.311,-144.3989 494.86,-151.2254"></polygon> </g>  <g id="edge4" class="edge"> <title>a_node->d_node</title> <path fill="none" stroke="#000000" d="M288.1624,-145.5993C334.711,-155.8686 379.5121,-169.9186 404.6611,-181.6982"></path> <polygon fill="#000000" stroke="#000000" points="403.097,-184.8294 413.5954,-186.2551 406.2775,-178.5936 403.097,-184.8294"></polygon> </g>  <g id="node5" class="node"> <title>physical_node</title> <polygon fill="#c0c0c0" stroke="#000000" stroke-width="3" points="360,-72 4,-72 0,-68 0,-36 356,-36 360,-40 360,-72"></polygon> <polyline fill="none" stroke="#000000" stroke-width="3" points="356,-68 0,-68 "></polyline> <polyline fill="none" stroke="#000000" stroke-width="3" points="356,-68 356,-36 "></polyline> <polyline fill="none" stroke="#000000" stroke-width="3" points="356,-68 360,-72 "></polyline> <text text-anchor="middle" x="180" y="-49.8" font-family="Times,serif" font-size="14.00" fill="#000000">Physical (Bare-Metal) Hardware</text> </g>  <g id="edge8" class="edge"> <title>a_node->physical_node</title> <path fill="none" stroke="#000000" d="M109.921,-112.981C98.1618,-103.0654 95.8989,-90.6541 103.1323,-79.7781"></path> <polygon fill="#000000" stroke="#000000" points="105.9092,-81.9279 110.0776,-72.1875 100.7448,-77.2025 105.9092,-81.9279"></polygon> </g>  <g id="edge5" class="edge"> <title>i_node->d_node</title> <path fill="none" stroke="#000000" d="M629.5149,-149.3904C610.9566,-159.8395 572.8236,-173.0155 530.1385,-183.8413"></path> <polygon fill="#000000" stroke="#000000" points="529.2487,-180.4558 520.382,-186.2551 530.9299,-187.251 529.2487,-180.4558"></polygon> </g>  <g id="edge7" class="edge"> <title>physical_node->a_node</title> <path fill="none" stroke="#000000" d="M249.9224,-72.1875C261.7656,-82.0809 264.1125,-94.4879 256.9632,-105.3775"></path> <polygon fill="#000000" stroke="#000000" points="254.1962,-103.2188 250.079,-112.981 259.3853,-107.917 254.1962,-103.2188"></polygon> </g> </g> </svg> $$\def\sc#1{\dosc#1\csod} \def\dosc#1#2\csod{{\rm #1{\small #2}}}$$ <figcaption style="margin-top:-80px"> $$ \quad\quad \sc{Abstracted\ Hypervisor\ /\ VMM\ Model} $$ </figcaption> </center> </figure> </td></tr></table> The term hypervisor denotes a program that controls supervisors i.e., they supervise the supervisors (OS Kernels) --- ## Why does this matter to us? ( Perspective of a Malicious Actor ) To summize $\dots$ hypervisors provide: - Virtualization - Emulation - Portability - (Secure?) Isolation --- ## Why does this matter to us? ( Perspective of a Malicious Actor ) To summize $\dots$ hypervisors provide: - Virtualization - Emulation - Portability - (Secure?) Isolation $\Rightarrow$ Cloud --- ## Why does this matter to us? ( Perspective of a Malicious Actor ) $$ \def\sc#1{\dosc#1\csod} \def\dosc#1#2\csod{{\rm #1{\small #2}}} $$ Exploitation of a cloud hypervisor provides $\sc{Ring}$ - $-1$ access to the underlying Host Root Mode$\dots$ on an [AWS/Azure/GCP] bare-metal host ;) . . . Think of the possibilities . . . --- <table style="margin-top:-100px"></table> $$ \def\sc#1{\dosc#1\csod} \def\dosc#1#2\csod{{\rm #1{\small #2}}} $$ ## $\sc{Ring}$ - $-1$? Wat? Modern x86 Intel and AMD CPUs support x86 virtualization $\Rightarrow$ This provides a Guest OS access to HW in $\sc{Ring}$ - $0$ How? Both Intel VT-x and AMD SVM insert a higher privilege level, $\sc{Ring}$ - $-1$, by adding new machine code instructions to the host kernel $\Rightarrow$ Guest OS runs at intended privilege $\sc{(Ring}$ - $0)$ $\Rightarrow$ VMM runs in the **"Root Mode"** ring $\sc{(Ring}$ - $-1)$ --- ## Flavours of Hypervisors $$\def\sc#1{\dosc#1\csod} \def\dosc#1#2\csod{{\rm #1{\small #2}}}$$ <table cellspacing="0" cellborder="0" border="0" style="align:left;margin-left:-100px;margin-top:-85px;height:100%"> <tr> <td style="font-size:18px"> <figure> <center> <figcaption style="font-size:12px;margin:-35px"> $$ \large\textbf{Type-1} \\ [\ \sc{NATIVE,\ BARE-METAL\ \ HYPERVISORS}\ ]\\ $$ </figcaption> ---  <svg width="265pt" height="" viewBox="0.00 0.00 371.00 168.80" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"> <g id="graph0" class="graph" transform="scale(1 1) rotate(0) translate(4 164.8)"> <polygon fill="#a52a2a" stroke="transparent" points="11.5,-127.8 11.5,-153.8 94.5,-153.8 94.5,-127.8 11.5,-127.8"></polygon> <polygon fill="none" stroke="#000000" stroke-width="3" points="13,-129.3 13,-152.3 93,-152.3 93,-129.3 13,-129.3"></polygon> <text text-anchor="start" x="20.7272" y="-136.2" font-family="Times,serif" font-size="14.00" fill="#000000">Guest OS 1</text> <polygon fill="#a52a2a" stroke="transparent" stroke-width="3" points="97.5,-127.8 97.5,-153.8 180.5,-153.8 180.5,-127.8 97.5,-127.8"></polygon> <polygon fill="none" stroke="#000000" stroke-width="3" points="99,-129.3 99,-152.3 179,-152.3 179,-129.3 99,-129.3"></polygon> <text text-anchor="start" x="106.7272" y="-136.2" font-family="Times,serif" font-size="14.00" fill="#000000">Guest OS 2</text> <polygon fill="#a52a2a" stroke="transparent" stroke-width="3" points="183.5,-127.8 183.5,-153.8 266.5,-153.8 266.5,-127.8 183.5,-127.8"></polygon> <polygon fill="none" stroke="#000000" stroke-width="3" points="185,-129.3 185,-152.3 265,-152.3 265,-129.3 185,-129.3"></polygon> <text text-anchor="start" x="192.7272" y="-136.2" font-family="Times,serif" font-size="14.00" fill="#000000">Guest OS 3</text> <polygon fill="#a52a2a" stroke="transparent" stroke-width="3" points="269.5,-127.8 269.5,-153.8 352.5,-153.8 352.5,-127.8 269.5,-127.8"></polygon> <polygon fill="none" stroke="#000000" stroke-width="3" points="271,-129.3 271,-152.3 351,-152.3 351,-129.3 271,-129.3"></polygon> <text text-anchor="start" x="278.7272" y="-136.2" font-family="Times,serif" font-size="14.00" fill="#000000">Guest OS 4</text> <polygon fill="#add8e6" stroke="transparent" stroke-width="3" points="11.5,-74.8 11.5,-124.8 352.5,-124.8 352.5,-74.8 11.5,-74.8"></polygon> <polygon fill="none" stroke="#000000" stroke-width="3" points="13,-76.3 13,-123.3 351,-123.3 351,-76.3 13,-76.3"></polygon> <text text-anchor="start" x="127.568" y="-95.6" font-family="Times,serif" font-size="14.00" fill="#000000">Hypervisor / VMM</text> <polygon fill="#c0c0c0" stroke="transparent" stroke-width="3" points="11.5,-31.8 11.5,-71.8 352.5,-71.8 352.5,-31.8 11.5,-31.8"></polygon> <polygon fill="none" stroke="#000000" stroke-width="3" points="13,-33.3 13,-70.3 351,-70.3 351,-33.3 13,-33.3"></polygon> <text text-anchor="start" x="105.0287" y="-47.6" font-family="Times,serif" font-size="14.00" fill="#000000">Physical (Bare-Metal) Host</text> </g> </g> </svg> </center> </figure> **$\rightarrow$** $[\dots]$ securely multiplex the processor between Guests **$\rightarrow$** $[\dots]$ run in privileged mode and enforces protection for memory and IO ports **$\rightarrow$** $[\dots]$ allocate$/$manage resources and implements the virtualization layer --- _e.g.,_ ESXi, QEMU, KVM, Xen Server </td> <td style="font-size:18px"> <figure> <center> <figcaption style="font-size:12px;margin:-35px"> $$ \large\textbf{Type-2} \\ [\ \sc{HOSTED\ HYPERVISORS}\ ]\\ $$ </figcaption> ---  <svg width="241pt" height="" viewBox="0.00 0.00 371.00 186.80" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"> <g id="graph0" class="graph" transform="scale(1 1) rotate(0) translate(4 182.8)"> <polygon fill="#a52a2a" stroke="transparent" points="11.5,-145.8 11.5,-171.8 94.5,-171.8 94.5,-145.8 11.5,-145.8"></polygon> <polygon fill="none" stroke="#000000" stroke-width="3" points="13,-147.3 13,-170.3 93,-170.3 93,-147.3 13,-147.3"></polygon> <text text-anchor="start" x="20.7272" y="-154.2" font-family="Times,serif" font-size="14.00" fill="#000000">Guest OS 1</text> <polygon fill="#a52a2a" stroke="transparent" stroke-width="3" points="97.5,-145.8 97.5,-171.8 180.5,-171.8 180.5,-145.8 97.5,-145.8"></polygon> <polygon fill="none" stroke="#000000" stroke-width="3" points="99,-147.3 99,-170.3 179,-170.3 179,-147.3 99,-147.3"></polygon> <text text-anchor="start" x="106.7272" y="-154.2" font-family="Times,serif" font-size="14.00" fill="#000000">Guest OS 2</text> <polygon fill="#a52a2a" stroke="transparent" stroke-width="3" points="183.5,-145.8 183.5,-171.8 266.5,-171.8 266.5,-145.8 183.5,-145.8"></polygon> <polygon fill="none" stroke="#000000" stroke-width="3" points="185,-147.3 185,-170.3 265,-170.3 265,-147.3 185,-147.3"></polygon> <text text-anchor="start" x="192.7272" y="-154.2" font-family="Times,serif" font-size="14.00" fill="#000000">Guest OS 3</text> <polygon fill="#a52a2a" stroke="transparent" stroke-width="3" points="269.5,-145.8 269.5,-171.8 352.5,-171.8 352.5,-145.8 269.5,-145.8"></polygon> <polygon fill="none" stroke="#000000" stroke-width="3" points="271,-147.3 271,-170.3 351,-170.3 351,-147.3 271,-147.3"></polygon> <text text-anchor="start" x="278.7272" y="-154.2" font-family="Times,serif" font-size="14.00" fill="#000000">Guest OS 4</text> <polygon fill="#add8e6" stroke="transparent" stroke-width="3" points="11.5,-102.8 11.5,-142.8 352.5,-142.8 352.5,-102.8 11.5,-102.8"></polygon> <polygon fill="none" stroke="#000000" stroke-width="3" points="13,-104.3 13,-141.3 351,-141.3 351,-104.3 13,-104.3"></polygon> <text text-anchor="start" x="127.568" y="-118.6" font-family="Times,serif" font-size="14.00" fill="#000000">Hypervisor / VMM</text> <polygon fill="#da70d6" stroke="transparent" stroke-width="3" points="11.5,-64.8 11.5,-99.8 352.5,-99.8 352.5,-64.8 11.5,-64.8"></polygon> <polygon fill="none" stroke="#000000" stroke-width="3" points="13,-66.3 13,-98.3 351,-98.3 351,-66.3 13,-66.3"></polygon> <text text-anchor="start" x="158.0845" y="-78.1" font-family="Times,serif" font-size="14.00" fill="#000000">Host OS</text> <polygon fill="#c0c0c0" stroke="transparent" stroke-width="3" points="11.5,-31.8 11.5,-61.8 352.5,-61.8 352.5,-31.8 11.5,-31.8"></polygon> <polygon fill="none" stroke="#000000" stroke-width="3" points="13,-33.3 13,-60.3 351,-60.3 351,-33.3 13,-33.3"></polygon> <text text-anchor="start" x="105.0287" y="-42.6" font-family="Times,serif" font-size="14.00" fill="#000000">Physical (Bare-Metal) Host</text> </g> </g> </svg> </center> </figure> **$\rightarrow$** $[\dots]$ are installed and operate via OS-level virtualization **$\rightarrow$** $[\dots]$ act and operate as any other userspace process **$\rightarrow$** $[\dots]$ leverage the OS kernel to enforce (userspace) isolation of Guest resources (CPU/MEM/etc.) --- _e.g.,_ Virtualbox, VMWare Fusion, QEMU, KVM, Docker, LXC, chroot </td> <td style="font-size:18px"> <figure><center> <figcaption style="font-size:12px;margin:-35px" > $$ \large\textbf{Type-X} \\ [\ \sc{HYBRID\ HYPERVISORS}\ ]\\ $$ </figcaption> ---  <svg width="356pt" height="" viewBox="0.00 0.00 446.00 148.80" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"> <g id="graph0" class="graph" transform="scale(1 1) rotate(0) translate(4 144.8)"> <polygon fill="#da70d6" stroke="transparent" points="11,-64.8 11,-133.8 83,-133.8 83,-64.8 11,-64.8"></polygon> <polygon fill="none" stroke="#000000" stroke-width="3" points="12.5,-66.3 12.5,-132.3 81.5,-132.3 81.5,-66.3 12.5,-66.3"></polygon> <text text-anchor="start" x="23.0845" y="-95.1" font-family="Times,serif" font-size="14.00" fill="#000000">Host OS</text> <polygon fill="#a52a2a" stroke="transparent" stroke-width="3" points="86,-107.8 86,-133.8 169,-133.8 169,-107.8 86,-107.8"></polygon> <polygon fill="none" stroke="#000000" stroke-width="3" points="87.5,-109.3 87.5,-132.3 167.5,-132.3 167.5,-109.3 87.5,-109.3"></polygon> <text text-anchor="start" x="95.2272" y="-116.2" font-family="Times,serif" font-size="14.00" fill="#000000">Guest OS 1</text> <polygon fill="#a52a2a" stroke="transparent" stroke-width="3" points="172,-107.8 172,-133.8 255,-133.8 255,-107.8 172,-107.8"></polygon> <polygon fill="none" stroke="#000000" stroke-width="3" points="173.5,-109.3 173.5,-132.3 253.5,-132.3 253.5,-109.3 173.5,-109.3"></polygon> <text text-anchor="start" x="181.2272" y="-116.2" font-family="Times,serif" font-size="14.00" fill="#000000">Guest OS 2</text> <polygon fill="#a52a2a" stroke="transparent" stroke-width="3" points="258,-107.8 258,-133.8 341,-133.8 341,-107.8 258,-107.8"></polygon> <polygon fill="none" stroke="#000000" stroke-width="3" points="259.5,-109.3 259.5,-132.3 339.5,-132.3 339.5,-109.3 259.5,-109.3"></polygon> <text text-anchor="start" x="267.2272" y="-116.2" font-family="Times,serif" font-size="14.00" fill="#000000">Guest OS 3</text> <polygon fill="#a52a2a" stroke="transparent" stroke-width="3" points="344,-107.8 344,-133.8 427,-133.8 427,-107.8 344,-107.8"></polygon> <polygon fill="none" stroke="#000000" stroke-width="3" points="345.5,-109.3 345.5,-132.3 425.5,-132.3 425.5,-109.3 345.5,-109.3"></polygon> <text text-anchor="start" x="353.2272" y="-116.2" font-family="Times,serif" font-size="14.00" fill="#000000">Guest OS 4</text> <polygon fill="#add8e6" stroke="transparent" stroke-width="3" points="86,-64.8 86,-104.8 427,-104.8 427,-64.8 86,-64.8"></polygon> <polygon fill="none" stroke="#000000" stroke-width="3" points="87.5,-66.3 87.5,-103.3 425.5,-103.3 425.5,-66.3 87.5,-66.3"></polygon> <text text-anchor="start" x="202.068" y="-80.6" font-family="Times,serif" font-size="14.00" fill="#000000">Hypervisor / VMM</text> <polygon fill="#c0c0c0" stroke="transparent" stroke-width="3" points="11,-31.8 11,-61.8 427,-61.8 427,-31.8 11,-31.8"></polygon> <polygon fill="none" stroke="#000000" stroke-width="3" points="12.5,-33.3 12.5,-60.3 425.5,-60.3 425.5,-33.3 12.5,-33.3"></polygon> <text text-anchor="start" x="142.0287" y="-42.6" font-family="Times,serif" font-size="14.00" fill="#000000">Physical (Bare-Metal) Host</text> </g> </g> </svg> </center> </figure> **$\rightarrow$** $[\dots]$ combine attributes of Type-1 and Type-2 **$\rightarrow$** $[\dots]$ run as a "thin" hypervisor managed by a service OS **$\rightarrow$** $[\dots]$ manage CPU and MEM directly **$\rightarrow$** $[\dots]$ provide Guests access to (para-virtualized) I/O devices through a service OS --- <center> _e.g.,_ Microsoft Hyper-V </center> </td> </tr> </table> --- # Hyper-V --- ## Hyper-V: An Overview The Hyper-V Core is composed of the hypervisor kernel, loader, boot driver, and debugger transport The Hyper-V Virtualization Stack and VMM reside in the Root OS <figure><center>  <svg width="523pt" height="" viewBox="0.00 0.00 823.00 295.00" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"> <g id="graph0" class="graph" transform="scale(1 1) rotate(0) translate(4 291)"> <polygon fill="none" stroke="#000000" stroke-width="3" points="13,-192 13,-278 224,-278 224,-192 13,-192"></polygon> <polygon fill="#da70d6" stroke="transparent" stroke-width="3" points="16.5,-195.5 16.5,-274.5 220.5,-274.5 220.5,-195.5 16.5,-195.5"></polygon> <text text-anchor="start" x="79.0263" y="-231.8" font-family="Times,serif" font-weight="bold" text-decoration="underline" font-size="14.00" fill="#000000">Root Partition</text> <polygon fill="none" stroke="#000000" stroke-width="3" points="230,-192 230,-278 416,-278 416,-192 230,-192"></polygon> <polygon fill="#a52a2a" stroke="transparent" stroke-width="3" points="233.5,-195.5 233.5,-274.5 412.5,-274.5 412.5,-195.5 233.5,-195.5"></polygon> <text text-anchor="start" x="259.0417" y="-237.4" font-family="Times,serif" font-weight="bold" text-decoration="underline" font-size="14.00" fill="#000000">Enlightend (Windows)</text> <text text-anchor="start" x="276.331" y="-223.4" font-family="Times,serif" font-weight="bold" text-decoration="underline" font-size="14.00" fill="#000000">Child Partition 1</text> <polygon fill="none" stroke="#000000" stroke-width="3" points="422,-192 422,-278 608,-278 608,-192 422,-192"></polygon> <polygon fill="#a52a2a" stroke="transparent" stroke-width="3" points="425.5,-195.5 425.5,-274.5 604.5,-274.5 604.5,-195.5 425.5,-195.5"></polygon> <text text-anchor="start" x="461.1483" y="-237.4" font-family="Times,serif" font-weight="bold" text-decoration="underline" font-size="14.00" fill="#000000">Enlightend (Linux)</text> <text text-anchor="start" x="468.331" y="-223.4" font-family="Times,serif" font-weight="bold" text-decoration="underline" font-size="14.00" fill="#000000">Child Partition 2</text> <polygon fill="none" stroke="#000000" stroke-width="3" points="614,-192 614,-278 800,-278 800,-192 614,-192"></polygon> <polygon fill="#a52a2a" stroke="transparent" stroke-width="3" points="617.5,-195.5 617.5,-274.5 796.5,-274.5 796.5,-195.5 617.5,-195.5"></polygon> <text text-anchor="start" x="665.7889" y="-237.4" font-family="Times,serif" font-weight="bold" text-decoration="underline" font-size="14.00" fill="#000000">Unenlightened</text> <text text-anchor="start" x="660.331" y="-223.4" font-family="Times,serif" font-weight="bold" text-decoration="underline" font-size="14.00" fill="#000000">Child Partition 3</text> <polygon fill="#add8e6" stroke="transparent" points="11.5,-127.5 11.5,-187.5 804.5,-187.5 804.5,-127.5 11.5,-127.5"></polygon> <polygon fill="none" stroke="#000000" stroke-width="3" points="13,-129 13,-186 803,-186 803,-129 13,-129"></polygon> <text text-anchor="start" x="376.5112" y="-154.3" font-family="Times,serif" font-weight="bold" text-decoration="underline" font-size="14.00" fill="#000000">Hypervisor</text> <polygon fill="#c0c0c0" stroke="transparent" points="11.5,-84.5 11.5,-124.5 804.5,-124.5 804.5,-84.5 11.5,-84.5"></polygon> <polygon fill="none" stroke="#000000" stroke-width="3" points="13,-86 13,-123 803,-123 803,-86 13,-86"></polygon> <text text-anchor="start" x="259.3116" y="-101.3" font-family="Times,serif" font-weight="bold" text-decoration="underline" font-size="14.00" fill="#000000">Physical (Bare-Metal) Host</text> <text text-anchor="start" x="443.2542" y="-101.3" font-family="Times,serif" font-size="14.00" fill="#000000">(Intel-VT)/(AMD-V)</text> </g> </g> </svg> <figcaption style="font-size:16pt;margin-top:-110px"> $$\def\sc#1{\dosc#1\csod} \def\dosc#1#2\csod{{\rm #1{\small #2}}}$$ $$ \sc{HYPER-V}\\ \sc{ABSTRACTED\ ARCHITECTURE} $$ </figcaption> </center> </figure> --- $$\def\sc#1{\dosc#1\csod} \def\dosc#1#2\csod{{\rm #1{\small #2}}}$$ <figure style="font-size:18px;margin-left:-45px;margin-top:-120px;margin-bottom:-20px"> <center> <figcaption> $$ \sc{HYPER-V}\\ \sc{HIGH-LEVEL\ ARCHITECTURE} $$ </figcaption>  <svg width="635pt" height="" viewBox="0.00 0.00 865.00 705.00" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"> <g id="graph0" class="graph" transform="scale(1 1) rotate(0) translate(4 701)"> <polygon fill="none" stroke="#000000" stroke-width="3" points="13,-246 13,-688 266,-688 266,-246 13,-246"></polygon> <polygon fill="#da70d6" stroke="transparent" stroke-width="3" points="16.5,-249.5 16.5,-684.5 262.5,-684.5 262.5,-249.5 16.5,-249.5"></polygon> <text text-anchor="start" x="100.0263" y="-649.8" font-family="Times,serif" font-weight="bold" text-decoration="underline" font-size="13.00" fill="#000000">Root Partition</text> <polygon fill="#edf2f9" stroke="transparent" stroke-width="3" points="18.5,-589.5 18.5,-621.5 260.5,-621.5 260.5,-589.5 18.5,-589.5"></polygon> <polygon fill="none" stroke="#000000" stroke-width="2" points="19.5,-590.5 19.5,-620.5 259.5,-620.5 259.5,-590.5 19.5,-590.5"></polygon> <text text-anchor="start" x="88.7654" y="-601.3" font-family="Times,serif" font-size="14.00" fill="#000000">User Applications</text> <polygon fill="#f7de9c" stroke="transparent" stroke-width="2" points="18.5,-539.5 18.5,-587.5 260.5,-587.5 260.5,-539.5 18.5,-539.5"></polygon> <polygon fill="none" stroke="#000000" stroke-width="2" points="19.5,-540.5 19.5,-586.5 259.5,-586.5 259.5,-540.5 19.5,-540.5"></polygon> <text text-anchor="start" x="120.4565" y="-559.3" font-family="Times,serif" font-size="14.00" fill="#000000">Kernel</text> <polygon fill="#fed15d" stroke="transparent" stroke-width="2" points="18.5,-489.5 18.5,-537.5 260.5,-537.5 260.5,-489.5 18.5,-489.5"></polygon> <polygon fill="none" stroke="#000000" stroke-width="2" points="19.5,-490.5 19.5,-536.5 259.5,-536.5 259.5,-490.5 19.5,-490.5"></polygon> <text text-anchor="start" x="117.3338" y="-509.3" font-family="Times,serif" font-size="14.00" fill="#000000">VMBus</text> <polygon fill="none" stroke="#000000" stroke-width="2" points="19.5,-252.5 19.5,-486.5 259.5,-486.5 259.5,-252.5 19.5,-252.5"></polygon> <polygon fill="#fed15d" stroke="transparent" stroke-width="2" points="22.5,-255.5 22.5,-483.5 256.5,-483.5 256.5,-255.5 22.5,-255.5"></polygon> <polygon fill="#fed15d" stroke="transparent" stroke-width="2" points="24.5,-459.5 24.5,-481.5 254.5,-481.5 254.5,-459.5 24.5,-459.5"></polygon> <text text-anchor="start" x="83.3215" y="-467.3" font-family="Times,serif" font-style="italic" text-decoration="underline" font-size="14.00" fill="#000000">Virtualization Stack</text> <polygon fill="#e48312" stroke="transparent" stroke-width="2" points="24.5,-410.5 24.5,-457.5 254.5,-457.5 254.5,-410.5 24.5,-410.5"></polygon> <polygon fill="none" stroke="#000000" points="24.5,-410.5 24.5,-457.5 254.5,-457.5 254.5,-410.5 24.5,-410.5"></polygon> <text text-anchor="start" x="67.1935" y="-438.2" font-family="Times,serif" font-size="14.00" fill="#000000">VM Management Service</text> <text text-anchor="start" x="113.4502" y="-421.4" font-family="Times,serif" font-size="14.00" fill="#000000">(VMMS)</text> <polygon fill="#e48312" stroke="transparent" points="24.5,-361.5 24.5,-408.5 254.5,-408.5 254.5,-361.5 24.5,-361.5"></polygon> <polygon fill="none" stroke="#000000" points="24.5,-361.5 24.5,-408.5 254.5,-408.5 254.5,-361.5 24.5,-361.5"></polygon> <text text-anchor="start" x="76.1388" y="-389.2" font-family="Times,serif" font-size="14.00" fill="#000000">VM Worker Processes</text> <text text-anchor="start" x="110.3429" y="-372.4" font-family="Times,serif" font-size="14.00" fill="#000000">(VMWPs)</text> <polygon fill="#e48312" stroke="transparent" points="24.5,-313.5 24.5,-359.5 254.5,-359.5 254.5,-313.5 24.5,-313.5"></polygon> <polygon fill="none" stroke="#000000" points="24.5,-313.5 24.5,-359.5 254.5,-359.5 254.5,-313.5 24.5,-313.5"></polygon> <text text-anchor="start" x="40.7699" y="-340.7" font-family="Times,serif" font-size="14.00" fill="#000000">Virtualization Infrastructure Driver</text> <text text-anchor="start" x="122.4025" y="-323.9" font-family="Times,serif" font-size="14.00" fill="#000000">(VID)</text> <polygon fill="#e48312" stroke="transparent" points="24.5,-265.5 24.5,-311.5 254.5,-311.5 254.5,-265.5 24.5,-265.5"></polygon> <polygon fill="none" stroke="#000000" points="24.5,-265.5 24.5,-311.5 254.5,-311.5 254.5,-265.5 24.5,-265.5"></polygon> <text text-anchor="start" x="49.3071" y="-292.7" font-family="Times,serif" font-size="14.00" fill="#000000">Virtualization Service Providers</text> <text text-anchor="start" x="119.2812" y="-275.9" font-family="Times,serif" font-size="14.00" fill="#000000">(VSPs)</text> <polygon fill="none" stroke="#000000" stroke-width="3" points="272,-246 272,-688 458,-688 458,-246 272,-246"></polygon> <polygon fill="#a52a2a" stroke="transparent" stroke-width="3" points="275.5,-249.5 275.5,-684.5 454.5,-684.5 454.5,-249.5 275.5,-249.5"></polygon> <text text-anchor="start" x="301.0417" y="-654.9" font-family="Times,serif" font-weight="bold" text-decoration="underline" font-size="14.00" fill="#000000">Enlightend (Windows)</text> <text text-anchor="start" x="318.331" y="-640.9" font-family="Times,serif" font-weight="bold" text-decoration="underline" font-size="14.00" fill="#000000">Child Partition 1</text> <polygon fill="#edf2f9" stroke="transparent" stroke-width="3" points="277.5,-590.5 277.5,-620.5 452.5,-620.5 452.5,-590.5 277.5,-590.5"></polygon> <polygon fill="none" stroke="#000000" stroke-width="2" points="278.5,-591.5 278.5,-619.5 451.5,-619.5 451.5,-591.5 278.5,-591.5"></polygon> <text text-anchor="start" x="314.2654" y="-601.3" font-family="Times,serif" font-size="14.00" fill="#000000">User Applications</text> <polygon fill="#f7de9c" stroke="transparent" stroke-width="2" points="277.5,-538.5 277.5,-588.5 452.5,-588.5 452.5,-538.5 277.5,-538.5"></polygon> <polygon fill="none" stroke="#000000" stroke-width="2" points="278.5,-539.5 278.5,-587.5 451.5,-587.5 451.5,-539.5 278.5,-539.5"></polygon> <text text-anchor="start" x="345.9565" y="-559.3" font-family="Times,serif" font-size="14.00" fill="#000000">Kernel</text> <polygon fill="#fed15d" stroke="transparent" stroke-width="2" points="277.5,-486.5 277.5,-536.5 452.5,-536.5 452.5,-486.5 277.5,-486.5"></polygon> <polygon fill="none" stroke="#000000" stroke-width="2" points="278.5,-487.5 278.5,-535.5 451.5,-535.5 451.5,-487.5 278.5,-487.5"></polygon> <text text-anchor="start" x="342.8338" y="-507.3" font-family="Times,serif" font-size="14.00" fill="#000000">VMBus</text> <polygon fill="#cccccc" stroke="transparent" stroke-width="2" points="277.5,-454.5 277.5,-484.5 452.5,-484.5 452.5,-454.5 277.5,-454.5"></polygon> <polygon fill="none" stroke="#000000" stroke-width="2" points="278.5,-455.5 278.5,-483.5 451.5,-483.5 451.5,-455.5 278.5,-455.5"></polygon> <text text-anchor="start" x="338.3699" y="-465.3" font-family="Times,serif" font-size="14.00" fill="#000000">I/O Stack</text> <polygon fill="#cccccc" stroke="transparent" stroke-width="2" points="277.5,-422.5 277.5,-452.5 452.5,-452.5 452.5,-422.5 277.5,-422.5"></polygon> <polygon fill="none" stroke="#000000" stroke-width="2" points="278.5,-423.5 278.5,-451.5 451.5,-451.5 451.5,-423.5 278.5,-423.5"></polygon> <text text-anchor="start" x="344.0112" y="-433.3" font-family="Times,serif" font-size="14.00" fill="#000000">Drivers</text> <polygon fill="#fed15d" stroke="transparent" stroke-width="2" points="277.5,-328.5 277.5,-420.5 452.5,-420.5 452.5,-328.5 277.5,-328.5"></polygon> <polygon fill="none" stroke="#000000" stroke-width="2" points="278.5,-329.5 278.5,-419.5 451.5,-419.5 451.5,-329.5 278.5,-329.5"></polygon> <text text-anchor="start" x="303.3839" y="-403.9" font-family="Times,serif" font-size="14.00" fill="#000000">Virtualization Service</text> <text text-anchor="start" x="297.3478" y="-387.1" font-family="Times,serif" font-size="14.00" fill="#000000">Consumers / Integration</text> <text text-anchor="start" x="329.6115" y="-370.3" font-family="Times,serif" font-size="14.00" fill="#000000">Components</text> <text text-anchor="start" x="333.115" y="-336.7" font-family="Times,serif" font-size="14.00" fill="#000000">(VSPs/ICs)</text> <polygon fill="#fed15d" stroke="transparent" stroke-width="2" points="277.5,-251.5 277.5,-326.5 452.5,-326.5 452.5,-251.5 277.5,-251.5"></polygon> <polygon fill="none" stroke="#000000" stroke-width="2" points="278.5,-252.5 278.5,-325.5 451.5,-325.5 451.5,-252.5 278.5,-252.5"></polygon> <text text-anchor="start" x="304.933" y="-309.9" font-family="Times,serif" font-size="14.00" fill="#000000">Windows Hypervisor</text> <text text-anchor="start" x="317.3951" y="-293.1" font-family="Times,serif" font-size="14.00" fill="#000000">Interface Library</text> <text text-anchor="start" x="339.7335" y="-259.5" font-family="Times,serif" font-size="14.00" fill="#000000">(WinHv)</text> <polygon fill="none" stroke="#000000" stroke-width="3" points="464,-246 464,-688 650,-688 650,-246 464,-246"></polygon> <polygon fill="#a52a2a" stroke="transparent" stroke-width="3" points="467.5,-249.5 467.5,-684.5 646.5,-684.5 646.5,-249.5 467.5,-249.5"></polygon> <text text-anchor="start" x="503.1483" y="-654.9" font-family="Times,serif" font-weight="bold" text-decoration="underline" font-size="14.00" fill="#000000">Enlightend (Linux)</text> <text text-anchor="start" x="510.331" y="-640.9" font-family="Times,serif" font-weight="bold" text-decoration="underline" font-size="14.00" fill="#000000">Child Partition 2</text> <polygon fill="#edf2f9" stroke="transparent" stroke-width="3" points="469.5,-590.5 469.5,-620.5 644.5,-620.5 644.5,-590.5 469.5,-590.5"></polygon> <polygon fill="none" stroke="#000000" stroke-width="2" points="470.5,-591.5 470.5,-619.5 643.5,-619.5 643.5,-591.5 470.5,-591.5"></polygon> <text text-anchor="start" x="506.2654" y="-601.3" font-family="Times,serif" font-size="14.00" fill="#000000">User Applications</text> <polygon fill="#f7de9c" stroke="transparent" stroke-width="2" points="469.5,-538.5 469.5,-588.5 644.5,-588.5 644.5,-538.5 469.5,-538.5"></polygon> <polygon fill="none" stroke="#000000" stroke-width="2" points="470.5,-539.5 470.5,-587.5 643.5,-587.5 643.5,-539.5 470.5,-539.5"></polygon> <text text-anchor="start" x="537.9565" y="-559.3" font-family="Times,serif" font-size="14.00" fill="#000000">Kernel</text> <polygon fill="#fed15d" stroke="transparent" stroke-width="2" points="469.5,-486.5 469.5,-536.5 644.5,-536.5 644.5,-486.5 469.5,-486.5"></polygon> <polygon fill="none" stroke="#000000" stroke-width="2" points="470.5,-487.5 470.5,-535.5 643.5,-535.5 643.5,-487.5 470.5,-487.5"></polygon> <text text-anchor="start" x="534.8338" y="-507.3" font-family="Times,serif" font-size="14.00" fill="#000000">VMBus</text> <polygon fill="#cccccc" stroke="transparent" stroke-width="2" points="469.5,-454.5 469.5,-484.5 644.5,-484.5 644.5,-454.5 469.5,-454.5"></polygon> <polygon fill="none" stroke="#000000" stroke-width="2" points="470.5,-455.5 470.5,-483.5 643.5,-483.5 643.5,-455.5 470.5,-455.5"></polygon> <text text-anchor="start" x="530.3699" y="-465.3" font-family="Times,serif" font-size="14.00" fill="#000000">I/O Stack</text> <polygon fill="#cccccc" stroke="transparent" stroke-width="2" points="469.5,-422.5 469.5,-452.5 644.5,-452.5 644.5,-422.5 469.5,-422.5"></polygon> <polygon fill="none" stroke="#000000" stroke-width="2" points="470.5,-423.5 470.5,-451.5 643.5,-451.5 643.5,-423.5 470.5,-423.5"></polygon> <text text-anchor="start" x="536.0112" y="-433.3" font-family="Times,serif" font-size="14.00" fill="#000000">Drivers</text> <polygon fill="#fed15d" stroke="transparent" stroke-width="2" points="469.5,-328.5 469.5,-420.5 644.5,-420.5 644.5,-328.5 469.5,-328.5"></polygon> <polygon fill="none" stroke="#000000" stroke-width="2" points="470.5,-329.5 470.5,-419.5 643.5,-419.5 643.5,-329.5 470.5,-329.5"></polygon> <text text-anchor="start" x="476.9123" y="-403.9" font-family="Times,serif" font-size="14.00" fill="#000000">Linux Virtualization Service</text> <text text-anchor="start" x="489.3478" y="-387.1" font-family="Times,serif" font-size="14.00" fill="#000000">Consumers / Integration</text> <text text-anchor="start" x="521.6115" y="-370.3" font-family="Times,serif" font-size="14.00" fill="#000000">Components</text> <text text-anchor="start" x="506.6434" y="-336.7" font-family="Times,serif" font-size="14.00" fill="#000000">(Linux VSPs/ICs)</text> <polygon fill="#fed15d" stroke="transparent" stroke-width="2" points="469.5,-251.5 469.5,-326.5 644.5,-326.5 644.5,-251.5 469.5,-251.5"></polygon> <polygon fill="none" stroke="#000000" stroke-width="2" points="470.5,-252.5 470.5,-325.5 643.5,-325.5 643.5,-252.5 470.5,-252.5"></polygon> <text text-anchor="start" x="507.0396" y="-309.9" font-family="Times,serif" font-size="14.00" fill="#000000">Linux Hypervisor</text> <text text-anchor="start" x="509.3951" y="-293.1" font-family="Times,serif" font-size="14.00" fill="#000000">Interface Library</text> <text text-anchor="start" x="527.0645" y="-259.5" font-family="Times,serif" font-size="14.00" fill="#000000">(LinuxHv)</text> <polygon fill="none" stroke="#000000" stroke-width="3" points="656,-246 656,-688 842,-688 842,-246 656,-246"></polygon> <polygon fill="#a52a2a" stroke="transparent" stroke-width="3" points="659.5,-249.5 659.5,-684.5 838.5,-684.5 838.5,-249.5 659.5,-249.5"></polygon> <text text-anchor="start" x="707.7889" y="-655.4" font-family="Times,serif" font-weight="bold" text-decoration="underline" font-size="14.00" fill="#000000">Unenlightened</text> <text text-anchor="start" x="702.331" y="-641.4" font-family="Times,serif" font-weight="bold" text-decoration="underline" font-size="14.00" fill="#000000">Child Partition 3</text> <polygon fill="#edf2f9" stroke="transparent" stroke-width="3" points="661.5,-588.5 661.5,-621.5 836.5,-621.5 836.5,-588.5 661.5,-588.5"></polygon> <polygon fill="none" stroke="#000000" stroke-width="2" points="662.5,-589.5 662.5,-620.5 835.5,-620.5 835.5,-589.5 662.5,-589.5"></polygon> <text text-anchor="start" x="698.2654" y="-600.8" font-family="Times,serif" font-size="14.00" fill="#000000">User Applications</text> <polygon fill="#f7de9c" stroke="transparent" stroke-width="2" points="661.5,-537.5 661.5,-586.5 836.5,-586.5 836.5,-537.5 661.5,-537.5"></polygon> <polygon fill="none" stroke="#000000" stroke-width="2" points="662.5,-538.5 662.5,-585.5 835.5,-585.5 835.5,-538.5 662.5,-538.5"></polygon> <text text-anchor="start" x="729.9565" y="-557.8" font-family="Times,serif" font-size="14.00" fill="#000000">Kernel</text> <polygon fill="#fed15d" stroke="transparent" stroke-width="2" points="661.5,-486.5 661.5,-535.5 836.5,-535.5 836.5,-486.5 661.5,-486.5"></polygon> <polygon fill="none" stroke="#000000" stroke-width="2" points="662.5,-487.5 662.5,-534.5 835.5,-534.5 835.5,-487.5 662.5,-487.5"></polygon> <text text-anchor="start" x="726.8338" y="-506.8" font-family="Times,serif" font-size="14.00" fill="#000000">VMBus</text> <polygon fill="#add8e6" stroke="transparent" points="11.5,-147.5 11.5,-241.5 846.5,-241.5 846.5,-147.5 11.5,-147.5"></polygon> <polygon fill="none" stroke="#000000" stroke-width="3" points="13,-149 13,-240 845,-240 845,-149 13,-149"></polygon> <text text-anchor="start" x="397.5112" y="-220.9" font-family="Times,serif" font-weight="bold" text-decoration="underline" font-size="14.00" fill="#000000">Hypervisor</text> <polygon fill="#e7e7e8" stroke="transparent" stroke-width="3" points="18.5,-154.5 18.5,-212.5 127.5,-212.5 127.5,-154.5 18.5,-154.5"></polygon> <polygon fill="none" stroke="#000000" stroke-width="2" points="19.5,-155.5 19.5,-211.5 126.5,-211.5 126.5,-155.5 19.5,-155.5"></polygon> <text text-anchor="start" x="42.6816" y="-179.3" font-family="Times,serif" font-size="14.00" fill="#000000">Hypercalls</text> <polygon fill="#e7e7e8" stroke="transparent" stroke-width="2" points="129.5,-154.5 129.5,-212.5 324.5,-212.5 324.5,-154.5 129.5,-154.5"></polygon> <polygon fill="none" stroke="#000000" stroke-width="2" points="130.5,-155.5 130.5,-211.5 323.5,-211.5 323.5,-155.5 130.5,-155.5"></polygon> <text text-anchor="start" x="153.5175" y="-187.7" font-family="Times,serif" font-size="14.00" fill="#000000">Memory Service Routines</text> <text text-anchor="start" x="204.8352" y="-170.9" font-family="Times,serif" font-size="14.00" fill="#000000">(MSRs)</text> <polygon fill="#e7e7e8" stroke="transparent" stroke-width="2" points="326.5,-154.5 326.5,-212.5 517.5,-212.5 517.5,-154.5 326.5,-154.5"></polygon> <polygon fill="none" stroke="#000000" stroke-width="2" points="327.5,-155.5 327.5,-211.5 516.5,-211.5 516.5,-155.5 327.5,-155.5"></polygon> <text text-anchor="start" x="350.6651" y="-195.9" font-family="Times,serif" font-size="14.00" fill="#000000">Advanced Programmable</text> <text text-anchor="start" x="365.2391" y="-179.1" font-family="Times,serif" font-size="14.00" fill="#000000"> Interrupt Controller</text> <text text-anchor="start" x="401.3962" y="-162.3" font-family="Times,serif" font-size="14.00" fill="#000000">(APIC)</text> <polygon fill="#e7e7e8" stroke="transparent" stroke-width="2" points="519.5,-154.5 519.5,-212.5 623.5,-212.5 623.5,-154.5 519.5,-154.5"></polygon> <polygon fill="none" stroke="#000000" stroke-width="2" points="520.5,-155.5 520.5,-211.5 622.5,-211.5 622.5,-155.5 520.5,-155.5"></polygon> <text text-anchor="start" x="543.5112" y="-179.3" font-family="Times,serif" font-size="14.00" fill="#000000">Scheduler</text> <polygon fill="#e7e7e8" stroke="transparent" stroke-width="2" points="625.5,-154.5 625.5,-212.5 740.5,-212.5 740.5,-154.5 625.5,-154.5"></polygon> <polygon fill="none" stroke="#000000" stroke-width="2" points="626.5,-155.5 626.5,-211.5 739.5,-211.5 739.5,-155.5 626.5,-155.5"></polygon> <text text-anchor="start" x="660.0645" y="-187.7" font-family="Times,serif" font-size="14.00" fill="#000000">Address</text> <text text-anchor="start" x="649.5652" y="-170.9" font-family="Times,serif" font-size="14.00" fill="#000000">Managment</text> <polygon fill="#e7e7e8" stroke="transparent" stroke-width="2" points="742.5,-154.5 742.5,-212.5 839.5,-212.5 839.5,-154.5 742.5,-154.5"></polygon> <polygon fill="none" stroke="#000000" stroke-width="2" points="743.5,-155.5 743.5,-211.5 838.5,-211.5 838.5,-155.5 743.5,-155.5"></polygon> <text text-anchor="start" x="766.8899" y="-187.7" font-family="Times,serif" font-size="14.00" fill="#000000">Partition</text> <text text-anchor="start" x="766.1255" y="-170.9" font-family="Times,serif" font-size="14.00" fill="#000000">Manager</text> <polygon fill="#c0c0c0" stroke="transparent" points="11.5,-84.5 11.5,-144.5 846.5,-144.5 846.5,-84.5 11.5,-84.5"></polygon> <polygon fill="none" stroke="#000000" stroke-width="3" points="13,-86 13,-143 845,-143 845,-86 13,-86"></polygon> <text text-anchor="start" x="280.3116" y="-123.9" font-family="Times,serif" font-weight="bold" text-decoration="underline" font-size="14.00" fill="#000000">Physical (Bare-Metal) Host</text> <text text-anchor="start" x="460.2542" y="-123.9" font-family="Times,serif" font-size="14.00" fill="#000000">( Intel-VT / AMD-V )</text> <polygon fill="#e7e7e8" stroke="transparent" stroke-width="3" points="18.5,-91.5 18.5,-115.5 181.5,-115.5 181.5,-91.5 18.5,-91.5"></polygon> <polygon fill="none" stroke="#000000" stroke-width="2" points="19.5,-92.5 19.5,-114.5 180.5,-114.5 180.5,-92.5 19.5,-92.5"></polygon> <text text-anchor="start" x="60.1546" y="-98.9" font-family="Times,serif" font-size="14.00" fill="#000000">Network Card</text> <polygon fill="#e7e7e8" stroke="transparent" stroke-width="2" points="183.5,-91.5 183.5,-115.5 299.5,-115.5 299.5,-91.5 183.5,-91.5"></polygon> <polygon fill="none" stroke="#000000" stroke-width="2" points="184.5,-92.5 184.5,-114.5 298.5,-114.5 298.5,-92.5 184.5,-92.5"></polygon> <text text-anchor="start" x="225.1648" y="-98.9" font-family="Times,serif" font-size="14.00" fill="#000000">CPUs</text> <polygon fill="#e7e7e8" stroke="transparent" stroke-width="2" points="301.5,-91.5 301.5,-115.5 430.5,-115.5 430.5,-91.5 301.5,-91.5"></polygon> <polygon fill="none" stroke="#000000" stroke-width="2" points="302.5,-92.5 302.5,-114.5 429.5,-114.5 429.5,-92.5 302.5,-92.5"></polygon> <text text-anchor="start" x="343.4572" y="-98.9" font-family="Times,serif" font-size="14.00" fill="#000000">Devices</text> <polygon fill="#e7e7e8" stroke="transparent" stroke-width="2" points="432.5,-91.5 432.5,-115.5 526.5,-115.5 526.5,-91.5 432.5,-91.5"></polygon> <polygon fill="none" stroke="#000000" stroke-width="2" points="433.5,-92.5 433.5,-114.5 525.5,-114.5 525.5,-92.5 433.5,-92.5"></polygon> <text text-anchor="start" x="474.25" y="-98.9" font-family="Times,serif" font-size="14.00" fill="#000000">...</text> <polygon fill="#e7e7e8" stroke="transparent" stroke-width="2" points="528.5,-91.5 528.5,-115.5 711.5,-115.5 711.5,-91.5 528.5,-91.5"></polygon> <polygon fill="none" stroke="#000000" stroke-width="2" points="529.5,-92.5 529.5,-114.5 710.5,-114.5 710.5,-92.5 529.5,-92.5"></polygon> <text text-anchor="start" x="570.426" y="-98.9" font-family="Times,serif" font-size="14.00" fill="#000000">Physical Memory</text> <polygon fill="#e7e7e8" stroke="transparent" stroke-width="2" points="713.5,-91.5 713.5,-115.5 839.5,-115.5 839.5,-91.5 713.5,-91.5"></polygon> <polygon fill="none" stroke="#000000" stroke-width="2" points="714.5,-92.5 714.5,-114.5 838.5,-114.5 838.5,-92.5 714.5,-92.5"></polygon> <text text-anchor="start" x="755.1185" y="-98.9" font-family="Times,serif" font-size="14.00" fill="#000000">Storage</text> </g> </g> </svg> </center> </figure> --- $$\def\sc#1{\dosc#1\csod} \def\dosc#1#2\csod{{\rm #1{\small #2}}}$$ <figure style="font-size:18px;margin:-50px;margin-top:-120px;height:100%"> <center> <figcaption style="margin-bottom:-20px"> $$ \Large\sc{KERNEL\ V.}\ \sc{USERSPACE}\\ ( \sc{ROOT\ V.\ CHILD\ PART} ) $$ </figcaption>  <svg width="625pt" height="" viewBox="0.00 0.00 1085.00 861.00" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"> <g id="graph0" class="graph" transform="scale(1 1) rotate(0) translate(4 857)"> <polygon fill="none" stroke="#000000" stroke-width="3" points="13,-44 13,-844 536,-844 536,-44 13,-44"></polygon> <polygon fill="#da70d6" stroke="transparent" stroke-width="3" points="16.5,-47.5 16.5,-840.5 532.5,-840.5 532.5,-47.5 16.5,-47.5"></polygon> <text text-anchor="start" x="235.0263" y="-810.3" font-family="Times,serif" font-weight="bold" text-decoration="underline" font-size="14.00" fill="#000000">Root Partition</text> <polygon fill="none" stroke="#000000" stroke-width="2" points="19.5,-510.5 19.5,-785.5 529.5,-785.5 529.5,-510.5 19.5,-510.5"></polygon> <polygon fill="#edf2f9" stroke="transparent" stroke-width="2" points="22.5,-513.5 22.5,-782.5 526.5,-782.5 526.5,-513.5 22.5,-513.5"></polygon> <text text-anchor="start" x="242.6269" y="-759.8" font-family="Times,serif" font-style="italic" text-decoration="underline" font-size="14.00" fill="#000000">User-Mode</text> <polygon fill="#a9b1cf" stroke="transparent" stroke-width="2" points="24.5,-683.5 24.5,-743.5 524.5,-743.5 524.5,-683.5 24.5,-683.5"></polygon> <polygon fill="none" stroke="#000000" stroke-width="2" points="25.5,-684.5 25.5,-742.5 523.5,-742.5 523.5,-684.5 25.5,-684.5"></polygon> <text text-anchor="start" x="223.7654" y="-709.3" font-family="Times,serif" font-size="14.00" fill="#000000">User Applications</text> <polygon fill="#aaadbc" stroke="transparent" stroke-width="2" points="24.5,-641.5 24.5,-681.5 524.5,-681.5 524.5,-641.5 24.5,-641.5"></polygon> <polygon fill="none" stroke="#000000" stroke-width="2" points="25.5,-642.5 25.5,-680.5 523.5,-680.5 523.5,-642.5 25.5,-642.5"></polygon> <text text-anchor="start" x="241.6462" y="-657.3" font-family="Times,serif" font-size="14.00" fill="#000000">VMMS.exe</text> <polygon fill="#aaadbc" stroke="transparent" stroke-width="2" points="24.5,-599.5 24.5,-639.5 524.5,-639.5 524.5,-599.5 24.5,-599.5"></polygon> <polygon fill="none" stroke="#000000" stroke-width="2" points="25.5,-600.5 25.5,-638.5 523.5,-638.5 523.5,-600.5 25.5,-600.5"></polygon> <text text-anchor="start" x="226.0936" y="-615.3" font-family="Times,serif" font-size="14.00" fill="#000000">VMCompute.exe</text> <polygon fill="#aaadbc" stroke="transparent" stroke-width="2" points="24.5,-557.5 24.5,-597.5 524.5,-597.5 524.5,-557.5 24.5,-557.5"></polygon> <polygon fill="none" stroke="#000000" stroke-width="2" points="25.5,-558.5 25.5,-596.5 523.5,-596.5 523.5,-558.5 25.5,-558.5"></polygon> <text text-anchor="start" x="236.9849" y="-573.3" font-family="Times,serif" font-size="14.00" fill="#000000">VMMem.exe</text> <polygon fill="#aaadbc" stroke="transparent" stroke-width="2" points="24.5,-515.5 24.5,-555.5 524.5,-555.5 524.5,-515.5 24.5,-515.5"></polygon> <polygon fill="none" stroke="#000000" stroke-width="2" points="25.5,-516.5 25.5,-554.5 523.5,-554.5 523.5,-516.5 25.5,-516.5"></polygon> <text text-anchor="start" x="241.2612" y="-531.3" font-family="Times,serif" font-size="14.00" fill="#000000">VMWP.exe</text> <polygon fill="none" stroke="#000000" stroke-width="2" points="19.5,-50.5 19.5,-506.5 529.5,-506.5 529.5,-50.5 19.5,-50.5"></polygon> <polygon fill="#f7de9c" stroke="transparent" stroke-width="2" points="22.5,-53.5 22.5,-503.5 526.5,-503.5 526.5,-53.5 22.5,-53.5"></polygon> <polygon fill="#f7de9c" stroke="transparent" stroke-width="2" points="26.5,-464.5 26.5,-499.5 522.5,-499.5 522.5,-464.5 26.5,-464.5"></polygon> <text text-anchor="start" x="236.7966" y="-478.8" font-family="Times,serif" font-style="italic" text-decoration="underline" font-size="14.00" fill="#000000">Kernel-Mode</text> <polygon fill="#eeb470" stroke="transparent" stroke-width="2" points="26.5,-400.5 26.5,-460.5 522.5,-460.5 522.5,-400.5 26.5,-400.5"></polygon> <polygon fill="none" stroke="#000000" points="26.5,-400.5 26.5,-460.5 522.5,-460.5 522.5,-400.5 26.5,-400.5"></polygon> <text text-anchor="start" x="229.791" y="-426.3" font-family="Times,serif" font-size="14.00" fill="#000000">Host OS Kernel</text> <polygon fill="#fed15d" stroke="transparent" points="26.5,-351.5 26.5,-396.5 522.5,-396.5 522.5,-351.5 26.5,-351.5"></polygon> <polygon fill="none" stroke="#000000" points="26.5,-351.5 26.5,-396.5 522.5,-396.5 522.5,-351.5 26.5,-351.5"></polygon> <text text-anchor="start" x="233.8643" y="-378.2" font-family="Times,serif" font-size="14.00" fill="#000000">VmSwitch.sys</text> <text text-anchor="start" x="185.2941" y="-361.4" font-family="Times,serif" font-size="14.00" fill="#000000">(Para-Virtualizaed Networking)</text> <polygon fill="#fed15d" stroke="transparent" points="26.5,-302.5 26.5,-347.5 522.5,-347.5 522.5,-302.5 26.5,-302.5"></polygon> <polygon fill="none" stroke="#000000" points="26.5,-302.5 26.5,-347.5 522.5,-347.5 522.5,-302.5 26.5,-302.5"></polygon> <text text-anchor="start" x="240.8629" y="-329.2" font-family="Times,serif" font-size="14.00" fill="#000000">StorVsp.sys</text> <text text-anchor="start" x="200.4547" y="-312.4" font-family="Times,serif" font-size="14.00" fill="#000000">(Para-Virtualized Storage)</text> <polygon fill="#fed15d" stroke="transparent" points="26.5,-253.5 26.5,-298.5 522.5,-298.5 522.5,-253.5 26.5,-253.5"></polygon> <polygon fill="none" stroke="#000000" points="26.5,-253.5 26.5,-298.5 522.5,-298.5 522.5,-253.5 26.5,-253.5"></polygon> <text text-anchor="start" x="238.5312" y="-280.2" font-family="Times,serif" font-size="14.00" fill="#000000">WinHvR.sys</text> <text text-anchor="start" x="190.9417" y="-263.4" font-family="Times,serif" font-size="14.00" fill="#000000">(Kernel Hypervisor Interface)</text> <polygon fill="#fed15d" stroke="transparent" points="26.5,-204.5 26.5,-249.5 522.5,-249.5 522.5,-204.5 26.5,-204.5"></polygon> <polygon fill="none" stroke="#000000" points="26.5,-204.5 26.5,-249.5 522.5,-249.5 522.5,-204.5 26.5,-204.5"></polygon> <text text-anchor="start" x="240.0859" y="-231.2" font-family="Times,serif" font-size="14.00" fill="#000000">vPciVsp.sys</text> <text text-anchor="start" x="210.9463" y="-214.4" font-family="Times,serif" font-size="14.00" fill="#000000">(Para-Virtualized PCI)</text> <polygon fill="#fed15d" stroke="transparent" points="26.5,-155.5 26.5,-200.5 522.5,-200.5 522.5,-155.5 26.5,-155.5"></polygon> <polygon fill="none" stroke="#000000" points="26.5,-155.5 26.5,-200.5 522.5,-200.5 522.5,-155.5 26.5,-155.5"></polygon> <text text-anchor="start" x="237.7479" y="-182.2" font-family="Times,serif" font-size="14.00" fill="#000000">VmBusR.sys</text> <text text-anchor="start" x="247.6732" y="-165.4" font-family="Times,serif" font-size="14.00" fill="#000000">(VMBus)</text> <polygon fill="#fed15d" stroke="transparent" points="26.5,-106.5 26.5,-151.5 522.5,-151.5 522.5,-106.5 26.5,-106.5"></polygon> <polygon fill="none" stroke="#000000" points="26.5,-106.5 26.5,-151.5 522.5,-151.5 522.5,-106.5 26.5,-106.5"></polygon> <text text-anchor="start" x="228.419" y="-133.2" font-family="Times,serif" font-size="14.00" fill="#000000">VmBKmclR.sys</text> <text text-anchor="start" x="166.6188" y="-116.4" font-family="Times,serif" font-size="14.00" fill="#000000">(VMBus Kernel-Mode Client Library)</text> <polygon fill="#fed15d" stroke="transparent" points="26.5,-57.5 26.5,-102.5 522.5,-102.5 522.5,-57.5 26.5,-57.5"></polygon> <polygon fill="none" stroke="#000000" points="26.5,-57.5 26.5,-102.5 522.5,-102.5 522.5,-57.5 26.5,-57.5"></polygon> <text text-anchor="start" x="253.3068" y="-84.2" font-family="Times,serif" font-size="14.00" fill="#000000">Vid.sys</text> <text text-anchor="start" x="171.1093" y="-67.4" font-family="Times,serif" font-size="14.00" fill="#000000">(Virtualization Infrastructure Driver)</text> <polygon fill="none" stroke="#000000" stroke-width="3" points="542,-44 542,-844 1065,-844 1065,-44 542,-44"></polygon> <polygon fill="#a52a2a" stroke="transparent" stroke-width="3" points="545.5,-47.5 545.5,-840.5 1061.5,-840.5 1061.5,-47.5 545.5,-47.5"></polygon> <text text-anchor="start" x="739.3422" y="-810.3" font-family="Times,serif" font-weight="bold" text-decoration="underline" font-size="14.00" fill="#000000">Child (Guest) Partition</text> <polygon fill="none" stroke="#000000" stroke-width="2" points="548.5,-514.5 548.5,-785.5 1058.5,-785.5 1058.5,-514.5 548.5,-514.5"></polygon> <polygon fill="#edf2f9" stroke="transparent" stroke-width="2" points="551.5,-517.5 551.5,-782.5 1055.5,-782.5 1055.5,-517.5 551.5,-517.5"></polygon> <text text-anchor="start" x="771.6269" y="-758.8" font-family="Times,serif" font-style="italic" text-decoration="underline" font-size="14.00" fill="#000000">User-Mode</text> <polygon fill="#a9b1cf" stroke="transparent" stroke-width="2" points="553.5,-519.5 553.5,-741.5 1053.5,-741.5 1053.5,-519.5 553.5,-519.5"></polygon> <polygon fill="none" stroke="#000000" stroke-width="2" points="554.5,-520.5 554.5,-740.5 1052.5,-740.5 1052.5,-520.5 554.5,-520.5"></polygon> <text text-anchor="start" x="752.7654" y="-626.3" font-family="Times,serif" font-size="14.00" fill="#000000">User Applications</text> <polygon fill="none" stroke="#000000" stroke-width="2" points="548.5,-50.5 548.5,-510.5 1058.5,-510.5 1058.5,-50.5 548.5,-50.5"></polygon> <polygon fill="#f7de9c" stroke="transparent" stroke-width="2" points="551.5,-53.5 551.5,-507.5 1055.5,-507.5 1055.5,-53.5 551.5,-53.5"></polygon> <polygon fill="#f7de9c" stroke="transparent" stroke-width="2" points="555.5,-467.5 555.5,-503.5 1051.5,-503.5 1051.5,-467.5 555.5,-467.5"></polygon> <text text-anchor="start" x="765.7966" y="-482.3" font-family="Times,serif" font-style="italic" text-decoration="underline" font-size="14.00" fill="#000000">Kernel-Mode</text> <polygon fill="#eeb470" stroke="transparent" stroke-width="2" points="555.5,-402.5 555.5,-463.5 1051.5,-463.5 1051.5,-402.5 555.5,-402.5"></polygon> <polygon fill="none" stroke="#000000" points="555.5,-402.5 555.5,-463.5 1051.5,-463.5 1051.5,-402.5 555.5,-402.5"></polygon> <text text-anchor="start" x="755.6837" y="-428.8" font-family="Times,serif" font-size="14.00" fill="#000000">Guest OS Kernel</text> <polygon fill="#fed15d" stroke="transparent" points="555.5,-352.5 555.5,-398.5 1051.5,-398.5 1051.5,-352.5 555.5,-352.5"></polygon> <polygon fill="none" stroke="#000000" points="555.5,-352.5 555.5,-398.5 1051.5,-398.5 1051.5,-352.5 555.5,-352.5"></polygon> <text text-anchor="start" x="769.0866" y="-379.7" font-family="Times,serif" font-size="14.00" fill="#000000">NetVSC.sys</text> <text text-anchor="start" x="714.2941" y="-362.9" font-family="Times,serif" font-size="14.00" fill="#000000">(Para-Virtualizaed Networking)</text> <polygon fill="#fed15d" stroke="transparent" points="555.5,-302.5 555.5,-348.5 1051.5,-348.5 1051.5,-302.5 555.5,-302.5"></polygon> <polygon fill="none" stroke="#000000" points="555.5,-302.5 555.5,-348.5 1051.5,-348.5 1051.5,-302.5 555.5,-302.5"></polygon> <text text-anchor="start" x="767.5256" y="-329.7" font-family="Times,serif" font-size="14.00" fill="#000000">StorVSC.sys</text> <text text-anchor="start" x="729.4547" y="-312.9" font-family="Times,serif" font-size="14.00" fill="#000000">(Para-Virtualized Storage)</text> <polygon fill="#fed15d" stroke="transparent" points="555.5,-253.5 555.5,-298.5 1051.5,-298.5 1051.5,-253.5 555.5,-253.5"></polygon> <polygon fill="none" stroke="#000000" points="555.5,-253.5 555.5,-298.5 1051.5,-298.5 1051.5,-253.5 555.5,-253.5"></polygon> <text text-anchor="start" x="770.6462" y="-280.2" font-family="Times,serif" font-size="14.00" fill="#000000">WinHV.sys</text> <text text-anchor="start" x="719.9417" y="-263.4" font-family="Times,serif" font-size="14.00" fill="#000000">(Kernel Hypervisor Interface)</text> <polygon fill="#fed15d" stroke="transparent" points="555.5,-204.5 555.5,-249.5 1051.5,-249.5 1051.5,-204.5 555.5,-204.5"></polygon> <polygon fill="none" stroke="#000000" points="555.5,-204.5 555.5,-249.5 1051.5,-249.5 1051.5,-204.5 555.5,-204.5"></polygon> <text text-anchor="start" x="778.4155" y="-231.2" font-family="Times,serif" font-size="14.00" fill="#000000">vPCI.sys</text> <text text-anchor="start" x="739.9463" y="-214.4" font-family="Times,serif" font-size="14.00" fill="#000000">(Para-Virtualized PCI)</text> <polygon fill="#fed15d" stroke="transparent" points="555.5,-155.5 555.5,-200.5 1051.5,-200.5 1051.5,-155.5 555.5,-155.5"></polygon> <polygon fill="none" stroke="#000000" points="555.5,-155.5 555.5,-200.5 1051.5,-200.5 1051.5,-155.5 555.5,-155.5"></polygon> <text text-anchor="start" x="770.6392" y="-182.2" font-family="Times,serif" font-size="14.00" fill="#000000">VMBus.sys</text> <text text-anchor="start" x="776.6732" y="-165.4" font-family="Times,serif" font-size="14.00" fill="#000000">(VMBus)</text> <polygon fill="#fed15d" stroke="transparent" points="555.5,-106.5 555.5,-151.5 1051.5,-151.5 1051.5,-106.5 555.5,-106.5"></polygon> <polygon fill="none" stroke="#000000" points="555.5,-106.5 555.5,-151.5 1051.5,-151.5 1051.5,-106.5 555.5,-106.5"></polygon> <text text-anchor="start" x="756.6413" y="-133.2" font-family="Times,serif" font-size="14.00" fill="#000000">VMBKMCL.sys</text> <text text-anchor="start" x="695.6188" y="-116.4" font-family="Times,serif" font-size="14.00" fill="#000000">(VMBus Kernel-Mode Client Library)</text> </g> </g> </svg> </center> </figure> --- ## Hyper-V: IPC All components communication via VMBus and/or Hypercalls --- #### Communication Channels: VMBus $$\def\sc#1{\dosc#1\csod} \def\dosc#1#2\csod{{\rm #1{\small #2}}}$$ <figure> <center> <figcaption style="font-size:18px"> $$ \sc{VM}\sc{Bus\ provides\ an\ IPC\ channel\ between}\\ \sc{Host\ and\ Guest\ -\ Implemented\ as\ a\ shared\ ring\ buffer} $$ </figcaption>  <svg width="512pt" height="307pt" viewBox="0.00 0.00 512.00 307.00" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"> <g id="graph0" class="graph" transform="scale(1 1) rotate(0) translate(4 303)"> <text text-anchor="start" x="351.1263" y="-6.4" font-family="Times,serif" font-size="14.00" fill="#000000"> </text>  <g id="node1" class="node"> <title>host_rb</title> <path fill="#0078d7" stroke="#000000" d="M12,-50.5C12,-50.5 132,-50.5 132,-50.5 138,-50.5 144,-56.5 144,-62.5 144,-62.5 144,-286.5 144,-286.5 144,-292.5 138,-298.5 132,-298.5 132,-298.5 12,-298.5 12,-298.5 6,-298.5 0,-292.5 0,-286.5 0,-286.5 0,-62.5 0,-62.5 0,-56.5 6,-50.5 12,-50.5"></path> <text text-anchor="middle" x="72" y="-281.9" font-family="Times,serif" font-size="14.00" fill="#000000">Host Ring Buffer</text> <polyline fill="none" stroke="#000000" points="0,-273.7 144,-273.7 "></polyline> <text text-anchor="middle" x="72" y="-257.1" font-family="Times,serif" font-size="14.00" fill="#000000">...</text> <polyline fill="none" stroke="#000000" points="0,-248.9 144,-248.9 "></polyline> <text text-anchor="middle" x="72" y="-232.3" font-family="Times,serif" font-size="14.00" fill="#000000">...</text> <polyline fill="none" stroke="#000000" points="0,-224.1 144,-224.1 "></polyline> <text text-anchor="middle" x="72" y="-207.5" font-family="Times,serif" font-size="14.00" fill="#000000">...</text> <polyline fill="none" stroke="#000000" points="0,-199.3 144,-199.3 "></polyline> <text text-anchor="middle" x="72" y="-182.7" font-family="Times,serif" font-size="14.00" fill="#000000">...</text> <polyline fill="none" stroke="#000000" points="0,-174.5 144,-174.5 "></polyline> <text text-anchor="middle" x="72" y="-157.9" font-family="Times,serif" font-size="14.00" fill="#000000">...</text> <polyline fill="none" stroke="#000000" points="0,-149.7 144,-149.7 "></polyline> <text text-anchor="middle" x="72" y="-133.1" font-family="Times,serif" font-size="14.00" fill="#000000">...</text> <polyline fill="none" stroke="#000000" points="0,-124.9 144,-124.9 "></polyline> <text text-anchor="middle" x="72" y="-108.3" font-family="Times,serif" font-size="14.00" fill="#000000">...</text> <polyline fill="none" stroke="#000000" points="0,-100.1 144,-100.1 "></polyline> <text text-anchor="middle" x="72" y="-83.5" font-family="Times,serif" font-size="14.00" fill="#000000">...</text> <polyline fill="none" stroke="#000000" points="0,-75.3 144,-75.3 "></polyline> <text text-anchor="middle" x="72" y="-58.7" font-family="Times,serif" font-size="14.00" fill="#000000">...</text> </g>  <g id="node3" class="node"> <title>sys_mem</title> <path fill="#add8e6" stroke="#000000" d="M192,-50.5C192,-50.5 312,-50.5 312,-50.5 318,-50.5 324,-56.5 324,-62.5 324,-62.5 324,-286.5 324,-286.5 324,-292.5 318,-298.5 312,-298.5 312,-298.5 192,-298.5 192,-298.5 186,-298.5 180,-292.5 180,-286.5 180,-286.5 180,-62.5 180,-62.5 180,-56.5 186,-50.5 192,-50.5"></path> <text text-anchor="middle" x="252" y="-281.9" font-family="Times,serif" font-size="14.00" fill="#000000">System Memory</text> <polyline fill="none" stroke="#000000" points="180,-273.7 324,-273.7 "></polyline> <text text-anchor="middle" x="252" y="-257.1" font-family="Times,serif" font-size="14.00" fill="#000000">...</text> <polyline fill="none" stroke="#000000" points="180,-248.9 324,-248.9 "></polyline> <text text-anchor="middle" x="252" y="-232.3" font-family="Times,serif" font-size="14.00" fill="#000000">0x01000</text> <polyline fill="none" stroke="#000000" points="180,-224.1 324,-224.1 "></polyline> <text text-anchor="middle" x="252" y="-207.5" font-family="Times,serif" font-size="14.00" fill="#000000">0x02000</text> <polyline fill="none" stroke="#000000" points="180,-199.3 324,-199.3 "></polyline> <text text-anchor="middle" x="252" y="-182.7" font-family="Times,serif" font-size="14.00" fill="#000000">0x03000</text> <polyline fill="none" stroke="#000000" points="180,-174.5 324,-174.5 "></polyline> <text text-anchor="middle" x="252" y="-157.9" font-family="Times,serif" font-size="14.00" fill="#000000">...</text> <polyline fill="none" stroke="#000000" points="180,-149.7 324,-149.7 "></polyline> <text text-anchor="middle" x="252" y="-133.1" font-family="Times,serif" font-size="14.00" fill="#000000">0x8f000</text> <polyline fill="none" stroke="#000000" points="180,-124.9 324,-124.9 "></polyline> <text text-anchor="middle" x="252" y="-108.3" font-family="Times,serif" font-size="14.00" fill="#000000">0x90000</text> <polyline fill="none" stroke="#000000" points="180,-100.1 324,-100.1 "></polyline> <text text-anchor="middle" x="252" y="-83.5" font-family="Times,serif" font-size="14.00" fill="#000000">0x91000</text> <polyline fill="none" stroke="#000000" points="180,-75.3 324,-75.3 "></polyline> <text text-anchor="middle" x="252" y="-58.7" font-family="Times,serif" font-size="14.00" fill="#000000">...</text> </g>  <g id="edge1" class="edge"> <title>host_rb:top->sys_mem:top</title> <path fill="none" stroke="#000000" stroke-width="2" stroke-dasharray="5,2" d="M144,-236.5C144,-236.5 180,-211.5 180,-211.5"></path> </g>  <g id="edge2" class="edge"> <title>host_rb:btm->sys_mem:btm</title> <path fill="none" stroke="#000000" stroke-width="2" stroke-dasharray="5,2" d="M144,-62.5C144,-62.5 180,-62.5 180,-62.5"></path> </g>  <g id="node2" class="node"> <title>guest_rb</title> <path fill="#0078d7" stroke="#000000" d="M372,-50.5C372,-50.5 492,-50.5 492,-50.5 498,-50.5 504,-56.5 504,-62.5 504,-62.5 504,-286.5 504,-286.5 504,-292.5 498,-298.5 492,-298.5 492,-298.5 372,-298.5 372,-298.5 366,-298.5 360,-292.5 360,-286.5 360,-286.5 360,-62.5 360,-62.5 360,-56.5 366,-50.5 372,-50.5"></path> <text text-anchor="middle" x="432" y="-281.9" font-family="Times,serif" font-size="14.00" fill="#000000">Guest Ring Buffer</text> <polyline fill="none" stroke="#000000" points="360,-273.7 504,-273.7 "></polyline> <text text-anchor="middle" x="432" y="-257.1" font-family="Times,serif" font-size="14.00" fill="#000000">...</text> <polyline fill="none" stroke="#000000" points="360,-248.9 504,-248.9 "></polyline> <text text-anchor="middle" x="432" y="-232.3" font-family="Times,serif" font-size="14.00" fill="#000000">...</text> <polyline fill="none" stroke="#000000" points="360,-224.1 504,-224.1 "></polyline> <text text-anchor="middle" x="432" y="-207.5" font-family="Times,serif" font-size="14.00" fill="#000000">...</text> <polyline fill="none" stroke="#000000" points="360,-199.3 504,-199.3 "></polyline> <text text-anchor="middle" x="432" y="-182.7" font-family="Times,serif" font-size="14.00" fill="#000000">...</text> <polyline fill="none" stroke="#000000" points="360,-174.5 504,-174.5 "></polyline> <text text-anchor="middle" x="432" y="-157.9" font-family="Times,serif" font-size="14.00" fill="#000000">...</text> <polyline fill="none" stroke="#000000" points="360,-149.7 504,-149.7 "></polyline> <text text-anchor="middle" x="432" y="-133.1" font-family="Times,serif" font-size="14.00" fill="#000000">...</text> <polyline fill="none" stroke="#000000" points="360,-124.9 504,-124.9 "></polyline> <text text-anchor="middle" x="432" y="-108.3" font-family="Times,serif" font-size="14.00" fill="#000000">...</text> <polyline fill="none" stroke="#000000" points="360,-100.1 504,-100.1 "></polyline> <text text-anchor="middle" x="432" y="-83.5" font-family="Times,serif" font-size="14.00" fill="#000000">...</text> <polyline fill="none" stroke="#000000" points="360,-75.3 504,-75.3 "></polyline> <text text-anchor="middle" x="432" y="-58.7" font-family="Times,serif" font-size="14.00" fill="#000000">...</text> </g>  <g id="edge3" class="edge"> <title>guest_rb:top->sys_mem:mid</title> <path fill="none" stroke="#000000" stroke-width="2" stroke-dasharray="5,2" d="M360,-236.5C360,-236.5 324,-137.5 324,-137.5"></path> </g>  <g id="edge4" class="edge"> <title>guest_rb:btm->sys_mem:btm</title> <path fill="none" stroke="#000000" stroke-width="2" stroke-dasharray="5,2" d="M360,-62.5C360,-62.5 324,-62.5 324,-62.5"></path> </g>   </g> </svg> </center></figure> --- #### Communication Channels: VMBus Paritions/Components interact with VMBus through one of three (3) abstraction layers: <center> VMBus Kernel-Mode Client Library (KMCL) - Used by VSPs - Architecture based on _callbacks_ (upon receive, trigger action) VMBus Pipes - Most common interface used via userspace - Service Components creates "channels" that allows interactions - File RW - I/O Completion VMBus Sockets - Modeled after TCP over VMBus with a transportation layer that's much simpler than IP - HvSock allows for communication between Host and Guests using BSD-style socket APIs - Byte-stream based communication mechanism </center> --- #### Communication Channels: Hypercall Interface <table border="0" cellborder="0" style="margin-top:-115px;margin-left:-100px;font-size:20pt;width:120%"> $$\def\sc#1{\dosc#1\csod} \def\dosc#1#2\csod{{\rm #1{\small #2}}}$$ <tr> <td colspan="2"><center> Allows code running under Hyper-V to call into the Hyper-V Kernel</center> $\hspace{6em}\Rightarrow$ Either for management tasks, such as creating new partitions, getting $\hspace{7em}$ tracing, debugging, and statistics information, installing intercepts, $\dots$ $\hspace{6em}\Rightarrow$ Or for inter-partition communication using ports $\hspace{6em}\Rightarrow$ Or for providing enlightenments for the Guest OS $\hspace{6em}\Rightarrow$ Can only be done by code running at $\sc{Ring}$ - $0$ </td> </tr> <tr> <td width="1"> Hypercalls can be simple or repeat $\hspace{0.5em}\Rightarrow$ _Simple_ calls perform a **single $\hspace{2em}$operation** with fixed-size input $\hspace{0.5em}\Rightarrow$ _Repeat_ calls perform **repeated $\hspace{2em}$operations** based on a starting $\hspace{2em}$index and count </td> <td width="1"> Three calling conventions $\Rightarrow$ Pass arguments in in/out data structure $\Rightarrow$ Pass arguments in x64 integer registers $\Rightarrow$ Pass arguments in x64 XMM vector registers </td></tr> </table> --- #### Communication Channels: Hypercall Interface Unfortunately, interacting with Hyper-V requires some knowledge of Windows driver development $\hspace{3em}\dots$ and, especially, PnP Driver Development --- ## Hyper-V: Exploitation Hyper-V Attack Surface: Perspective & Target $$\def\sc#1{\dosc#1\csod} \def\dosc#1#2\csod{{\rm #1{\small #2}}}$$ <table style="margin-top:-80px;margin-bottom:-40px" border="20"> <tr><td> $$ \sc{Ring-\Gamma}\ \ \Longrightarrow\ \begin{cases} \sc{Ring\ \ -}\ \ 0 \quad &\text{if} \,\ \Gamma \equiv 3 \\ \sc{Ring\ \ -}\ -1 \quad &\text{if} \,\ \Gamma \equiv 0 \end{cases} $$ </td></tr></table> <table style="font-size:32px;width:105%;"> <tr> <td width=""> <center> Guest ⇒ Host/Root (VMBus) </center> </td><td> <center> Guest ⇒ Hypervisor (Hypercalls) </center> </td> </tr> <tr> <td width=""> <center> Target: Root Partition $(\sc{Ring-0})$ </center> </td> <td> <center> Target: Hypervisor $(\sc{Ring--1})$ </center> </td> </tr> </table> --- ## Helpful Resources - [_Starting Hyper-V Research_ $\tiny(MSFT\ authored)$][start-research] - [_Hyper-V: Spec_ $\tiny(MSFT)$][spec] - [_Hyper-V: Fuzzing_ $\tiny(MSFT\ authored)$][fuzzing] - [_Hyper-V: Deep-dive_ $\tiny(MSFT\ authored)$][deepdive] - [_Hyper-V: IPC Internals_ $\tiny(SYSCAN\ '15)$][r0r1] - [_Hardening Hyper-V_ $\tiny(BHUS\ '18)$][hardening-hyper-v] [start-research]: https://msrc-blog.microsoft.com/2018/12/10/first-steps-in-hyper-v-research/ [spec]: https://docs.microsoft.com/en-us/virtualization/hyper-v-on-windows/reference/tlfs [deepdive]: https://raw.githubusercontent.com/microsoft/MSRC-Security-Research/master/presentations/2018_08_BlackHatUSA/A%20Dive%20in%20to%20Hyper-V%20Architecture%20and%20Vulnerabilities.pdf [r0r1]: https://raw.githubusercontent.com/tpn/pdfs/master/Ring%200%20to%20Ring-1%20Attacks%20-%20Hyper-V%20IPC%20Internals%20-%20Alex%20Ionescu%20(syscan2015).pdf [fuzzing]: https://msrc-blog.microsoft.com/2019/01/28/fuzzing-para-virtualized-devices-in-hyper-v/ [hardening-hyper-v]: https://i.blackhat.com/us-18/Thu-August-9/us-18-Rabet-Hardening-Hyper-V-Through-Offensive-Security-Research.pdf --- $\textit{fin}$