How does process switch take place in full virtualized VM?
I know that when a program inside a Virtual Machine full virtualized tries to execute a privileged instruction,since it is running in user mode, the "trap and emulate" occurs and so the Hypervisor running in the host machine takes the control of the CPU and emulates the privileged instruction since the privileged instruction requires to be executed in system mode but all the code in a VM (applications and kernel) is executed in user mode.
I was wondering what happens with contenxt switch inside a the VM between for instance two processes after that a time interrupt occurs and the scheduler routine must be executed. The scheduler should not be executed in system mode? So does the hypervisor take the control each time there is a switch between two processes within the VM?
I know that when a program inside a Virtual Machine full virtualized tries to execute a privileged instruction,since it is running in user mode, the "trap and emulate" occurs and so the Hypervisor running in the host machine takes the control of the CPU and emulates the privileged instruction since the privileged instruction requires to be executed in system mode but all the code in a VM (applications and kernel) is executed in user mode.
It depends a little on how the virtual machine in implemented (and which architecture); but "run guest kernel in user-mode" almost never happens. Most implementations either interpret and/or JIT compile the code (so the original guest code isn't executed directly) or uses hardware assisted virtualization (where guest kernel code is run at the highest privilege level but still traps to the hypervisor where needed). Part of the reason (at least for 80x86) is that some unprivileged instructions (e.g. SIDT
) would leak information from host without trapping.
I was wondering what happens with contenxt switch inside a the VM between for instance two processes after that a time interrupt occurs and the scheduler routine must be executed. The scheduler should not be executed in system mode? So does the hypervisor take the control each time there is a switch between two processes within the VM?
Typically it's lower level than that - e.g. the hypervisor only cares about things like switching from one virtual address space to another, using IO to talk to devices, etc.
If you break scheduling into multiple pieces (deciding which task to switch to, saving the previous task's state, switching virtual address space if necessary/if not a switch between threads belonging to the same process, loading the new task's state) you can say the hypervisor doesn't care about almost all of it (e.g. only cares about a single instruction out of a several hundred instructions).